Skip to content

chore(deps): bump the uv-version-updates group across 1 directory with 7 updates#33

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/uv/uv-version-updates-4744eba426
Open

chore(deps): bump the uv-version-updates group across 1 directory with 7 updates#33
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/uv/uv-version-updates-4744eba426

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 14, 2026
edited
Loading

Updates the requirements on python-dotenv, requests, pytest-cov, ruff, ty, django-stubs and setuptools to permit the latest version.
Updates python-dotenv from 1.2.1 to 1.2.2

Release notes

Sourced from python-dotenv's releases.

v1.2.2

Added

  • Support for Python 3.14, including the free-threaded (3.14t) build. (#)

Changed

  • The dotenv run command now forwards flags directly to the specified command by @​bbc2 in theskumar/python-dotenv#607
  • Improved documentation clarity regarding override behavior and the reference page.
  • Updated PyPy support to version 3.11.
  • Documentation for FIFO file support.
  • Support for Python 3.9.

Fixed

Breaking Changes

  • dotenv.set_key and dotenv.unset_key used to follow symlinks in some situations. This is no longer the case. For that behavior to be restored in all cases, follow_symlinks=True should be used.

  • In the CLI, set and unset used to follow symlinks in some situations. This is no longer the case.

  • dotenv.set_key, dotenv.unset_key and the CLI commands set and unset used to reset the file mode of the modified .env file to 0o600 in some situations. This is no longer the case: The original mode of the file is now preserved. Is the file needed to be created or wasn't a regular file, mode 0o600 is used.

Misc

New Contributors

Full Changelog: theskumar/python-dotenv@v1.2.1...v1.2.2

Changelog

Sourced from python-dotenv's changelog.

[1.2.2] - 2026-03-01

Added

  • Support for Python 3.14, including the free-threaded (3.14t) build. (#588)

Changed

  • The dotenv run command now forwards flags directly to the specified command by [@​bbc2] in #607
  • Improved documentation clarity regarding override behavior and the reference page.
  • Updated PyPy support to version 3.11.
  • Documentation for FIFO file support.
  • Dropped Support for Python 3.9.

Fixed

  • Improved set_key and unset_key behavior when interacting with symlinks by [@​bbc2] in [790c5c0]
  • Corrected the license specifier and added missing Python 3.14 classifiers in package metadata by [@​JYOuyang] in #590

Breaking Changes

  • dotenv.set_key and dotenv.unset_key used to follow symlinks in some situations. This is no longer the case. For that behavior to be restored in all cases, follow_symlinks=True should be used.

  • In the CLI, set and unset used to follow symlinks in some situations. This is no longer the case.

  • dotenv.set_key, dotenv.unset_key and the CLI commands set and unset used to reset the file mode of the modified .env file to 0o600 in some situations. This is no longer the case: The original mode of the file is now preserved. Is the file needed to be created or wasn't a regular file, mode 0o600 is used.

Commits

Updates requests from 2.33.0 to 2.33.1

Release notes

Sourced from requests's releases.

v2.33.1

2.33.1 (2026-03-30)

Bugfixes

  • Fixed test cleanup for CVE-2026-25645 to avoid leaving unnecessary files in the tmp directory. (#7305)
  • Fixed Content-Type header parsing for malformed values. (#7309)
  • Improved error consistency for malformed header values. (#7308)

New Contributors

Full Changelog: https://github.com/psf/requests/blob/main/HISTORY.md#2331-2026-03-30

Changelog

Sourced from requests's changelog.

2.33.1 (2026-03-30)

Bugfixes

  • Fixed test cleanup for CVE-2026-25645 to avoid leaving unnecessary files in the tmp directory. (#7305)
  • Fixed Content-Type header parsing for malformed values. (#7309)
  • Improved error consistency for malformed header values. (#7308)
Commits

Updates pytest-cov from 7.0.0 to 7.1.0

Changelog

Sourced from pytest-cov's changelog.

7.1.0 (2026-03-21)

  • Fixed total coverage computation to always be consistent, regardless of reporting settings. Previously some reports could produce different total counts, and consequently can make --cov-fail-under behave different depending on reporting options. See [#641](https://github.com/pytest-dev/pytest-cov/issues/641) <https://github.com/pytest-dev/pytest-cov/issues/641>_.

  • Improve handling of ResourceWarning from sqlite3.

    The plugin adds warning filter for sqlite3 ResourceWarning unclosed database (since 6.2.0). It checks if there is already existing plugin for this message by comparing filter regular expression. When filter is specified on command line the message is escaped and does not match an expected message. A check for an escaped regular expression is added to handle this case.

    With this fix one can suppress ResourceWarning from sqlite3 from command line::

    pytest -W "ignore:unclosed database in <sqlite3.Connection object at:ResourceWarning" ...

  • Various improvements to documentation. Contributed by Art Pelling in [#718](https://github.com/pytest-dev/pytest-cov/issues/718) <https://github.com/pytest-dev/pytest-cov/pull/718>_ and "vivodi" in [#738](https://github.com/pytest-dev/pytest-cov/issues/738) <https://github.com/pytest-dev/pytest-cov/pull/738>. Also closed [#736](https://github.com/pytest-dev/pytest-cov/issues/736) <https://github.com/pytest-dev/pytest-cov/issues/736>.

  • Fixed some assertions in tests. Contributed by in Markéta Machová in [#722](https://github.com/pytest-dev/pytest-cov/issues/722) <https://github.com/pytest-dev/pytest-cov/pull/722>_.

  • Removed unnecessary coverage configuration copying (meant as a backup because reporting commands had configuration side-effects before coverage 5.0).

Commits
  • 66c8a52 Bump version: 7.0.0 → 7.1.0
  • f707662 Make the examples use pypy 3.11.
  • 6049a78 Make context test use the old ctracer (seems the new sysmon tracer behaves di...
  • 8ebf20b Update changelog.
  • 861d30e Remove the backup context manager - shouldn't be needed since coverage 5.0, ...
  • fd4c956 Pass the precision on the nulled total (seems that there's some caching goion...
  • 78c9c4e Only run the 3.9 on older deps.
  • 4849a92 Punctuation.
  • 197c35e Update changelog and hopefully I don't forget to publish release again :))
  • 14dc1c9 Update examples to use 3.11 and make the adhoc layout example look a bit more...
  • Additional commits viewable in compare view

Updates ruff from 0.15.1 to 0.15.10

Release notes

Sourced from ruff's releases.

0.15.10

Release Notes

Released on 2026-04-09.

Preview features

  • [flake8-logging] Allow closures in except handlers (LOG004) (#24464)
  • [flake8-self] Make SLF diagnostics robust to non-self-named variables (#24281)
  • [flake8-simplify] Make the fix for collapsible-if safe in preview (SIM102) (#24371)

Bug fixes

  • Avoid emitting multi-line f-string elements before Python 3.12 (#24377)
  • Avoid syntax error from E502 fixes in f-strings and t-strings (#24410)
  • Strip form feeds from indent passed to dedent_to (#24381)
  • [pyupgrade] Fix panic caused by handling of octals (UP012) (#24390)
  • Reject multi-line f-string elements before Python 3.12 (#24355)

Rule changes

  • [ruff] Treat f-string interpolation as potential side effect (RUF019) (#24426)

Server

  • Add support for custom file extensions (#24463)

Documentation

  • Document adding fixes in CONTRIBUTING.md (#24393)
  • Fix JSON typo in settings example (#24517)

Contributors

Install ruff 0.15.10

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/ruff/releases/download/0.15.10/ruff-installer.sh | sh

... (truncated)

Changelog

Sourced from ruff's changelog.

Commits
  • 252f761 Bump 0.15.10 (#24519)
  • 37a1ec8 [ty] Fix assignability of intersections with bounded typevars (#24502)
  • f518cc9 [ty] Allow partially stringified type[…] annotations (#24518)
  • 16c4090 docs: fix JSON typo in settings example (#24517)
  • 99d97bd [ty] Tighten up a few edge cases in Concatenate type-expression parsing (#2...
  • 2714e34 [ty] Enable pull-diagnostics by default in E2E tests (#24516)
  • d8bc700 LSP: Add support for custom extensions (#24463)
  • a45f96d [ty] stop special-casing str constructor (#24514)
  • 87a0f01 [ruff] Treat f-string interpolation as potential side effect in RUF019 (#24426)
  • e9ba848 [ty] Fix excess subscript argument inference for non-generic types (#24354)
  • Additional commits viewable in compare view

Updates ty from 0.0.17 to 0.0.29

Release notes

Sourced from ty's releases.

0.0.29

Release Notes

Released on 2026-04-05.

Bug fixes

  • Avoid special-casing for dataclasses.field if it's not in field_specifiers (#24397)
  • Reject unsupported environment.python-version values in configuration files (#24402)
  • Respect supported lower bounds from requires-python (#24401)

Core type checking

  • Add support for types.new_class (#23144)
  • Fix PEP 695 type aliases in with statement (#24395)
  • Respect __new__ and metaclass __call__ return types (#24357)
  • Treat enum attributes with type annotations as members (#23776)

Contributors

Install ty 0.0.29

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/ty/releases/download/0.0.29/ty-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/ty/releases/download/0.0.29/ty-installer.ps1 | iex"

Download ty 0.0.29

File Platform Checksum
ty-aarch64-apple-darwin.tar.gz Apple Silicon macOS checksum
ty-x86_64-apple-darwin.tar.gz Intel macOS checksum
ty-aarch64-pc-windows-msvc.zip ARM64 Windows checksum
ty-i686-pc-windows-msvc.zip x86 Windows checksum
ty-x86_64-pc-windows-msvc.zip x64 Windows checksum
ty-aarch64-unknown-linux-gnu.tar.gz ARM64 Linux checksum
ty-i686-unknown-linux-gnu.tar.gz x86 Linux checksum
ty-powerpc64-unknown-linux-gnu.tar.gz PPC64 Linux checksum
ty-powerpc64le-unknown-linux-gnu.tar.gz PPC64LE Linux checksum

... (truncated)

Changelog

Sourced from ty's changelog.

0.0.29

Released on 2026-04-05.

Bug fixes

  • Avoid special-casing for dataclasses.field if it's not in field_specifiers (#24397)
  • Reject unsupported environment.python-version values in configuration files (#24402)
  • Respect supported lower bounds from requires-python (#24401)

Core type checking

  • Add support for types.new_class (#23144)
  • Fix PEP 695 type aliases in with statement (#24395)
  • Respect __new__ and metaclass __call__ return types (#24357)
  • Treat enum attributes with type annotations as members (#23776)

Contributors

0.0.28

Released on 2026-04-02.

Bug fixes

  • Mark loop header assignments as used to avoid false positives in "unused variable" diagnostics (#24336)

LSP server

  • Show constructor signature of classes when hovering over them (#24257)

Core type checking

  • Avoid emitting cascading diagnostics when parsing invalid type expressions (#24326)
  • Handle most "deep" mutual TypeVar constraints (#24079)
  • Improve consistency and quality of diagnostics relating to invalid type forms (#24325)
  • Improve robustness of various type-qualifier-related checks (#24251)
  • Infer the extra_items keyword argument to class-based TypedDicts as an annotation expression (#24362)
  • Use bidirectional inference to fix false positives on operations such as x: list[int | None] = [None] * 2 (#24197)
  • Sync vendored typeshed stubs (#24340). Typeshed diff
  • Tighten up validation of subscripts and attributes in type expressions (#24329)
  • Use infer_type_expression for parsing parameter annotations and return-type annotations (#24353)
  • Use infer_type_expression for validating PEP-613 type aliases (#24370)
  • Validate TypedDict fields when subclassing (#24338)
  • Validate type qualifiers in functional TypedDict fields and the extra_items keyword to functional TypedDicts (#24360)
  • Improve diagnostics for invalid functional TypedDicts (#24345)

... (truncated)

Commits

Updates django-stubs from 5.2.9 to 6.0.2

Commits
  • 44df163 Version 6.0.2 release (#3254)
  • 28eafd8 Update dependency mypy to >=1.13,<1.21 & fix tests (#3252)
  • 047a72f chore(deps): update dependency pyrefly to v0.59.0 (#3251)
  • f2ff7ca chore(deps): update dependency ty to v0.0.27 (#3249)
  • b73fe6e Use newer syntax and enable more mypy configuration options (#3203)
  • 925fbda Resolve .values() field types on annotated querysets (#3232)
  • 29e03bb Use getattr for field.attname with fallback to field.name (#3248)
  • 0867431 Bump pygments from 2.19.2 to 2.20.0 (#3246)
  • 1151636 [pre-commit.ci] pre-commit autoupdate (#3245)
  • 1f73fcf Disallow mutually exclusive arguments boolean and empty_value in admin `d...
  • Additional commits viewable in compare view

Updates setuptools to 82.0.1

Changelog

Sourced from setuptools's changelog.

v82.0.1

Bugfixes

  • Fix the loading of launcher manifest.xml file. (#5047)
  • Replaced deprecated json.__version__ with fixture in tests. (#5186)

Improved Documentation

  • Add advice about how to improve predictability when installing sdists. (#5168)

Misc

v82.0.0

Deprecations and Removals

  • pkg_resources has been removed from Setuptools. Most common uses of pkg_resources have been superseded by the importlib.resources <https://docs.python.org/3/library/importlib.resources.html>_ and importlib.metadata <https://docs.python.org/3/library/importlib.metadata.html>_ projects. Projects and environments relying on pkg_resources for namespace packages or other behavior should depend on older versions of setuptools. (#3085)

v81.0.0

Deprecations and Removals

  • Removed support for the --dry-run parameter to setup.py. This one feature by its nature threads through lots of core and ancillary functionality, adding complexity and friction. Removal of this parameter will help decouple the compiler functionality from distutils and thus the eventual full integration of distutils. These changes do affect some class and function signatures, so any derivative functionality may require some compatibility shims to support their expected interface. Please report any issues to the Setuptools project for investigation. (#4872)

v80.10.2

Bugfixes

  • Update vendored dependencies. (#5159)

Misc

... (truncated)

Commits
  • 5a13876 Bump version: 82.0.0 → 82.0.1
  • 51ab8f1 Avoid using (deprecated) 'json.version' in tests (#5194)
  • f9c37b2 Docs/CI: Fix intersphinx references (#5195)
  • 8173db2 Docs: Fix intersphinx references
  • 09bafbc Fix past tense on newsfragment
  • 461ea56 Add news fragment
  • c4ffe53 Avoid using (deprecated) 'json.version' in tests
  • 749258b Cleanup pkg_resources dependencies and configuration (#5175)
  • 2019c16 Parse ext-module.define-macros from pyproject.toml as list of tuples (#5169)
  • b809c86 Sync setuptools schema with validate-pyproject (#5157)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Apr 14, 2026
@dependabot
chore(deps): bump the uv-version-updates group across 1 directory wit…
c600193 
…h 7 updates

Updates the requirements on [python-dotenv](https://github.com/theskumar/python-dotenv), [requests](https://github.com/psf/requests), [pytest-cov](https://github.com/pytest-dev/pytest-cov), [ruff](https://github.com/astral-sh/ruff), [ty](https://github.com/astral-sh/ty), [django-stubs](https://github.com/typeddjango/django-stubs) and [setuptools](https://github.com/pypa/setuptools) to permit the latest version.

Updates `python-dotenv` from 1.2.1 to 1.2.2
- [Release notes](https://github.com/theskumar/python-dotenv/releases)
- [Changelog](https://github.com/theskumar/python-dotenv/blob/main/CHANGELOG.md)
- [Commits](theskumar/python-dotenv@v1.2.1...v1.2.2)

Updates `requests` from 2.33.0 to 2.33.1
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](psf/requests@v2.33.0...v2.33.1)

Updates `pytest-cov` from 7.0.0 to 7.1.0
- [Changelog](https://github.com/pytest-dev/pytest-cov/blob/master/CHANGELOG.rst)
- [Commits](pytest-dev/pytest-cov@v7.0.0...v7.1.0)

Updates `ruff` from 0.15.1 to 0.15.10
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.1...0.15.10)

Updates `ty` from 0.0.17 to 0.0.29
- [Release notes](https://github.com/astral-sh/ty/releases)
- [Changelog](https://github.com/astral-sh/ty/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ty@0.0.17...0.0.29)

Updates `django-stubs` from 5.2.9 to 6.0.2
- [Release notes](https://github.com/typeddjango/django-stubs/releases)
- [Commits](typeddjango/django-stubs@5.2.9...6.0.2)

Updates `setuptools` to 82.0.1
- [Release notes](https://github.com/pypa/setuptools/releases)
- [Changelog](https://github.com/pypa/setuptools/blob/main/NEWS.rst)
- [Commits](pypa/setuptools@v69.0.0...v82.0.1)

---
updated-dependencies:
- dependency-name: python-dotenv
  dependency-version: 1.2.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: uv-version-updates
- dependency-name: requests
  dependency-version: 2.33.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: uv-version-updates
- dependency-name: pytest-cov
  dependency-version: 7.1.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: uv-version-updates
- dependency-name: ruff
  dependency-version: 0.15.10
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: uv-version-updates
- dependency-name: ty
  dependency-version: 0.0.29
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: uv-version-updates
- dependency-name: django-stubs
  dependency-version: 6.0.2
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: uv-version-updates
- dependency-name: setuptools
  dependency-version: 82.0.1
  dependency-type: direct:development
  dependency-group: uv-version-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/uv/uv-version-updates-4744eba426 branch from 87ef6bf to c600193 Compare April 16, 2026 03:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants