build(deps): bump the uv group across 1 directory with 8 updates#89
Merged
Conversation
Bumps the uv group with 8 updates in the /pywry directory: | Package | From | To | | --- | --- | --- | | [pydantic-settings](https://github.com/pydantic/pydantic-settings) | `2.14.1` | `2.14.2` | | [joserfc](https://github.com/authlib/joserfc) | `1.6.4` | `1.6.7` | | [langgraph-checkpoint](https://github.com/langchain-ai/langgraph) | `4.0.2` | `4.1.1` | | [langgraph-sdk](https://github.com/langchain-ai/langgraph) | `0.3.13` | `0.3.15` | | [langsmith](https://github.com/langchain-ai/langsmith-sdk) | `0.8.0` | `0.8.18` | | [python-multipart](https://github.com/Kludex/python-multipart) | `0.0.27` | `0.0.31` | | [starlette](https://github.com/Kludex/starlette) | `1.0.1` | `1.3.1` | | [tornado](https://github.com/tornadoweb/tornado) | `6.5.6` | `6.5.7` | Updates `pydantic-settings` from 2.14.1 to 2.14.2 - [Release notes](https://github.com/pydantic/pydantic-settings/releases) - [Commits](pydantic/pydantic-settings@v2.14.1...v2.14.2) Updates `joserfc` from 1.6.4 to 1.6.7 - [Release notes](https://github.com/authlib/joserfc/releases) - [Changelog](https://github.com/authlib/joserfc/blob/main/docs/changelog.rst) - [Commits](authlib/joserfc@1.6.4...1.6.7) Updates `langgraph-checkpoint` from 4.0.2 to 4.1.1 - [Release notes](https://github.com/langchain-ai/langgraph/releases) - [Commits](langchain-ai/langgraph@checkpoint==4.0.2...checkpoint==4.1.1) Updates `langgraph-sdk` from 0.3.13 to 0.3.15 - [Release notes](https://github.com/langchain-ai/langgraph/releases) - [Commits](langchain-ai/langgraph@0.3.13...0.3.15) Updates `langsmith` from 0.8.0 to 0.8.18 - [Release notes](https://github.com/langchain-ai/langsmith-sdk/releases) - [Commits](langchain-ai/langsmith-sdk@v0.8.0...v0.8.18) Updates `python-multipart` from 0.0.27 to 0.0.31 - [Release notes](https://github.com/Kludex/python-multipart/releases) - [Changelog](https://github.com/Kludex/python-multipart/blob/main/CHANGELOG.md) - [Commits](Kludex/python-multipart@0.0.27...0.0.31) Updates `starlette` from 1.0.1 to 1.3.1 - [Release notes](https://github.com/Kludex/starlette/releases) - [Changelog](https://github.com/Kludex/starlette/blob/main/docs/release-notes.md) - [Commits](Kludex/starlette@1.0.1...1.3.1) Updates `tornado` from 6.5.6 to 6.5.7 - [Changelog](https://github.com/tornadoweb/tornado/blob/master/docs/releases.rst) - [Commits](tornadoweb/tornado@v6.5.6...v6.5.7) --- updated-dependencies: - dependency-name: pydantic-settings dependency-version: 2.14.2 dependency-type: direct:production dependency-group: uv - dependency-name: joserfc dependency-version: 1.6.7 dependency-type: indirect dependency-group: uv - dependency-name: langgraph-checkpoint dependency-version: 4.1.1 dependency-type: indirect dependency-group: uv - dependency-name: langgraph-sdk dependency-version: 0.3.15 dependency-type: indirect dependency-group: uv - dependency-name: langsmith dependency-version: 0.8.18 dependency-type: indirect dependency-group: uv - dependency-name: python-multipart dependency-version: 0.0.31 dependency-type: indirect dependency-group: uv - dependency-name: starlette dependency-version: 1.3.1 dependency-type: indirect dependency-group: uv - dependency-name: tornado dependency-version: 6.5.7 dependency-type: indirect dependency-group: uv ... Signed-off-by: dependabot[bot] <support@github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the uv group with 8 updates in the /pywry directory:
2.14.12.14.21.6.41.6.74.0.24.1.10.3.130.3.150.8.00.8.180.0.270.0.311.0.11.3.16.5.66.5.7Updates
pydantic-settingsfrom 2.14.1 to 2.14.2Release notes
Sourced from pydantic-settings's releases.
Commits
d703bd7Prepare release 2.14.2 (#890)Updates
joserfcfrom 1.6.4 to 1.6.7Release notes
Sourced from joserfc's releases.
Changelog
Sourced from joserfc's changelog.
Commits
1e5b94dchore: release 1.6.775d9f95fix(typing): use cast for type hints6d24037Merge pull request #98 from jonathangreen/algorithms-accept-collection102a7a7fix(typing): accept any Collection for algorithms, not just list8b869e8chore: release 1.6.600d599bchore: update actions9186561Merge pull request #97 from authlib/fix-b644d4ea2efix(jws): validate payload size for b64=falseb6554ccMerge pull request #96 from sebasxsala/fix-p512-fixtureb89eadftest: normalize P-521 private key fixtureUpdates
langgraph-checkpointfrom 4.0.2 to 4.1.1Release notes
Sourced from langgraph-checkpoint's releases.
... (truncated)
Commits
d1e2ff0release(checkpoint): 4.1.1 (#7890)e787af2release(sdk-py): 0.3.15 (#7891)604534efix(sdk-py): percent-encode caller-supplied identifiers in URL paths (#7893)346aa97fix(checkpoint): restrict lc:2 envelope revival to default constructor (#7892)82b3872chore(deps): bump the uv group across 2 directories with 1 update (#7853)fcc4ab8chore(deps): bump idna from 3.11 to 3.15 in /libs/checkpoint (#7860)701d344chore(deps): bump idna from 3.11 to 3.15 in /libs/checkpoint-postgres (#7861)2c7967cchore(deps): bump idna from 3.11 to 3.15 in /libs/cli (#7865)bf7fec0release(langgraph): 1.2.1 (#7883)8215a9dfeat(langgraph): addbefore_builtinsopt-in for stream transformers (#7882)Updates
langgraph-sdkfrom 0.3.13 to 0.3.15Release notes
Sourced from langgraph-sdk's releases.
Commits
e1aa1a40.3.157a959f6Fix assertion9b5549fFix flaky assertionfa96c0aOne more98b8ff9Update test assertions for triggers951131cLint8bcdba8Reduce to 4.1s60fc49bSpeed up prepare_single_task1d21b4bImprove prepare_single_task trigger checks to linear complexity (#3891)55ec0d3Speed up task triggers check (#3890)Updates
langsmithfrom 0.8.0 to 0.8.18Release notes
Sourced from langsmith's releases.
... (truncated)
Commits
31c2bf6release(py): 0.8.18 (#3063)8955b68chore: reconcile bumpversion config and mandate release process for agents (#...411401ftest(python): fix integration assertions for updated attachment error message...9c55156Merge commit from fork5b2bd8dchore(deps): bump the npm_and_yarn group across 2 directories with 2 updates ...d8642f9chore(deps): bump the npm_and_yarn group across 4 directories with 4 updates ...953c2e5chore(deps-dev): bump langchain-anthropic from 1.4.4 to 1.4.6 in /python (#3044)5513699chore(deps): bump starlette from 1.0.1 to 1.3.1 in /python (#3039)8becdefchore(deps): bump cryptography from 46.0.7 to 48.0.1 in /python (#3038)1a9c522chore(deps): bump aiohttp from 3.14.0 to 3.14.1 in /python (#3037)Updates
python-multipartfrom 0.0.27 to 0.0.31Release notes
Sourced from python-multipart's releases.
Changelog
Sourced from python-multipart's changelog.
Commits
4cffc68Version 0.0.31 (#298)c814948Reject negativeContent-Lengthinparse_form(#297)6b837d4Bound header field name size before validating (#296)e0c4f9dBump the github-actions group with 3 updates (#294)b8a01bbBump the python-packages group with 3 updates (#293)6732164Speed up multipart header parsing and callback dispatch (#295)9d3ead5Version 0.0.30 (#292)3506c15Ignore RFC 2231 extended parameters inparse_options_header(#291)d69df35Treat only&as the urlencoded field separator (#290)1e6ff97Bump idna from 3.11 to 3.15 (#289)Updates
starlettefrom 1.0.1 to 1.3.1Release notes
Sourced from starlette's releases.
... (truncated)
Changelog
Sourced from starlette's changelog.
Commits
8ebffd0Version 1.3.1 (#3330)25b8e17EnforceFormParserlimits in parser callbacks (#3331)dba1c4bEnforcemax_fieldsandmax_part_sizeinFormParser(#3329)45e51dcUseStarletteDeprecationWarninginstead ofDeprecationWarning(#3119)5f8610cVersion 1.3.0 (#3327)167b585Buildrequest.urlfrom structured components (#3326)3730925Useremoveprefixto strip weak ETag indicator inis_not_modified(#3193)e6f7ad1avoid collapsing exception groups from user code (#2830)115228fAnnotate URLPath protocol parameter with Literal (#3285)113f193docs: replace inline ASGI server list with link to canonical implemen… (#3204)Updates
tornadofrom 6.5.6 to 6.5.7Changelog
Sourced from tornado's changelog.
... (truncated)
Commits
48fc2d4Merge pull request #3633 from bdarnell/curl-reset-654ae1dddRelease notes and version bump for 6.5.73154caacurl_httpclient: Reset the curl object before putting it on the freelist7d869c0Merge pull request #3631 from bdarnell/cve-links288241fdocs: Use the correct link syntax8da981cdocs: Add CVE links to 6.5.6 release notesDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditionsYou can disable automated security fix PRs for this repo from the Security Alerts page.