From 5377496d8838d2bfa6e2aef2197d8dfe208446a9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 14 Apr 2026 00:02:05 +0000 Subject: [PATCH] build(deps): bump the python-minor group across 1 directory with 8 updates Bumps the python-minor group with 8 updates in the / directory: | Package | From | To | | --- | --- | --- | | [cryptography](https://github.com/pyca/cryptography) | `46.0.6` | `46.0.7` | | [pillow](https://github.com/python-pillow/Pillow) | `12.1.1` | `12.2.0` | | [pytest](https://github.com/pytest-dev/pytest) | `9.0.2` | `9.0.3` | | [hypothesis](https://github.com/HypothesisWorks/hypothesis) | `6.151.10` | `6.151.14` | | [mypy](https://github.com/python/mypy) | `1.19.1` | `1.20.1` | | [build](https://github.com/pypa/build) | `1.4.2` | `1.4.3` | | [werkzeug](https://github.com/pallets/werkzeug) | `3.1.7` | `3.1.8` | | [maturin](https://github.com/pyo3/maturin) | `1.12.6` | `1.13.1` | Updates `cryptography` from 46.0.6 to 46.0.7 - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pyca/cryptography/compare/46.0.6...46.0.7) Updates `pillow` from 12.1.1 to 12.2.0 - [Release notes](https://github.com/python-pillow/Pillow/releases) - [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst) - [Commits](https://github.com/python-pillow/Pillow/compare/12.1.1...12.2.0) Updates `pytest` from 9.0.2 to 9.0.3 - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pytest-dev/pytest/compare/9.0.2...9.0.3) Updates `hypothesis` from 6.151.10 to 6.151.14 - [Release notes](https://github.com/HypothesisWorks/hypothesis/releases) - [Commits](https://github.com/HypothesisWorks/hypothesis/compare/hypothesis-python-6.151.10...hypothesis-python-6.151.14) Updates `mypy` from 1.19.1 to 1.20.1 - [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md) - [Commits](https://github.com/python/mypy/compare/v1.19.1...v1.20.1) Updates `build` from 1.4.2 to 1.4.3 - [Release notes](https://github.com/pypa/build/releases) - [Changelog](https://github.com/pypa/build/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pypa/build/compare/1.4.2...1.4.3) Updates `werkzeug` from 3.1.7 to 3.1.8 - [Release notes](https://github.com/pallets/werkzeug/releases) - [Changelog](https://github.com/pallets/werkzeug/blob/main/CHANGES.rst) - [Commits](https://github.com/pallets/werkzeug/compare/3.1.7...3.1.8) Updates `maturin` from 1.12.6 to 1.13.1 - [Release notes](https://github.com/pyo3/maturin/releases) - [Changelog](https://github.com/PyO3/maturin/blob/main/Changelog.md) - [Commits](https://github.com/pyo3/maturin/compare/v1.12.6...v1.13.1) --- updated-dependencies: - dependency-name: cryptography dependency-version: 46.0.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-minor - dependency-name: pillow dependency-version: 12.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-minor - dependency-name: pytest dependency-version: 9.0.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-minor - dependency-name: hypothesis dependency-version: 6.151.14 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-minor - dependency-name: mypy dependency-version: 1.20.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-minor - dependency-name: build dependency-version: 1.4.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-minor - dependency-name: werkzeug dependency-version: 3.1.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-minor - dependency-name: maturin dependency-version: 1.13.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-minor ... Signed-off-by: dependabot[bot] --- requirements-ci.in | 12 ++++++------ web_demo/requirements.txt | 6 +++--- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/requirements-ci.in b/requirements-ci.in index 56c5c89..c591d5d 100644 --- a/requirements-ci.in +++ b/requirements-ci.in @@ -1,21 +1,21 @@ # CI tooling dependencies (pinned with hashes for supply chain security) # Regenerate lock: uv pip compile --generate-hashes requirements-ci.in -o requirements-ci.lock -pytest==9.0.2 +pytest==9.0.3 pytest-cov==7.1.0 -maturin==1.12.6 +maturin==1.13.1 coverage==7.13.5 flake8==7.3.0 black==26.3.1 -mypy==1.19.1 +mypy==1.20.1 bandit==1.9.4 -build==1.4.2 +build==1.4.3 atheris==3.0.0 python-afl==0.7.3 pip-audit==2.10.0 pip-licenses==5.5.5 cyclonedx-bom==7.3.0 toml==0.10.2 -hypothesis==6.151.10 -cryptography==46.0.6 +hypothesis==6.151.14 +cryptography==46.0.7 argon2-cffi==25.1.0 diff --git a/web_demo/requirements.txt b/web_demo/requirements.txt index 3e19bb3..2f60aad 100644 --- a/web_demo/requirements.txt +++ b/web_demo/requirements.txt @@ -1,11 +1,11 @@ Flask==3.1.3 -Pillow==12.1.1 +Pillow==12.2.0 qrcode[pil]==8.2 argon2-cffi==25.1.0 -cryptography==46.0.6 +cryptography==46.0.7 pyzbar==0.1.9 opencv-python==4.13.0.92 numpy>=1.24.0 -Werkzeug==3.1.7 +Werkzeug==3.1.8 # Note: imageio is NOT required (uses Pillow for GIF) # Note: No ffmpeg required (Python-only solution)