Skip to content

build(deps): bump the dependencies group across 1 directory with 9 updates#50

Closed
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/uv/dependencies-d9f8196e4a
Closed

build(deps): bump the dependencies group across 1 directory with 9 updates#50
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/uv/dependencies-d9f8196e4a

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jan 30, 2026

Copy link
Copy Markdown
Contributor

Bumps the dependencies group with 9 updates in the / directory:

Package From To
dateparser 1.2.1 1.2.2
requests 2.32.3 2.32.5
pandas-stubs 2.2.3.250527 2.3.3.260113
ruff 0.8.6 0.14.14
mypy 1.16.0 1.19.1
types-dateparser 1.2.0.20250516 1.2.2.20250809
types-requests 2.32.0.20250515 2.32.4.20260107
coverage 7.13.1 7.13.2
pytest-mock 3.14.1 3.15.1

Updates dateparser from 1.2.1 to 1.2.2

Release notes

Sourced from dateparser's releases.

Release v1.2.2

Fixes:

  • Handle the Russian preposition “с” (#1261)
  • Fix weekday search (#1274)

Improvements:

  • Add Python 3.14 support (#1273)
  • Cache timezone offsets to improve import time (#1250)
Changelog

Sourced from dateparser's changelog.

1.2.2 (2025-06-26)

Fixes:

  • Handle the Russian preposition “с” (#1261)
  • Fix weekday search (#1274)

Improvements:

  • Add Python 3.14 support (#1273)
  • Cache timezone offsets to improve import time (#1250)
Commits

Updates requests from 2.32.3 to 2.32.5

Release notes

Sourced from requests's releases.

v2.32.5

2.32.5 (2025-08-18)

Bugfixes

  • The SSLContext caching feature originally introduced in 2.32.0 has created a new class of issues in Requests that have had negative impact across a number of use cases. The Requests team has decided to revert this feature as long term maintenance of it is proving to be unsustainable in its current iteration.

Deprecations

  • Added support for Python 3.14.
  • Dropped support for Python 3.8 following its end of support.

v2.32.4

2.32.4 (2025-06-10)

Security

  • CVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted environment will retrieve credentials for the wrong hostname/machine from a netrc file. (#6965)

Improvements

  • Numerous documentation improvements

Deprecations

  • Added support for pypy 3.11 for Linux and macOS. (#6926)
  • Dropped support for pypy 3.9 following its end of support. (#6926)
Changelog

Sourced from requests's changelog.

2.32.5 (2025-08-18)

Bugfixes

  • The SSLContext caching feature originally introduced in 2.32.0 has created a new class of issues in Requests that have had negative impact across a number of use cases. The Requests team has decided to revert this feature as long term maintenance of it is proving to be unsustainable in its current iteration.

Deprecations

  • Added support for Python 3.14.
  • Dropped support for Python 3.8 following its end of support.

2.32.4 (2025-06-10)

Security

  • CVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted environment will retrieve credentials for the wrong hostname/machine from a netrc file.

Improvements

  • Numerous documentation improvements

Deprecations

  • Added support for pypy 3.11 for Linux and macOS.
  • Dropped support for pypy 3.9 following its end of support.
Commits
  • b25c87d v2.32.5
  • 131e506 Merge pull request #7010 from psf/dependabot/github_actions/actions/checkout-...
  • b336cb2 Bump actions/checkout from 4.2.0 to 5.0.0
  • 46e939b Update publish workflow to use artifact-id instead of name
  • 4b9c546 Merge pull request #6999 from psf/dependabot/github_actions/step-security/har...
  • 7618dbe Bump step-security/harden-runner from 2.12.0 to 2.13.0
  • 2edca11 Add support for Python 3.14 and drop support for Python 3.8 (#6993)
  • fec96cd Update Makefile rules (#6996)
  • d58d8aa docs: clarify timeout parameter uses seconds in Session.request (#6994)
  • 91a3eab Bump github/codeql-action from 3.28.5 to 3.29.0
  • Additional commits viewable in compare view

Updates pandas-stubs from 2.2.3.250527 to 2.3.3.260113

Commits

Updates ruff from 0.8.6 to 0.14.14

Release notes

Sourced from ruff's releases.

0.14.14

Release Notes

Released on 2026-01-22.

Preview features

  • Preserve required parentheses in lambda bodies (#22747)
  • Combine range suppression code diagnostics (#22613)
  • [airflow] Second positional argument to Asset/Dataset should not be a dictionary (AIR303) (#22453)
  • [ruff] Detect duplicate entries in __all__ (RUF068) (#22114)

Bug fixes

  • [pyupgrade] Allow shadowing non-builtin bindings (UP029) (#22749)
  • [pyupgrade] Apply UP045 to string arguments of typing.cast (#22320)
  • [flake8-pie] Detect duplicated declared class fields in PIE794 (#22717)

Rule changes

Documentation

  • Add --exit-non-zero-on-format to formatter exit codes section (#22761)
  • Update contributing guide for adding a new rule (#22779)
  • [FastAPI] Document fix safety for FAST001 (#22655)
  • [flake8-async] Tweak explanation to focus on latency/efficiency tradeoff (ASYNC110) (#22715)
  • [pandas-vet] Make example error out-of-the-box (PD002) (#22561)
  • [refurb] Make the example work out of box (FURB101) (#22770)
  • [refurb] Make the example work out of box (FURB103) (#22769)

Contributors

... (truncated)

Changelog

Sourced from ruff's changelog.

0.14.14

Released on 2026-01-22.

Preview features

  • Preserve required parentheses in lambda bodies (#22747)
  • Combine range suppression code diagnostics (#22613)
  • [airflow] Second positional argument to Asset/Dataset should not be a dictionary (AIR303) (#22453)
  • [ruff] Detect duplicate entries in __all__ (RUF068) (#22114)

Bug fixes

  • [pyupgrade] Allow shadowing non-builtin bindings (UP029) (#22749)
  • [pyupgrade] Apply UP045 to string arguments of typing.cast (#22320)
  • [flake8-pie] Detect duplicated declared class fields in PIE794 (#22717)

Rule changes

Documentation

  • Add --exit-non-zero-on-format to formatter exit codes section (#22761)
  • Update contributing guide for adding a new rule (#22779)
  • [FastAPI] Document fix safety for FAST001 (#22655)
  • [flake8-async] Tweak explanation to focus on latency/efficiency tradeoff (ASYNC110) (#22715)
  • [pandas-vet] Make example error out-of-the-box (PD002) (#22561)
  • [refurb] Make the example work out of box (FURB101) (#22770)
  • [refurb] Make the example work out of box (FURB103) (#22769)

Contributors

... (truncated)

Commits
  • 8b2e7b3 Prepare release v0.14.14 (#22813)
  • 4c7d1f5 [ty] Infer TypedDict types with >=1 required key as being always truthy (#2...
  • b7de434 add CCfW hooks (#22803)
  • b912dfc [pyupgrade] Apply UP045 to string arguments of typing.cast (#22320)
  • 1ff062d [ty] Improve completion rankings for raise-from/except contexts (#22775)
  • 7e408a5 Update dependency wrangler to v4.59.1 (#22793)
  • ceb876b [flake8-pyi] Fix inconsistent handling of forward references for __new__,...
  • c5b4ee6 [ty] Support solving generics involving PEP 695 type aliases (#22678)
  • b9a6129 [ty] Improve support for kwarg splats in dictionary literals (#22781)
  • f516d47 Update contributing guide for adding a new rule (#22779)
  • Additional commits viewable in compare view

Updates mypy from 1.16.0 to 1.19.1

Changelog

Sourced from mypy's changelog.

Mypy 1.19.1

  • Fix noncommutative joins with bounded TypeVars (Shantanu, PR 20345)
  • Respect output format for cached runs by serializing raw errors in cache metas (Ivan Levkivskyi, PR 20372)
  • Allow types.NoneType in match cases (A5rocks, PR 20383)
  • Fix mypyc generator regression with empty tuple (BobTheBuidler, PR 20371)
  • Fix crash involving Unpack-ed TypeVarTuple (Shantanu, PR 20323)
  • Fix crash on star import of redefinition (Ivan Levkivskyi, PR 20333)
  • Fix crash on typevar with forward ref used in other module (Ivan Levkivskyi, PR 20334)
  • Fail with an explicit error on PyPy (Ivan Levkivskyi, PR 20389)

Acknowledgements

Thanks to all mypy contributors who contributed to this release:

  • A5rocks
  • BobTheBuidler
  • bzoracler
  • Chainfire
  • Christoph Tyralla
  • David Foster
  • Frank Dana
  • Guo Ci
  • iap
  • Ivan Levkivskyi
  • James Hilton-Balfe
  • jhance
  • Joren Hammudoglu
  • Jukka Lehtosalo
  • KarelKenens
  • Kevin Kannammalil
  • Marc Mueller
  • Michael Carlstrom
  • Michael J. Sullivan
  • Piotr Sawicki
  • Randolf Scholz
  • Shantanu
  • Sigve Sebastian Farstad
  • sobolevn
  • Stanislav Terliakov
  • Stephen Morton
  • Theodore Ando
  • Thiago J. Barbalho
  • wyattscarpenter

I’d also like to thank my employer, Dropbox, for supporting mypy development.

Mypy 1.18

We’ve just uploaded mypy 1.18.1 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features, performance

... (truncated)

Commits

Updates types-dateparser from 1.2.0.20250516 to 1.2.2.20250809

Commits

Updates types-requests from 2.32.0.20250515 to 2.32.4.20260107

Commits

Updates coverage from 7.13.1 to 7.13.2

Changelog

Sourced from coverage's changelog.

Version 7.13.2 — 2026-01-25

  • Fix: when Python is installed via symlinks, for example with Homebrew, the standard library files could be incorrectly included in coverage reports. This is now fixed, closing issue 2115_.

  • Fix: if a data file is created with no read permissions, the combine step would fail completely. Now a warning is issued and the file is skipped. Closes issue 2117_.

.. _issue 2115: coveragepy/coveragepy#2115 .. _issue 2117: coveragepy/coveragepy#2117

.. _changes_7-13-1:

Commits
  • 513e971 docs: sample HTML for 7.13.2
  • 27a8230 docs: prep for 7.13.2
  • 27d8daa refactor: plural does more
  • a2f248c fix: stdlib might be through a symlink. #2115
  • bc52a22 debug: re-organize Matchers to show more of what they do
  • f338d81 debug: build is a tuple, don't show it on two lines
  • 92020e4 refactor(test): convert to parametrized
  • 6387d0a test: let (most) tests run with no network
  • 1d31e33 build: workflows sometimes need more than 10 min
  • 6294978 refactor: an error message is now uniform across versions
  • Additional commits viewable in compare view

Updates pytest-mock from 3.14.1 to 3.15.1

Release notes

Sourced from pytest-mock's releases.

v3.15.1

2025-09-16

  • #529: Fixed itertools._tee object has no attribute error -- now duplicate_iterators=True must be passed to mocker.spy to duplicate iterators.

v3.15.0

2025-09-04

  • Python 3.8 (EOL) is no longer supported.
  • #524: Added spy_return_iter to mocker.spy, which contains a duplicate of the return value of the spied method if it is an Iterator.
Changelog

Sourced from pytest-mock's changelog.

3.15.1

2025-09-16

  • [#529](https://github.com/pytest-dev/pytest-mock/issues/529) <https://github.com/pytest-dev/pytest-mock/issues/529>_: Fixed itertools._tee object has no attribute error -- now duplicate_iterators=True must be passed to mocker.spy to duplicate iterators.

3.15.0

2025-09-04

  • Python 3.8 (EOL) is no longer supported.
  • [#524](https://github.com/pytest-dev/pytest-mock/issues/524) <https://github.com/pytest-dev/pytest-mock/pull/524>_: Added spy_return_iter to mocker.spy, which contains a duplicate of the return value of the spied method if it is an Iterator.
Commits
  • e1b5c62 Release 3.15.1
  • 184eb19 Set spy_return_iter only when explicitly requested (#537)
  • 4fa0088 [pre-commit.ci] pre-commit autoupdate (#536)
  • f5aff33 Fix test failure with pytest 8+ and verbose mode (#535)
  • adc4187 Bump actions/setup-python from 5 to 6 in the github-actions group (#533)
  • 95ad570 [pre-commit.ci] pre-commit autoupdate (#532)
  • e696bf0 Fix standalone mock support (#531)
  • 5b29b03 Fix gen-release-notes script
  • 7d22ef4 Merge pull request #528 from pytest-dev/release-3.15.0
  • 90b29f8 Update CHANGELOG for 3.15.0
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

…dates

Bumps the dependencies group with 9 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [dateparser](https://github.com/scrapinghub/dateparser) | `1.2.1` | `1.2.2` |
| [requests](https://github.com/psf/requests) | `2.32.3` | `2.32.5` |
| [pandas-stubs](https://github.com/pandas-dev/pandas-stubs) | `2.2.3.250527` | `2.3.3.260113` |
| [ruff](https://github.com/astral-sh/ruff) | `0.8.6` | `0.14.14` |
| [mypy](https://github.com/python/mypy) | `1.16.0` | `1.19.1` |
| [types-dateparser](https://github.com/typeshed-internal/stub_uploader) | `1.2.0.20250516` | `1.2.2.20250809` |
| [types-requests](https://github.com/typeshed-internal/stub_uploader) | `2.32.0.20250515` | `2.32.4.20260107` |
| [coverage](https://github.com/coveragepy/coveragepy) | `7.13.1` | `7.13.2` |
| [pytest-mock](https://github.com/pytest-dev/pytest-mock) | `3.14.1` | `3.15.1` |



Updates `dateparser` from 1.2.1 to 1.2.2
- [Release notes](https://github.com/scrapinghub/dateparser/releases)
- [Changelog](https://github.com/scrapinghub/dateparser/blob/master/HISTORY.rst)
- [Commits](scrapinghub/dateparser@v1.2.1...v1.2.2)

Updates `requests` from 2.32.3 to 2.32.5
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](psf/requests@v2.32.3...v2.32.5)

Updates `pandas-stubs` from 2.2.3.250527 to 2.3.3.260113
- [Changelog](https://github.com/pandas-dev/pandas-stubs/blob/main/docs/release_procedure.md)
- [Commits](pandas-dev/pandas-stubs@v2.2.3.250527...v2.3.3.260113)

Updates `ruff` from 0.8.6 to 0.14.14
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.8.6...0.14.14)

Updates `mypy` from 1.16.0 to 1.19.1
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](python/mypy@v1.16.0...v1.19.1)

Updates `types-dateparser` from 1.2.0.20250516 to 1.2.2.20250809
- [Commits](https://github.com/typeshed-internal/stub_uploader/commits)

Updates `types-requests` from 2.32.0.20250515 to 2.32.4.20260107
- [Commits](https://github.com/typeshed-internal/stub_uploader/commits)

Updates `coverage` from 7.13.1 to 7.13.2
- [Release notes](https://github.com/coveragepy/coveragepy/releases)
- [Changelog](https://github.com/coveragepy/coveragepy/blob/main/CHANGES.rst)
- [Commits](coveragepy/coveragepy@7.13.1...7.13.2)

Updates `pytest-mock` from 3.14.1 to 3.15.1
- [Release notes](https://github.com/pytest-dev/pytest-mock/releases)
- [Changelog](https://github.com/pytest-dev/pytest-mock/blob/main/CHANGELOG.rst)
- [Commits](pytest-dev/pytest-mock@v3.14.1...v3.15.1)

---
updated-dependencies:
- dependency-name: dateparser
  dependency-version: 1.2.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: requests
  dependency-version: 2.32.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: pandas-stubs
  dependency-version: 2.3.3.260113
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: ruff
  dependency-version: 0.14.14
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: mypy
  dependency-version: 1.19.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: types-dateparser
  dependency-version: 1.2.2.20250809
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: types-requests
  dependency-version: 2.32.4.20260107
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: coverage
  dependency-version: 7.13.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: pytest-mock
  dependency-version: 3.15.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jan 30, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jan 30, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: python. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot requested a review from a team as a code owner January 30, 2026 17:18
@dependabot dependabot Bot requested a review from gregory-lvtx January 30, 2026 17:18
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jan 30, 2026
@dependabot @github

dependabot Bot commented on behalf of github Feb 6, 2026

Copy link
Copy Markdown
Contributor Author

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this Feb 6, 2026
@dependabot dependabot Bot deleted the dependabot/uv/dependencies-d9f8196e4a branch February 6, 2026 17:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants