Skip to content

Deps: Bump the python-packages group with 4 updates#199

Merged
greenbonebot merged 1 commit into
mainfrom
dependabot/pip/python-packages-555c0c179b
Apr 27, 2026
Merged

Deps: Bump the python-packages group with 4 updates#199
greenbonebot merged 1 commit into
mainfrom
dependabot/pip/python-packages-555c0c179b

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Apr 27, 2026

Copy link
Copy Markdown
Contributor

Bumps the python-packages group with 4 updates: certifi, idna, packaging and pathspec.

Updates certifi from 2026.2.25 to 2026.4.22

Commits
  • 5dddfb0 2026.04.22 (#410)
  • f99eccd Bump peter-evans/create-pull-request from 8.1.0 to 8.1.1 (#404)
  • 918bed0 Bump actions/upload-artifact from 7.0.0 to 7.0.1 (#405)
  • 0a49067 Bump pypa/gh-action-pypi-publish from 1.13.0 to 1.14.0 (#403)
  • acf6ce8 Bump actions/download-artifact from 8.0.0 to 8.0.1 (#398)
  • feb0ed2 Bump actions/download-artifact from 7.0.0 to 8.0.0 (#397)
  • d9c11a5 Bump actions/upload-artifact from 6.0.0 to 7.0.0 (#396)
  • See full diff in compare view

Updates idna from 3.11 to 3.13

Changelog

Sourced from idna's changelog.

3.13 (2026-04-22) +++++++++++++++++

  • Correct classification error for codepoint U+A7F1

3.12 (2026-04-21) +++++++++++++++++

  • Update to Unicode 17.0.0.
  • Issue a deprecation warning for the transitional argument.
  • Added lazy-loading to provide some performance improvements.
  • Removed vestiges of code related to Python 2 support, including segmentation of data structures specific to Jython.

Thanks to Rodrigo Nogueira for contributions to this release.

Commits
  • 89cdfd2 Release v3.13
  • 1eb0686 Pre-release 3.13
  • 5f20d1e Merge pull request #220 from kjd/unicode-next
  • 4ea8425 Regenerate idnadata.py with correct NFKC_CF data
  • fd47341 Use NFKC_CF from Unicode data files instead of Python's unicodedata module
  • a5304a4 Merge pull request #219 from kjd/release-3.12
  • d80d6f9 Release v3.12
  • 1bb44dd Merge pull request #218 from kjd/release-candidate-3.12rc0
  • 909c49d Release candidate for 3.12
  • c5459a1 Merge pull request #217 from kjd/housekeeping-2
  • Additional commits viewable in compare view

Updates packaging from 26.1 to 26.2

Release notes

Sourced from packaging's releases.

26.2

What's Changed

Fixes:

Documentation:

Internal:

New Contributors

Full Changelog: pypa/packaging@26.1...26.2

Changelog

Sourced from packaging's changelog.

26.2 - 2026-04-24


Fixes:
  • Fix incorrect sysconfig var name for pyemscripten in (:pull:1160)
  • Make Version, Specifier, SpecifierSet, Tag, Marker, and Requirement pickle-safe
    and backward-compatible with pickles created in 25.0-26.1 (including references to the removed
    packaging._structures module) (:pull:1163, :pull:1168, :pull:1170, :pull:1171)
  • Re-export ExceptionGroup in metadata for now in (:pull:1164)

Documentation:

  • Add errors section and fix missing details in (:pull:1159)
  • Document our property-based test suite in (:pull:1167)
  • Fix a DirectUrl typo in (:pull:1167)
  • Add example of is_unsatisfiable in (:pull:1166)

Internal:

  • Enable the auditor persona on zizmor in (:pull:1158)
  • Test new pickle guarantees in (:pull:1174)
  • Use new native ReadTheDocs uv integration in (:pull:1175)
Commits

Updates pathspec from 1.0.4 to 1.1.1

Release notes

Sourced from pathspec's releases.

v1.1.1

Release v1.1.1. See CHANGES.rst.

v1.1.0

Release v1.1.0. See CHANGES.rst.

Changelog

Sourced from pathspec's changelog.

1.1.1 (2026-04-26)

Improvements:

  • Improved type checking with mypy and pyright.

Bug fixes:

  • Fixed typing on PathSpec[TPattern] to PathSpec[TPattern_co].
  • Added missing variant type-hint type[Pattern] to PathSpec.from_lines() parameter pattern_factory.
  • Fixed possible type error when using + and += operators on PathSpec.

1.1.0 (2026-04-22)

New features:

  • Issue [#108](https://github.com/cpburnz/python-pathspec/issues/108)_: Specialize pattern type for PathSpec as PathSpec[TPattern] for better debugging of PathSpec().patterns.

Bug fixes:

  • Issue [#93](https://github.com/cpburnz/python-pathspec/issues/93)_: Git discards invalid range notation. GitIgnoreSpecPattern now discards patterns with invalid range notation like Git.
  • Pull [#106](https://github.com/cpburnz/python-pathspec/issues/106)_: Fix escape() not escaping backslash characters.

Improvements:

  • Pull [#110](https://github.com/cpburnz/python-pathspec/issues/110)_: Nicer debug print outs (and str for regex pattern).

.. _Pull [#106](https://github.com/cpburnz/python-pathspec/issues/106): cpburnz/python-pathspec#106 .. _Issue [#108](https://github.com/cpburnz/python-pathspec/issues/108): cpburnz/python-pathspec#108 .. _Pull [#110](https://github.com/cpburnz/python-pathspec/issues/110): cpburnz/python-pathspec#110

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the python-packages group with 4 updates: [certifi](https://github.com/certifi/python-certifi), [idna](https://github.com/kjd/idna), [packaging](https://github.com/pypa/packaging) and [pathspec](https://github.com/cpburnz/python-pathspec).


Updates `certifi` from 2026.2.25 to 2026.4.22
- [Commits](certifi/python-certifi@2026.02.25...2026.04.22)

Updates `idna` from 3.11 to 3.13
- [Release notes](https://github.com/kjd/idna/releases)
- [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst)
- [Commits](kjd/idna@v3.11...v3.13)

Updates `packaging` from 26.1 to 26.2
- [Release notes](https://github.com/pypa/packaging/releases)
- [Changelog](https://github.com/pypa/packaging/blob/main/CHANGELOG.rst)
- [Commits](pypa/packaging@26.1...26.2)

Updates `pathspec` from 1.0.4 to 1.1.1
- [Release notes](https://github.com/cpburnz/python-pathspec/releases)
- [Changelog](https://github.com/cpburnz/python-pathspec/blob/master/CHANGES.rst)
- [Commits](cpburnz/python-pathspec@v1.0.4...v1.1.1)

---
updated-dependencies:
- dependency-name: certifi
  dependency-version: 2026.4.22
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: python-packages
- dependency-name: idna
  dependency-version: '3.13'
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: python-packages
- dependency-name: packaging
  dependency-version: '26.2'
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: python-packages
- dependency-name: pathspec
  dependency-version: 1.1.1
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: python-packages
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Apr 27, 2026
@dependabot dependabot Bot requested a review from a team as a code owner April 27, 2026 04:11
@dependabot dependabot Bot added the python Pull requests that update Python code label Apr 27, 2026
@dependabot dependabot Bot requested a review from a team as a code owner April 27, 2026 04:11
@greenbonebot greenbonebot enabled auto-merge (rebase) April 27, 2026 04:11
@github-actions

Copy link
Copy Markdown

Conventional Commits Report

Type Number
Dependencies 1

🚀 Conventional commits found.

@greenbonebot greenbonebot merged commit f0cb9f5 into main Apr 27, 2026
22 checks passed
@greenbonebot greenbonebot deleted the dependabot/pip/python-packages-555c0c179b branch April 27, 2026 07:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants