Skip to content

build(deps): bump the dependencies group across 1 directory with 8 updates #3199

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: main
Choose a base branch
from
Open

build(deps): bump the dependencies group across 1 directory with 8 updates #3199

dependabot wants to merge 1 commit into from
+702 −504

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 22, 2025
edited
Loading

Bumps the dependencies group with 8 updates in the /py/deps directory:

Package From To
pyyaml 6.0.2 6.0.3
aiodocker 0.24.0 0.25.0
mypy 1.19.0 1.19.1
python-gnupg 0.4.4 0.5.5
sphinx 8.2.3 9.0.4
types-docutils 0.21.0.20250715 0.22.3.20251115
types-setuptools 80.9.0.20250822 80.9.0.20251221
wheel-inspect 1.7.2 1.8.0

Updates pyyaml from 6.0.2 to 6.0.3

Release notes

Sourced from pyyaml's releases.

6.0.3

What's Changed

  • Support for Python 3.14 and free-threading (experimental).

Full Changelog: yaml/pyyaml@6.0.2...6.0.3

Changelog

Sourced from pyyaml's changelog.

6.0.3 (2025-09-25)

  • yaml/pyyaml#864 -- Support for Python 3.14 and free-threading (experimental)
Commits

Updates pyyaml from 6.0.2 to 6.0.3

Release notes

Sourced from pyyaml's releases.

6.0.3

What's Changed

  • Support for Python 3.14 and free-threading (experimental).

Full Changelog: yaml/pyyaml@6.0.2...6.0.3

Changelog

Sourced from pyyaml's changelog.

6.0.3 (2025-09-25)

  • yaml/pyyaml#864 -- Support for Python 3.14 and free-threading (experimental)
Commits

Updates aiodocker from 0.24.0 to 0.25.0

Release notes

Sourced from aiodocker's releases.

0.25.0

Breaking Changes

  • Drop Python 3.9 support and add Python 3.14 support, updating dependencies such as aiohttp (minimum 3.8 to 3.10) and async-timeout (minimum to 5.0) for stdlib TaskGroup and timeout compatibility in Python 3.11+ (#976)
  • Replace **kwargs with explicit parameters in DockerContainer.{stop,restart,kill,delete}() methods, accepting t for server-side stop timeout and timeout for client-side request timeouts for consistency with other methods covered in the previous PRs #983 and #990; since this is a BREAKING CHANGE for those who have used the timeout argument for the DockerContainer.restart() method calls, the users should replace it with t to keep the intended semantics (#991)

Bug Fixes

  • Fix issue authenticating against private registries where the X-Registry-Auth header would require URL-safe substitutions. (#941)

New Features

  • Add support for Docker context endpoints with TLS, reading configuration from ~/.docker/contexts/ and respecting DOCKER_CONTEXT environment variable and SkipTLSVerify option. (#811)
  • Add SSH protocol support for secure connections to remote Docker instances via "ssh://" URLs with mandatory host key verification (#982)
  • Introduce the client-level timeout configuration which becomes the base timeout configuration while still allowing legacy individual per-API timeouts and merging it into the base timeout. Now setting individual float (total) timeout per-API call is HIGHLY DISCOURAGED in favor of composable timeouts via stdlib's asyncio.timeout() async context manager. (#983)

Miscellaneous

  • Improve the CI workflows to expand the test matrix for aiohttp 3.10/3.13 releases and let tests use the prebuilt artifact to ensure consistency with the release (#980)
  • Isolate the docker instance for swarm and service tests via a docker-in-docker compose stack to avoid affecting the user environment (#981)
  • Apply the default cooldown period (7 days) to the dependabot configuration (#984)
Changelog

Sourced from aiodocker's changelog.

0.25.0 (2025-12-20)

Breaking Changes

  • Drop Python 3.9 support and add Python 3.14 support, updating dependencies such as aiohttp (minimum 3.8 to 3.10) and async-timeout (minimum to 5.0) for stdlib TaskGroup and timeout compatibility in Python 3.11+ (#976)
  • Replace **kwargs with explicit parameters in DockerContainer.{stop,restart,kill,delete}() methods, accepting t for server-side stop timeout and timeout for client-side request timeouts for consistency with other methods covered in the previous PRs #983 and #990; since this is a BREAKING CHANGE for those who have used the timeout argument for the DockerContainer.restart() method calls, the users should replace it with t to keep the intended semantics (#991)

Bug Fixes

  • Fix issue authenticating against private registries where the X-Registry-Auth header would require URL-safe substitutions. (#941)

New Features

  • Add support for Docker context endpoints with TLS, reading configuration from ~/.docker/contexts/ and respecting DOCKER_CONTEXT environment variable and SkipTLSVerify option. (#811)
  • Add SSH protocol support for secure connections to remote Docker instances via "ssh://" URLs with mandatory host key verification (#982)
  • Introduce the client-level timeout configuration which becomes the base timeout configuration while still allowing legacy individual per-API timeouts and merging it into the base timeout. Now setting individual float (total) timeout per-API call is HIGHLY DISCOURAGED in favor of composable timeouts via stdlib's asyncio.timeout() async context manager. (#983)

Miscellaneous

  • Improve the CI workflows to expand the test matrix for aiohttp 3.10/3.13 releases and let tests use the prebuilt artifact to ensure consistency with the release (#980)
  • Isolate the docker instance for swarm and service tests via a docker-in-docker compose stack to avoid affecting the user environment (#981)
  • Apply the default cooldown period (7 days) to the dependabot configuration (#984)
Commits
  • 53cb286 ci: Update sigstore action to avoid using deprecated artifact actions
  • cf67541 Release v0.25.0
  • 872a9c2 Add missing consistent client timeout in DockerContainer.commit() (#992)
  • b2c0cd7 Even more consistent timeouts for all long-running APIs (#991)
  • 972d3e1 Make per-call and contextual timeout handling consistent across all long-runn...
  • d271832 Bump Ruff version in pre-commit-config
  • c2ddcfd Bump the ci group across 1 directory with 3 updates (#989)
  • ede0268 feat: add SSH support for remote Docker connections (#982)
  • b5f93e0 feat: Add context arg and docs for config precedence (#988)
  • e992db2 Add support for Docker context endpoints (#854)
  • Additional commits viewable in compare view

Updates mypy from 1.19.0 to 1.19.1

Changelog

Sourced from mypy's changelog.

Mypy 1.19.1

  • Fix noncommutative joins with bounded TypeVars (Shantanu, PR 20345)
  • Respect output format for cached runs by serializing raw errors in cache metas (Ivan Levkivskyi, PR 20372)
  • Allow types.NoneType in match cases (A5rocks, PR 20383)
  • Fix mypyc generator regression with empty tuple (BobTheBuidler, PR 20371)
  • Fix crash involving Unpack-ed TypeVarTuple (Shantanu, PR 20323)
  • Fix crash on star import of redefinition (Ivan Levkivskyi, PR 20333)
  • Fix crash on typevar with forward ref used in other module (Ivan Levkivskyi, PR 20334)
  • Fail with an explicit error on PyPy (Ivan Levkivskyi, PR 20389)

Acknowledgements

Thanks to all mypy contributors who contributed to this release:

  • A5rocks
  • BobTheBuidler
  • bzoracler
  • Chainfire
  • Christoph Tyralla
  • David Foster
  • Frank Dana
  • Guo Ci
  • iap
  • Ivan Levkivskyi
  • James Hilton-Balfe
  • jhance
  • Joren Hammudoglu
  • Jukka Lehtosalo
  • KarelKenens
  • Kevin Kannammalil
  • Marc Mueller
  • Michael Carlstrom
  • Michael J. Sullivan
  • Piotr Sawicki
  • Randolf Scholz
  • Shantanu
  • Sigve Sebastian Farstad
  • sobolevn
  • Stanislav Terliakov
  • Stephen Morton
  • Theodore Ando
  • Thiago J. Barbalho
  • wyattscarpenter

I’d also like to thank my employer, Dropbox, for supporting mypy development.

Mypy 1.18

We’ve just uploaded mypy 1.18.1 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features, performance

... (truncated)

Commits

Updates python-gnupg from 0.4.4 to 0.5.5

Release notes

Sourced from python-gnupg's releases.

Enhancement and bug-fix release 0.5.5

This is an enhancement and bug-fix release, and all users are encouraged to upgrade.

Brief summary:

  • Fix #249: Handle fetching GPG version when not the first item in the configuration.

  • Fix #250: Capture uid info in a uid_map attribute of ScanKeys/ListKeys.

  • Fix #255: Improve handling of exceptions raised in background threads.

This release has been signed with my code signing key:

Vinay Sajip (CODE SIGNING KEY) <vinay_sajip at yahoo.co.uk> Fingerprint: CA74 9061 914E AC13 8E66 EADB 9147 B477 339A 9B86

Enhancement and bug-fix release

This is an enhancement and bug-fix release, and all users are encouraged to upgrade.

Brief summary:

  • Fix #242: Handle exceptions in the on_data callable.

This release has been signed with my code signing key:

Vinay Sajip (CODE SIGNING KEY) <vinay_sajip at yahoo.co.uk> Fingerprint: CA74 9061 914E AC13 8E66 EADB 9147 B477 339A 9B86

Enhancement and bug-fix release

This is an enhancement and bug-fix release, and all users are encouraged to upgrade.

Brief summary:

  • Fix #117: Add WKD (Web Key Directory) support for auto-locating keys. Thanks to Myzel394 for the patch.

  • Fix #237: Ensure local variable is initialized even when an exception occurs.

  • Fix #239: Remove logging of decryption result.

This release has been signed with my code signing key:

Vinay Sajip (CODE SIGNING KEY) <vinay_sajip at yahoo.co.uk> Fingerprint: CA74 9061 914E AC13 8E66 EADB 9147 B477 339A 9B86

Enhancement and bug-fix release

This is an enhancement and bug-fix release, and all users are encouraged to upgrade.

Brief summary:

... (truncated)

Commits
  • 5f83627 Changes for 0.5.5.
  • e42cbbd Add more directories and file patterns to .gitignore.
  • 9818609 Add some directories to .gitignore.
  • a886e2f Add Python 3.13t to CI.
  • 0ed485f Correct typo in assertion message.
  • ee5c61e Removed pypy-2.7 from CI.
  • a83fb34 Change assertion.
  • b9f7723 Improve assertion message.
  • 19c3a3b Catch IOError (broken pipe) exception in one more place.
  • 1b086ac Catch IOError (broken pipe) exception.
  • Additional commits viewable in compare view

Updates pyyaml from 6.0.2 to 6.0.3

Release notes

Sourced from pyyaml's releases.

6.0.3

What's Changed

  • Support for Python 3.14 and free-threading (experimental).

Full Changelog: yaml/pyyaml@6.0.2...6.0.3

Changelog

Sourced from pyyaml's changelog.

6.0.3 (2025-09-25)

  • yaml/pyyaml#864 -- Support for Python 3.14 and free-threading (experimental)
Commits

Updates sphinx from 8.2.3 to 9.0.4

Release notes

Sourced from sphinx's releases.

Sphinx 9.0.4

Changelog: https://www.sphinx-doc.org/en/master/changes/9.0.html

Bugs fixed

  • #14143: Fix spurious build warnings when translators reorder references in strings, or use translated display text in references. Patch by Matt Wang.

Sphinx 9.0.3

Changelog: https://www.sphinx-doc.org/en/master/changes/9.0.html

Bugs fixed

  • #14142: autodoc: Restore some missing exports in sphinx.ext.autodoc. Patch by Adam Turner.

Sphinx 9.0.2

Changelog: https://www.sphinx-doc.org/en/master/changes/9.0.html

Bugs fixed

  • #14142: autodoc: Restore sphinx.ext.autodoc.mock. Patch by Adam Turner.

Sphinx 9.0.1

Changelog: https://www.sphinx-doc.org/en/master/changes/9.0.html

Bugs fixed

  • #13942: autodoc: Restore the mapping interface for options objects. Patch by Adam Turner.
  • #13942: autodoc: Deprecate the mapping interface for options objects. Patch by Adam Turner.
  • #13387: Update translations.

Sphinx 9.0.0

Changelog: https://www.sphinx-doc.org/en/master/changes/9.0.html

Dependencies

Incompatible changes

... (truncated)

Changelog

Sourced from sphinx's changelog.

Release 9.0.4 (released Dec 04, 2025)

Bugs fixed

  • #14143: Fix spurious build warnings when translators reorder references in strings, or use translated display text in references. Patch by Matt Wang.

Release 9.0.3 (released Dec 04, 2025)

Bugs fixed

  • #14142: autodoc: Restore some missing exports in :mod:!sphinx.ext.autodoc. Patch by Adam Turner.

Release 9.0.2 (released Dec 03, 2025)

Bugs fixed

  • #14142: autodoc: Restore :mod:!sphinx.ext.autodoc.mock. Patch by Adam Turner.

Release 9.0.1 (released Dec 01, 2025)

Bugs fixed

  • #13942: autodoc: Restore the mapping interface for options objects. Patch by Adam Turner.
  • #13942: autodoc: Deprecate the mapping interface for options objects. Patch by Adam Turner.
  • #13387: Update translations.

Release 9.0.0 (released Nov 30, 2025)

Dependencies

... (truncated)

Commits

Updates types-docutils from 0.21.0.20250715 to 0.22.3.20251115

Commits

Updates types-setuptools from 80.9.0.20250822 to 80.9.0.20251221

Commits

Updates wheel-inspect from 1.7.2 to 1.8.0

Release notes

Sourced from wheel-inspect's releases.

v1.8.0 — Stop re-exporting wheel-filename

  • Support Python 3.14
  • Drop support for Python 3.8 and 3.9
  • Update wheel-filename requirement to v2.0
  • Breaking: Stop re-exporting ParsedWheelFilename and parse_wheel_filename() from wheel-filename
Changelog

Sourced from wheel-inspect's changelog.

v1.8.0 (2025-12-21)

  • Support Python 3.14
  • Drop support for Python 3.8 and 3.9
  • Update wheel-filename requirement to v2.0
  • Breaking: Stop re-exporting ParsedWheelFilename and parse_wheel_filename() from wheel-filename
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Dec 22, 2025
@netlify
Copy link

netlify bot commented Dec 22, 2025
edited
Loading

Deploy Preview for nifty-bassi-e26446 ready!

Name Link
🔨 Latest commit f2a46c2
🔍 Latest deploy log https://app.netlify.com/projects/nifty-bassi-e26446/deploys/694dc9165ae4150008277f68
😎 Deploy Preview https://deploy-preview-3199--nifty-bassi-e26446.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.
@dependabot dependabot bot force-pushed the dependabot/pip/bazel/dependencies-45e51eda57 branch 2 times, most recently from 89421a4 to 25f6845 Compare December 24, 2025 23:31
@dependabot
build(deps): bump the dependencies group across 1 directory with 8 up…
f2a46c2 
…dates Bumps the dependencies group with 8 updates in the /py/deps directory: | Package | From | To | | --- | --- | --- | | [pyyaml](https://github.com/yaml/pyyaml) | `6.0.2` | `6.0.3` | | [aiodocker](https://github.com/aio-libs/aiodocker) | `0.24.0` | `0.25.0` | | [mypy](https://github.com/python/mypy) | `1.19.0` | `1.19.1` | | [python-gnupg](https://github.com/vsajip/python-gnupg) | `0.4.4` | `0.5.5` | | [sphinx](https://github.com/sphinx-doc/sphinx) | `8.2.3` | `9.0.4` | | [types-docutils](https://github.com/typeshed-internal/stub_uploader) | `0.21.0.20250715` | `0.22.3.20251115` | | [types-setuptools](https://github.com/typeshed-internal/stub_uploader) | `80.9.0.20250822` | `80.9.0.20251221` | | [wheel-inspect](https://github.com/wheelodex/wheel-inspect) | `1.7.2` | `1.8.0` | Updates `pyyaml` from 6.0.2 to 6.0.3 - [Release notes](https://github.com/yaml/pyyaml/releases) - [Changelog](https://github.com/yaml/pyyaml/blob/6.0.3/CHANGES) - [Commits](yaml/pyyaml@6.0.2...6.0.3) Updates `pyyaml` from 6.0.2 to 6.0.3 - [Release notes](https://github.com/yaml/pyyaml/releases) - [Changelog](https://github.com/yaml/pyyaml/blob/6.0.3/CHANGES) - [Commits](yaml/pyyaml@6.0.2...6.0.3) Updates `aiodocker` from 0.24.0 to 0.25.0 - [Release notes](https://github.com/aio-libs/aiodocker/releases) - [Changelog](https://github.com/aio-libs/aiodocker/blob/main/CHANGES.rst) - [Commits](aio-libs/aiodocker@v0.24.0...v0.25.0) Updates `mypy` from 1.19.0 to 1.19.1 - [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md) - [Commits](python/mypy@v1.19.0...v1.19.1) Updates `python-gnupg` from 0.4.4 to 0.5.5 - [Release notes](https://github.com/vsajip/python-gnupg/releases) - [Changelog](https://github.com/vsajip/python-gnupg/blob/master/release) - [Commits](vsajip/python-gnupg@0.4.4...0.5.5) Updates `pyyaml` from 6.0.2 to 6.0.3 - [Release notes](https://github.com/yaml/pyyaml/releases) - [Changelog](https://github.com/yaml/pyyaml/blob/6.0.3/CHANGES) - [Commits](yaml/pyyaml@6.0.2...6.0.3) Updates `sphinx` from 8.2.3 to 9.0.4 - [Release notes](https://github.com/sphinx-doc/sphinx/releases) - [Changelog](https://github.com/sphinx-doc/sphinx/blob/v9.0.4/CHANGES.rst) - [Commits](sphinx-doc/sphinx@v8.2.3...v9.0.4) Updates `types-docutils` from 0.21.0.20250715 to 0.22.3.20251115 - [Commits](https://github.com/typeshed-internal/stub_uploader/commits) Updates `types-setuptools` from 80.9.0.20250822 to 80.9.0.20251221 - [Commits](https://github.com/typeshed-internal/stub_uploader/commits) Updates `wheel-inspect` from 1.7.2 to 1.8.0 - [Release notes](https://github.com/wheelodex/wheel-inspect/releases) - [Changelog](https://github.com/wheelodex/wheel-inspect/blob/master/CHANGELOG.md) - [Commits](wheelodex/wheel-inspect@v1.7.2...v1.8.0) --- updated-dependencies: - dependency-name: pyyaml dependency-version: 6.0.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: pyyaml dependency-version: 6.0.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: aiodocker dependency-version: 0.25.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: mypy dependency-version: 1.19.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: python-gnupg dependency-version: 0.5.5 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: pyyaml dependency-version: 6.0.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: sphinx dependency-version: 9.0.4 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: types-docutils dependency-version: 0.22.3.20251115 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: types-setuptools dependency-version: 80.9.0.20251221 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: wheel-inspect dependency-version: 1.8.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies ... Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/pip/bazel/dependencies-45e51eda57 branch from 25f6845 to f2a46c2 Compare December 25, 2025 23:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

1 participant