Skip to content

Bump the pip-deps group with 5 updates #596

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Bump the pip-deps group with 5 updates #596

wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 13, 2025
edited
Loading

Bumps the pip-deps group with 5 updates:

Package From To
requests 2.32.3 2.32.5
black 25.1.0 25.9.0
pylint 3.3.7 4.0.0
pre-commit 4.2.0 4.3.0
sphinx-sitemap 2.6.0 2.9.0

Updates requests from 2.32.3 to 2.32.5

Release notes

Sourced from requests's releases.

v2.32.5

2.32.5 (2025-08-18)

Bugfixes

  • The SSLContext caching feature originally introduced in 2.32.0 has created a new class of issues in Requests that have had negative impact across a number of use cases. The Requests team has decided to revert this feature as long term maintenance of it is proving to be unsustainable in its current iteration.

Deprecations

  • Added support for Python 3.14.
  • Dropped support for Python 3.8 following its end of support.

v2.32.4

2.32.4 (2025-06-10)

Security

  • CVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted environment will retrieve credentials for the wrong hostname/machine from a netrc file. (#6965)

Improvements

  • Numerous documentation improvements

Deprecations

  • Added support for pypy 3.11 for Linux and macOS. (#6926)
  • Dropped support for pypy 3.9 following its end of support. (#6926)
Changelog

Sourced from requests's changelog.

2.32.5 (2025-08-18)

Bugfixes

  • The SSLContext caching feature originally introduced in 2.32.0 has created a new class of issues in Requests that have had negative impact across a number of use cases. The Requests team has decided to revert this feature as long term maintenance of it is proving to be unsustainable in its current iteration.

Deprecations

  • Added support for Python 3.14.
  • Dropped support for Python 3.8 following its end of support.

2.32.4 (2025-06-10)

Security

  • CVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted environment will retrieve credentials for the wrong hostname/machine from a netrc file.

Improvements

  • Numerous documentation improvements

Deprecations

  • Added support for pypy 3.11 for Linux and macOS.
  • Dropped support for pypy 3.9 following its end of support.
Commits
  • b25c87d v2.32.5
  • 131e506 Merge pull request #7010 from psf/dependabot/github_actions/actions/checkout-...
  • b336cb2 Bump actions/checkout from 4.2.0 to 5.0.0
  • 46e939b Update publish workflow to use artifact-id instead of name
  • 4b9c546 Merge pull request #6999 from psf/dependabot/github_actions/step-security/har...
  • 7618dbe Bump step-security/harden-runner from 2.12.0 to 2.13.0
  • 2edca11 Add support for Python 3.14 and drop support for Python 3.8 (#6993)
  • fec96cd Update Makefile rules (#6996)
  • d58d8aa docs: clarify timeout parameter uses seconds in Session.request (#6994)
  • 91a3eab Bump github/codeql-action from 3.28.5 to 3.29.0
  • Additional commits viewable in compare view

Updates black from 25.1.0 to 25.9.0

Release notes

Sourced from black's releases.

25.9.0

Highlights

  • Remove support for pre-python 3.7 await/async as soft keywords/variable names (#4676)

Stable style

  • Fix crash while formatting a long del statement containing tuples (#4628)
  • Fix crash while formatting expressions using the walrus operator in complex with statements (#4630)
  • Handle # fmt: skip followed by a comment at the end of file (#4635)
  • Fix crash when a tuple appears in the as clause of a with statement (#4634)
  • Fix crash when tuple is used as a context manager inside a with statement (#4646)
  • Fix crash when formatting a \ followed by a \r followed by a comment (#4663)
  • Fix crash on a \\r\n (#4673)
  • Fix crash on await ... (where ... is a literal Ellipsis) (#4676)
  • Fix crash on parenthesized expression inside a type parameter bound (#4684)
  • Fix crash when using line ranges excluding indented single line decorated items (#4670)

Preview style

  • Fix a bug where one-liner functions/conditionals marked with # fmt: skip would still be formatted (#4552)
  • Improve multiline_string_handling with ternaries and dictionaries (#4657)
  • Fix a bug where string_processing would not split f-strings directly after expressions (#4680)
  • Wrap the in clause of comprehensions across lines if necessary (#4699)
  • Remove parentheses around multiple exception types in except and except* without as. (#4720)
  • Add \r style newlines to the potential newlines to normalize file newlines both from and to (#4710)

Parser

  • Rewrite tokenizer to improve performance and compliance (#4536)
  • Fix bug where certain unusual expressions (e.g., lambdas) were not accepted in type parameter bounds and defaults. (#4602)

Performance

  • Avoid using an extra process when running with only one worker (#4734)

Integrations

  • Fix the version check in the vim file to reject Python 3.8 (#4567)
  • Enhance GitHub Action psf/black to read Black version from an additional section in pyproject.toml: [project.dependency-groups] (#4606)
  • Build gallery docker image with python3-slim and reduce image size (#4686)

... (truncated)

Changelog

Sourced from black's changelog.

25.9.0

Highlights

  • Remove support for pre-python 3.7 await/async as soft keywords/variable names (#4676)

Stable style

  • Fix crash while formatting a long del statement containing tuples (#4628)
  • Fix crash while formatting expressions using the walrus operator in complex with statements (#4630)
  • Handle # fmt: skip followed by a comment at the end of file (#4635)
  • Fix crash when a tuple appears in the as clause of a with statement (#4634)
  • Fix crash when tuple is used as a context manager inside a with statement (#4646)
  • Fix crash when formatting a \ followed by a \r followed by a comment (#4663)
  • Fix crash on a \\r\n (#4673)
  • Fix crash on await ... (where ... is a literal Ellipsis) (#4676)
  • Fix crash on parenthesized expression inside a type parameter bound (#4684)
  • Fix crash when using line ranges excluding indented single line decorated items (#4670)

Preview style

  • Fix a bug where one-liner functions/conditionals marked with # fmt: skip would still be formatted (#4552)
  • Improve multiline_string_handling with ternaries and dictionaries (#4657)
  • Fix a bug where string_processing would not split f-strings directly after expressions (#4680)
  • Wrap the in clause of comprehensions across lines if necessary (#4699)
  • Remove parentheses around multiple exception types in except and except* without as. (#4720)
  • Add \r style newlines to the potential newlines to normalize file newlines both from and to (#4710)

Parser

  • Rewrite tokenizer to improve performance and compliance (#4536)
  • Fix bug where certain unusual expressions (e.g., lambdas) were not accepted in type parameter bounds and defaults. (#4602)

Performance

  • Avoid using an extra process when running with only one worker (#4734)

Integrations

  • Fix the version check in the vim file to reject Python 3.8 (#4567)
  • Enhance GitHub Action psf/black to read Black version from an additional section in pyproject.toml: [project.dependency-groups] (#4606)

... (truncated)

Commits

Updates pylint from 3.3.7 to 4.0.0

Commits
  • 0939ac5 Bump pylint to 4.0.0, update changelog
  • ea25969 [doc] Add linked references for message in old whatsnews (#10638)
  • 77c63d6 [refactor] Make pylint/config/_breaking_changes.py a package instead
  • 1c4c1e3 [refactor] Better typing for Information
  • e0e476e [config upgrade] Add option renaming for 'extension-pkg-whitelist'
  • c74a0f2 [refactor] Inline the information used only once
  • 6ce6032 Drop isort 4, and clean up the resulting code (#10641)
  • 7be0b8f Add mypy config for local tests (#10635)
  • 6f91463 Update astroid to 4.0.1 (#10633)
  • 91d57ad [contributor-txt] Upgrade the contributor aliases
  • Additional commits viewable in compare view

Updates pre-commit from 4.2.0 to 4.3.0

Release notes

Sourced from pre-commit's releases.

pre-commit v4.3.0

Features

Changelog

Sourced from pre-commit's changelog.

4.3.0 - 2025-08-09

Features

Commits
  • b74a22d v4.3.0
  • cc899de Merge pull request #3507 from bc-lee/dart-fix
  • 2a0bcea Downgrade Dart SDK version installed in the CI
  • f1cc7a4 Make Dart pre-commit hook compatible with the latest Dart SDKs
  • 72a3b71 Merge pull request #3504 from pre-commit/pre-commit-ci-update-config
  • c8925a4 [pre-commit.ci] pre-commit autoupdate
  • a5fe6c5 Merge pull request #3496 from ericphanson/eph/jl-startup
  • 6f1f433 Julia language: skip startup.jl file
  • c681721 Merge pull request #3499 from pre-commit/pre-commit-ci-update-config
  • 4fd4537 [pre-commit.ci] pre-commit autoupdate
  • Additional commits viewable in compare view

Updates sphinx-sitemap from 2.6.0 to 2.9.0

Release notes

Sourced from sphinx-sitemap's releases.

v2.9.0

What's Changed

New Contributors

Full Changelog: jdillard/sphinx-sitemap@v2.8.0...v2.9.0

v2.8.0

What's Changed

Full Changelog: jdillard/sphinx-sitemap@v2.7.2...v2.8.0

v2.7.2

What's Changed

Full Changelog: jdillard/sphinx-sitemap@v2.7.1...v2.7.2

v2.7.1

What's Changed

Full Changelog: jdillard/sphinx-sitemap@v2.7.0...v2.7.1

v2.7.0

What's Changed

New Contributors

Full Changelog: jdillard/sphinx-sitemap@v2.6.0...v2.7.0

Changelog

Sourced from sphinx-sitemap's changelog.

2.9.0

  • |:sparkles:| NEW: Add :confval:sitemap_indent configuration value to control XML indentation [#112](https://github.com/jdillard/sphinx-sitemap/issues/112) <https://github.com/jdillard/sphinx-sitemap/pull/112>_

2.8.0

  • |:sparkles:| NEW: Add support for wildcard patterns to :confval:sitemap_excludes [#113](https://github.com/jdillard/sphinx-sitemap/issues/113) <https://github.com/jdillard/sphinx-sitemap/pull/113>_

2.7.2

Release date: 2025-06-26

  • |:bug:| FIX: Change :confval:sitemap_show_lastmod to default of False

2.7.1

Release date: 2025-06-20

  • Remove support for Python 3.8

2.7.0

Release date: 2025-06-20

  • |:sparkles:| NEW: Add support for lastmod using sphinx-last-updated-by-git_ [#95](https://github.com/jdillard/sphinx-sitemap/issues/95) <https://github.com/jdillard/sphinx-sitemap/pull/95>_
Commits
  • 70fe479 Add a configuration value to indent the output (aka prettify output) (#112)
  • 96d0936 Bump actions/setup-python from 5 to 6 in the all-github-actions group (#116)
  • 2891693 [pre-commit.ci] pre-commit autoupdate (#115)
  • 03881d6 Bump actions/checkout from 4 to 5 in the all-github-actions group (#114)
  • 822c8c1 ✨ NEW: Add support for wildcard patterns to sitemap_excludes (#113)
  • 3fcffe6 clean up docs
  • 2e22578 Add highlights section to docs
  • 23ca34c Add demo to index.rst
  • fd065b6 Improve lastmod docs
  • 118a17c 🐛 FIX: Change sitemap_show_lastmod to default of False (#110)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
@dependabot
Bump the pip-deps group with 5 updates
5bcbc2b 
Bumps the pip-deps group with 5 updates: | Package | From | To | | --- | --- | --- | | [requests](https://github.com/psf/requests) | `2.32.3` | `2.32.5` | | [black](https://github.com/psf/black) | `25.1.0` | `25.9.0` | | [pylint](https://github.com/pylint-dev/pylint) | `3.3.7` | `4.0.0` | | [pre-commit](https://github.com/pre-commit/pre-commit) | `4.2.0` | `4.3.0` | | [sphinx-sitemap](https://github.com/jdillard/sphinx-sitemap) | `2.6.0` | `2.9.0` | Updates `requests` from 2.32.3 to 2.32.5 - [Release notes](https://github.com/psf/requests/releases) - [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md) - [Commits](psf/requests@v2.32.3...v2.32.5) Updates `black` from 25.1.0 to 25.9.0 - [Release notes](https://github.com/psf/black/releases) - [Changelog](https://github.com/psf/black/blob/main/CHANGES.md) - [Commits](psf/black@25.1.0...25.9.0) Updates `pylint` from 3.3.7 to 4.0.0 - [Release notes](https://github.com/pylint-dev/pylint/releases) - [Commits](pylint-dev/pylint@v3.3.7...v4.0.0) Updates `pre-commit` from 4.2.0 to 4.3.0 - [Release notes](https://github.com/pre-commit/pre-commit/releases) - [Changelog](https://github.com/pre-commit/pre-commit/blob/main/CHANGELOG.md) - [Commits](pre-commit/pre-commit@v4.2.0...v4.3.0) Updates `sphinx-sitemap` from 2.6.0 to 2.9.0 - [Release notes](https://github.com/jdillard/sphinx-sitemap/releases) - [Changelog](https://github.com/jdillard/sphinx-sitemap/blob/master/CHANGELOG.rst) - [Commits](jdillard/sphinx-sitemap@v2.6.0...v2.9.0) --- updated-dependencies: - dependency-name: requests dependency-version: 2.32.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: pip-deps - dependency-name: black dependency-version: 25.9.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: pip-deps - dependency-name: pylint dependency-version: 4.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: pip-deps - dependency-name: pre-commit dependency-version: 4.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: pip-deps - dependency-name: sphinx-sitemap dependency-version: 2.9.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: pip-deps ... Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Oct 13, 2025
This was referenced Oct 13, 2025
Closed
Closed
Closed
Closed
Closed
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Oct 13, 2025

Looks like these dependencies are no longer updatable, so this is no longer needed.
@dependabot dependabot bot closed this Oct 13, 2025
@dependabot dependabot bot deleted the dependabot/pip/pip-deps-1fe194a572 branch October 13, 2025 12:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

1 participant