chore(deps): bump the python-dependencies group across 1 directory with 30 updates#167
Closed
dependabot[bot] wants to merge 1 commit into
Closed
chore(deps): bump the python-dependencies group across 1 directory with 30 updates#167dependabot[bot] wants to merge 1 commit into
dependabot[bot] wants to merge 1 commit into
Conversation
…th 30 updates Updates the requirements on [mcp](https://github.com/modelcontextprotocol/python-sdk), [cryptography](https://github.com/pyca/cryptography), [filelock](https://github.com/tox-dev/py-filelock), [click](https://github.com/pallets/click), [python-multipart](https://github.com/Kludex/python-multipart), [fastapi](https://github.com/fastapi/fastapi), [uvicorn](https://github.com/Kludex/uvicorn), [langchain-core](https://github.com/langchain-ai/langchain), [crewai](https://github.com/crewAIInc/crewAI), [pytest](https://github.com/pytest-dev/pytest), [ruff](https://github.com/astral-sh/ruff), [pip-audit](https://github.com/pypa/pip-audit), [cyclonedx-bom](https://github.com/CycloneDX/cyclonedx-python), [anyio](https://github.com/agronholm/anyio), [bitarray](https://github.com/ilanschnell/bitarray), [certifi](https://github.com/certifi/python-certifi), [chardet](https://github.com/chardet/chardet), [coverage](https://github.com/coveragepy/coveragepy), [cyclonedx-python-lib](https://github.com/CycloneDX/cyclonedx-python-lib), [eth-keyfile](https://github.com/ethereum/eth-keyfile), [idna](https://github.com/kjd/idna), [msgpack](https://github.com/msgpack/msgpack-python), [packaging](https://github.com/pypa/packaging), [parsimonious](https://github.com/erikrose/parsimonious), [pydantic-core](https://github.com/pydantic/pydantic), [pydantic-settings](https://github.com/pydantic/pydantic-settings), [pywin32](https://github.com/mhammond/pywin32), [sse-starlette](https://github.com/sysid/sse-starlette), [typer](https://github.com/fastapi/typer) and [websockets](https://github.com/python-websockets/websockets) to permit the latest version. Updates `mcp` from 1.27.1 to 1.28.0 - [Release notes](https://github.com/modelcontextprotocol/python-sdk/releases) - [Changelog](https://github.com/modelcontextprotocol/python-sdk/blob/main/RELEASE.md) - [Commits](modelcontextprotocol/python-sdk@v1.27.1...v1.28.0) Updates `cryptography` from 48.0.1 to 49.0.0 - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](pyca/cryptography@48.0.1...49.0.0) Updates `filelock` from 3.29.0 to 3.29.4 - [Release notes](https://github.com/tox-dev/py-filelock/releases) - [Changelog](https://github.com/tox-dev/filelock/blob/main/docs/changelog.rst) - [Commits](tox-dev/filelock@3.29.0...3.29.4) Updates `click` from 8.4.1 to 8.4.2 - [Release notes](https://github.com/pallets/click/releases) - [Changelog](https://github.com/pallets/click/blob/main/CHANGES.md) - [Commits](pallets/click@8.4.1...8.4.2) Updates `python-multipart` from 0.0.31 to 0.0.32 - [Release notes](https://github.com/Kludex/python-multipart/releases) - [Changelog](https://github.com/Kludex/python-multipart/blob/main/CHANGELOG.md) - [Commits](Kludex/python-multipart@0.0.31...0.0.32) Updates `fastapi` from 0.136.3 to 0.138.0 - [Release notes](https://github.com/fastapi/fastapi/releases) - [Commits](fastapi/fastapi@0.136.3...0.138.0) Updates `uvicorn` from 0.48.0 to 0.49.0 - [Release notes](https://github.com/Kludex/uvicorn/releases) - [Changelog](https://github.com/Kludex/uvicorn/blob/main/docs/release-notes.md) - [Commits](Kludex/uvicorn@0.48.0...0.49.0) Updates `langchain-core` to 1.4.8 - [Release notes](https://github.com/langchain-ai/langchain/releases) - [Commits](langchain-ai/langchain@langchain-core==0.3.0...langchain-core==1.4.8) Updates `crewai` to 1.14.7 - [Release notes](https://github.com/crewAIInc/crewAI/releases) - [Commits](crewAIInc/crewAI@0.95.0...1.14.7) Updates `pytest` from 9.0.3 to 9.1.1 - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst) - [Commits](pytest-dev/pytest@9.0.3...9.1.1) Updates `ruff` from 0.15.14 to 0.15.19 - [Release notes](https://github.com/astral-sh/ruff/releases) - [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md) - [Commits](astral-sh/ruff@0.15.14...0.15.19) Updates `pip-audit` from 2.10.0 to 2.10.1 - [Release notes](https://github.com/pypa/pip-audit/releases) - [Changelog](https://github.com/pypa/pip-audit/blob/main/CHANGELOG.md) - [Commits](pypa/pip-audit@v2.10.0...v2.10.1) Updates `cyclonedx-bom` from 5.5.0 to 7.3.0 - [Release notes](https://github.com/CycloneDX/cyclonedx-python/releases) - [Changelog](https://github.com/CycloneDX/cyclonedx-python/blob/main/CHANGELOG.md) - [Commits](CycloneDX/cyclonedx-python@v5.5.0...v7.3.0) Updates `anyio` from 4.13.0 to 4.14.1 - [Release notes](https://github.com/agronholm/anyio/releases) - [Commits](agronholm/anyio@4.13.0...4.14.1) Updates `bitarray` from 3.8.1 to 3.8.2 - [Changelog](https://github.com/ilanschnell/bitarray/blob/master/doc/changelog.rst) - [Commits](ilanschnell/bitarray@3.8.1...3.8.2) Updates `certifi` from 2026.5.20 to 2026.6.17 - [Commits](certifi/python-certifi@2026.05.20...2026.06.17) Updates `chardet` from 5.2.0 to 7.4.3 - [Release notes](https://github.com/chardet/chardet/releases) - [Changelog](https://github.com/chardet/chardet/blob/main/docs/changelog.rst) - [Commits](chardet/chardet@5.2.0...7.4.3) Updates `coverage` from 7.14.1 to 7.14.3 - [Release notes](https://github.com/coveragepy/coveragepy/releases) - [Changelog](https://github.com/coveragepy/coveragepy/blob/main/CHANGES.rst) - [Commits](coveragepy/coveragepy@7.14.1...7.14.3) Updates `cyclonedx-python-lib` from 10.5.0 to 11.11.0 - [Release notes](https://github.com/CycloneDX/cyclonedx-python-lib/releases) - [Changelog](https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md) - [Commits](CycloneDX/cyclonedx-python-lib@v10.5.0...v11.11.0) Updates `eth-keyfile` from 0.8.1 to 0.9.1 - [Changelog](https://github.com/ApeWorX/eth-keyfile/blob/main/CHANGELOG.rst) - [Commits](ApeWorX/eth-keyfile@v0.8.1...v0.9.1) Updates `idna` from 3.16 to 3.18 - [Release notes](https://github.com/kjd/idna/releases) - [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.md) - [Commits](kjd/idna@v3.16...v3.18) Updates `msgpack` from 1.1.2 to 1.2.1 - [Release notes](https://github.com/msgpack/msgpack-python/releases) - [Changelog](https://github.com/msgpack/msgpack-python/blob/main/CHANGELOG.md) - [Commits](msgpack/msgpack-python@v1.1.2...v1.2.1) Updates `packaging` from 25.0 to 26.2 - [Release notes](https://github.com/pypa/packaging/releases) - [Changelog](https://github.com/pypa/packaging/blob/main/CHANGELOG.rst) - [Commits](pypa/packaging@25.0...26.2) Updates `parsimonious` from 0.10.0 to 0.11.0 - [Commits](https://github.com/erikrose/parsimonious/commits) Updates `pydantic-core` from 2.46.4 to 2.47.0 - [Release notes](https://github.com/pydantic/pydantic/releases) - [Changelog](https://github.com/pydantic/pydantic/blob/main/HISTORY.md) - [Commits](https://github.com/pydantic/pydantic/commits) Updates `pydantic-settings` from 2.14.1 to 2.14.2 - [Release notes](https://github.com/pydantic/pydantic-settings/releases) - [Commits](pydantic/pydantic-settings@v2.14.1...v2.14.2) Updates `pywin32` from 311 to 312 - [Release notes](https://github.com/mhammond/pywin32/releases) - [Changelog](https://github.com/mhammond/pywin32/blob/main/CHANGES.md) - [Commits](https://github.com/mhammond/pywin32/commits) Updates `sse-starlette` from 3.4.4 to 3.4.5 - [Release notes](https://github.com/sysid/sse-starlette/releases) - [Commits](sysid/sse-starlette@v3.4.4...v3.4.5) Updates `typer` from 0.26.2 to 0.26.7 - [Release notes](https://github.com/fastapi/typer/releases) - [Changelog](https://github.com/fastapi/typer/blob/master/docs/release-notes.md) - [Commits](fastapi/typer@0.26.2...0.26.7) Updates `websockets` from 15.0.1 to 16.0 - [Release notes](https://github.com/python-websockets/websockets/releases) - [Commits](python-websockets/websockets@15.0.1...16.0) --- updated-dependencies: - dependency-name: mcp dependency-version: 1.28.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-dependencies - dependency-name: cryptography dependency-version: 49.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: python-dependencies - dependency-name: filelock dependency-version: 3.29.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-dependencies - dependency-name: click dependency-version: 8.4.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-dependencies - dependency-name: python-multipart dependency-version: 0.0.32 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-dependencies - dependency-name: fastapi dependency-version: 0.138.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-dependencies - dependency-name: uvicorn dependency-version: 0.49.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-dependencies - dependency-name: langchain-core dependency-version: 1.4.8 dependency-type: direct:development dependency-group: python-dependencies - dependency-name: crewai dependency-version: 1.14.7 dependency-type: direct:development dependency-group: python-dependencies - dependency-name: pytest dependency-version: 9.1.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-dependencies - dependency-name: ruff dependency-version: 0.15.19 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-dependencies - dependency-name: pip-audit dependency-version: 2.10.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-dependencies - dependency-name: cyclonedx-bom dependency-version: 7.3.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: python-dependencies - dependency-name: anyio dependency-version: 4.14.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-dependencies - dependency-name: bitarray dependency-version: 3.8.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-dependencies - dependency-name: certifi dependency-version: 2026.6.17 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-dependencies - dependency-name: chardet dependency-version: 7.4.3 dependency-type: direct:production update-type: version-update:semver-major dependency-group: python-dependencies - dependency-name: coverage dependency-version: 7.14.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-dependencies - dependency-name: cyclonedx-python-lib dependency-version: 11.11.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: python-dependencies - dependency-name: eth-keyfile dependency-version: 0.9.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-dependencies - dependency-name: idna dependency-version: '3.18' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-dependencies - dependency-name: msgpack dependency-version: 1.2.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-dependencies - dependency-name: packaging dependency-version: '26.2' dependency-type: direct:production update-type: version-update:semver-major dependency-group: python-dependencies - dependency-name: parsimonious dependency-version: 0.11.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-dependencies - dependency-name: pydantic-core dependency-version: 2.47.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-dependencies - dependency-name: pydantic-settings dependency-version: 2.14.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-dependencies - dependency-name: pywin32 dependency-version: '312' dependency-type: direct:production update-type: version-update:semver-major dependency-group: python-dependencies - dependency-name: sse-starlette dependency-version: 3.4.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-dependencies - dependency-name: typer dependency-version: 0.26.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-dependencies - dependency-name: websockets dependency-version: '16.0' dependency-type: direct:production update-type: version-update:semver-major dependency-group: python-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>
Contributor
Author
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
Deploying attestix with
|
| Latest commit: |
8072e63
|
| Status: | ✅ Deploy successful! |
| Preview URL: | https://0c8f380a.attestix.pages.dev |
| Branch Preview URL: | https://dependabot-pip-python-depend-xnwr.attestix.pages.dev |
Contributor
Author
|
Looks like these dependencies are updatable in another way, so this is no longer needed. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Updates the requirements on mcp, cryptography, filelock, click, python-multipart, fastapi, uvicorn, langchain-core, crewai, pytest, ruff, pip-audit, cyclonedx-bom, anyio, bitarray, certifi, chardet, coverage, cyclonedx-python-lib, eth-keyfile, idna, msgpack, packaging, parsimonious, pydantic-core, pydantic-settings, pywin32, sse-starlette, typer and websockets to permit the latest version.
Updates
mcpfrom 1.27.1 to 1.28.0Release notes
Sourced from mcp's releases.
Commits
32d3290[v1.x] Pass a list to parametrize in test_docs_examples (pytest 9.1.0 compat)...0dca751[v1.x] Deflake the child process cleanup tests (#2839)52258a9[v1.x] Add a v2 status banner to the README (#2835)b8f4917[v1.x] Deprecate the WebSocket transport and the experimental tasks entry poi...2309e5efix: omit null optional fields from task result payloads (#2809)494eb11[v1.x] Support Python 3.14 (#2769)6213787[v1.x] Scope experimental tasks to the session that created them (#2720)ce267b6[v1.x] Bind transport sessions to the authenticated principal (#2719)1abcca2[v1.x] Add subject and claims to AccessToken (#2690)9773a3f[v1.x] ci: deploy docs to py.sdk.modelcontextprotocol.io via Pages artifact (...Updates
cryptographyfrom 48.0.1 to 49.0.0Changelog
Sourced from cryptography's changelog.
... (truncated)
Commits
e300bbebump version and changelog for 49.0.0 (#15030)fa74cd8Add external mu (message representative) support for ML-DSA (#14979)f594db3chore(deps): bump openssl from 0.10.80 to 0.10.81 (#15029)608e011chore(deps): bump openssl-sys from 0.9.116 to 0.9.117 (#15028)a322bc4chore(deps): bump cc from 1.2.63 to 1.2.64 (#15027)33181a7Reject critical nameConstraints extensions containing directoryName constrain...6080dc7Bump dependencies that dependabot isn't (#15026)121faa3chore(deps): bump virtualenv from 21.4.2 to 21.4.3 (#15023)829520bAdd more robust processing for DH parameters. (#15016)0f05001Bump downstream dependencies in CI (#15025)Updates
filelockfrom 3.29.0 to 3.29.4Release notes
Sourced from filelock's releases.
... (truncated)
Changelog
Sourced from filelock's changelog.
... (truncated)
Commits
f3c11c0Release 3.29.45d663eekeep the read/write heartbeat alive on a transient touch error (#562)406d0a2verify inode in break_lock_file before unlinking a stale lock (#561)85e73d7🐛 fix(ci): publish from release.yaml on tag push (#560)f86dcb1Release 3.29.3643bdbe🐛 fix(ci): restore release environment on tag job (#559)7a8f74avalidate pid range in _parse_lock_holder (#556)d1d49a0🔧 ci(release): publish to PyPI on tag push (#557)b37e162build(deps): bump astral-sh/setup-uv from 8.1.0 to 8.2.0 (#558)d9216deRelease 3.29.2Updates
clickfrom 8.4.1 to 8.4.2Changelog
Sourced from click's changelog.
Commits
b2e30a1Release version 8.4.27a16b20Fixpackage_nameresolution when module differs from distribution name (#3582)bec5928Fixpackage_nameresolution when top-level module differs from distribution...916883aFix tests to not rely on-Wdefaultoption (#3591)09195f6Fix double-bracketing of choices in synopsis (#3578)1557e26Check for warning exception with idiomatic context managerd9ff133Static typing improvements inclick.shell_completion(#3460)762c97eFix double-bracketing of choices in synopsis8929d39Convert changes to markdown. (#3559)237be50Move changes headings down a level.Updates
python-multipartfrom 0.0.31 to 0.0.32Release notes
Sourced from python-multipart's releases.
Changelog
Sourced from python-multipart's changelog.
Commits
238ead6Version 0.0.32 (#302)8672979Replace per-byte partial-boundary scan with rfind lookbehind (#300)8190779Bump the python-packages group with 7 updates (#301)0d3c086Use uv package ecosystem for Dependabot (#299)Updates
fastapifrom 0.136.3 to 0.138.0Release notes
Sourced from fastapi's releases.
... (truncated)
Commits
4b83b0d🔖 Release version 0.138.0 (#15808)041cb0c📝 Update release notes1039384📝 Fix typo in release notes (#15807)0303491📝 Update release notes190f6e2📝 Add Frontend instructions to Agent Library Skill (#15805)17945e5📝 Update release notes2260afa🐛 Fix failing test, update format for raised errors (#15804)0cd5001📝 Update release notes7cb1ab6👷 Fix test-alls-green (#15803)9c7eceb📝 Update release notesUpdates
uvicornfrom 0.48.0 to 0.49.0Release notes
Sourced from uvicorn's releases.
Changelog
Sourced from uvicorn's changelog.
Commits
3ef2e3eVersion 0.49.0 (#2973)eeb64b1Consume duplicate forwarding headers in ProxyHeadersMiddleware (#2971)630f4acMake the watchfiles reload tests deterministic (#2972)9154922chore(deps): bump the github-actions group across 1 directory with 6 updates ...739727aMigrate docs deploy from Cloudflare Pages to Workers (#2967)be4a240Gate docs preview deploy on Cloudflare token presence (#2966)c489d7eBump httptools minimum version to 0.8.0 (#2962)9f547bdSkip docs preview deploy for Dependabot PRs (#2961)44446b8Migrate documentation from MkDocs Material to Zensical (#2959)cfd659cBump pymdown-extensions to 10.21.3 (#2958)Updates
langchain-coreto 1.4.8Release notes
Sourced from langchain-core's releases.
Commits
15b0a49chore: bump jupyter-server from 2.18.0 to 2.20.0 in /libs/core (#38252)612139fchore: bump tornado from 6.5.6 to 6.5.7 in /libs/text-splitters (#38175)921e370chore: bump cryptography from 46.0.7 to 48.0.1 in /libs/langchain_v1 (#38176)1aabc26chore: bump aiohttp from 3.14.0 to 3.14.1 in /libs/langchain_v1 (#38179)8d51355chore: bump aiohttp from 3.14.0 to 3.14.1 in /libs/langchain (#38180)0b1b7bbchore: bump cryptography from 46.0.7 to 48.0.1 in /libs/langchain (#38181)dfd0627chore: bump starlette from 1.0.1 to 1.3.1 in /libs/langchain (#38182)0269392chore: bump tornado from 6.5.6 to 6.5.7 in /libs/langchain (#38183)24d0b37chore: bump tornado from 6.5.6 to 6.5.7 in /libs/core (#38184)f368854chore: bump bleach from 6.2.0 to 6.4.0 in /libs/text-splitters (#38195)Updates
crewaito 1.14.7Release notes
Sourced from crewai's releases.
Commits
21fa8e3docs: update changelog and version for v1.14.7f18c03cfeat: bump versions to 1.14.750b9c02fix(checkpoint): rebuild custom BaseLLM as concrete LLM on restorec55334bdocs: update changelog and version for v1.14.7rc205a2ba9feat: bump versions to 1.14.7rc2fbafe1ffix(flow): gate restore on a flag so live snapshots don't replay as resume5267c05test(flow): pass show=False in test_flow_plotting to not open a browser243c9eddocs: update changelog and version for v1.14.7rc168910b7feat: bump versions to 1.14.7rc12997827ci: ignore GHSA-rrmf-rvhw-rf47 (torch alias of PYSEC-2025-194)Updates
pytestfrom 9.0.3 to 9.1.1Release notes
Sourced from pytest's releases.
... (truncated)
Commits
cf470ecPrepare release version 9.1.1e0c8ce6Merge pull request #14625 from pytest-dev/patchback/backports/9.1.x/a07c31a97...1b82d16Merge pull request #14624 from pytest-dev/patchback/backports/9.1.x/b375b79ec...501c4bcMerge pull request #14596 from bluetech/doc-classmethodb61f588Merge pull request #14622 from chrisburr/fix-14608-initial-conftest-test-subdir9a567e0[automated] Update plugin list (#14617) (#14618)ef8b299Merge pull request #14620 from pytest-dev/patchback/backports/9.1.x/680f9f3ed...66abd07Merge pull request #14220 from bysiber/fix-stale-iexp-raisesgroup79fbf93Merge pull request #14612 from pytest-dev/patchback/backports/9.1.x/974ed48b6...0d312ebMerge pull request #14611 from bluetech/parametrize-argvalues-typingUpdates
rufffrom 0.15.14 to 0.15.19Release notes
Sourced from ruff's releases.