Consolidate open Dependabot dependency updates and resolve lockfile merge conflicts by Copilot · Pull Request #125 · mathun3003/quotes-recommender

Copilot · 2026-05-29T09:34:00Z

This PR aggregates the currently open Dependabot updates into the integration branch so dependency maintenance can proceed in one reviewable batch. Where PRs overlapped in poetry.lock, conflicts were resolved to keep the latest intended package versions from the merged update set.

Scope
- Merged Dependabot update branches for PRs: #90, #91, #92, #95, #96, #97, #98, #109, #111, #112, #113, #114, #116, #117, #118, #119, #121, #122, #123, #124.
- Primary touched files are dependency manifests: pyproject.toml and poetry.lock.
Dependency update consolidation
- Combined independent package bumps into a single integration line to reduce PR-by-PR drift and repeated lockfile churn.
- Preserved the merged branch’s effective dependency graph when overlapping updates targeted the same lockfile regions.
Conflict handling
- Resolved repeated poetry.lock conflicts in package metadata/version blocks and marker sections by selecting the newer merged state and removing conflict artifacts.

# resolved lockfile section (representative)
[[package]]
name = "nbconvert"
version = "7.17.1"
description = "Convert Jupyter Notebooks (.ipynb files) to other formats."
python-versions = ">=3.9"

Bumps [filelock](https://github.com/tox-dev/py-filelock) from 3.20.1 to 3.20.3. - [Release notes](https://github.com/tox-dev/py-filelock/releases) - [Changelog](https://github.com/tox-dev/filelock/blob/main/docs/changelog.rst) - [Commits](tox-dev/filelock@3.20.1...3.20.3) --- updated-dependencies: - dependency-name: filelock dependency-version: 3.20.3 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [sentencepiece](https://github.com/google/sentencepiece) from 0.1.99 to 0.2.1. - [Release notes](https://github.com/google/sentencepiece/releases) - [Commits](google/sentencepiece@v0.1.99...v0.2.1) --- updated-dependencies: - dependency-name: sentencepiece dependency-version: 0.2.1 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [protobuf](https://github.com/protocolbuffers/protobuf) from 4.25.8 to 5.29.6. - [Release notes](https://github.com/protocolbuffers/protobuf/releases) - [Commits](https://github.com/protocolbuffers/protobuf/commits) --- updated-dependencies: - dependency-name: protobuf dependency-version: 5.29.6 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [orjson](https://github.com/ijl/orjson) from 3.9.15 to 3.11.6. - [Release notes](https://github.com/ijl/orjson/releases) - [Changelog](https://github.com/ijl/orjson/blob/master/CHANGELOG.md) - [Commits](ijl/orjson@3.9.15...3.11.6) --- updated-dependencies: - dependency-name: orjson dependency-version: 3.11.6 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [black](https://github.com/psf/black) from 24.3.0 to 26.3.1. - [Release notes](https://github.com/psf/black/releases) - [Changelog](https://github.com/psf/black/blob/main/CHANGES.md) - [Commits](psf/black@24.3.0...26.3.1) --- updated-dependencies: - dependency-name: black dependency-version: 26.3.1 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [tornado](https://github.com/tornadoweb/tornado) from 6.5.1 to 6.5.5. - [Changelog](https://github.com/tornadoweb/tornado/blob/master/docs/releases.rst) - [Commits](tornadoweb/tornado@v6.5.1...v6.5.5) --- updated-dependencies: - dependency-name: tornado dependency-version: 6.5.5 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [scrapy](https://github.com/scrapy/scrapy) from 2.13.4 to 2.14.2. - [Release notes](https://github.com/scrapy/scrapy/releases) - [Changelog](https://github.com/scrapy/scrapy/blob/master/docs/news.rst) - [Commits](scrapy/scrapy@2.13.4...2.14.2) --- updated-dependencies: - dependency-name: scrapy dependency-version: 2.14.2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [cryptography](https://github.com/pyca/cryptography) from 46.0.6 to 46.0.7. - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](pyca/cryptography@46.0.6...46.0.7) --- updated-dependencies: - dependency-name: cryptography dependency-version: 46.0.7 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [pytest](https://github.com/pytest-dev/pytest) from 7.4.4 to 9.0.3. - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst) - [Commits](pytest-dev/pytest@7.4.4...9.0.3) --- updated-dependencies: - dependency-name: pytest dependency-version: 9.0.3 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [python-dotenv](https://github.com/theskumar/python-dotenv) from 1.0.0 to 1.2.2. - [Release notes](https://github.com/theskumar/python-dotenv/releases) - [Changelog](https://github.com/theskumar/python-dotenv/blob/main/CHANGELOG.md) - [Commits](theskumar/python-dotenv@v1.0.0...v1.2.2) --- updated-dependencies: - dependency-name: python-dotenv dependency-version: 1.2.2 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [nbconvert](https://github.com/jupyter/nbconvert) from 7.14.2 to 7.17.1. - [Release notes](https://github.com/jupyter/nbconvert/releases) - [Changelog](https://github.com/jupyter/nbconvert/blob/main/CHANGELOG.md) - [Commits](jupyter/nbconvert@v7.14.2...v7.17.1) --- updated-dependencies: - dependency-name: nbconvert dependency-version: 7.17.1 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [lxml](https://github.com/lxml/lxml) from 5.1.0 to 6.1.0. - [Release notes](https://github.com/lxml/lxml/releases) - [Changelog](https://github.com/lxml/lxml/blob/master/CHANGES.txt) - [Commits](lxml/lxml@lxml-5.1.0...lxml-6.1.0) --- updated-dependencies: - dependency-name: lxml dependency-version: 6.1.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [notebook](https://github.com/jupyter/notebook) from 7.4.6 to 7.5.6. - [Release notes](https://github.com/jupyter/notebook/releases) - [Changelog](https://github.com/jupyter/notebook/blob/@jupyter-notebook/tree@7.5.6/CHANGELOG.md) - [Commits](https://github.com/jupyter/notebook/compare/@jupyter-notebook/tree@7.4.6...@jupyter-notebook/tree@7.5.6) --- updated-dependencies: - dependency-name: notebook dependency-version: 7.5.6 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [jupyterlab](https://github.com/jupyterlab/jupyterlab) from 4.4.8 to 4.5.7. - [Release notes](https://github.com/jupyterlab/jupyterlab/releases) - [Changelog](https://github.com/jupyterlab/jupyterlab/blob/main/RELEASE.md) - [Commits](https://github.com/jupyterlab/jupyterlab/compare/@jupyterlab/lsp@4.4.8...@jupyterlab/lsp@4.5.7) --- updated-dependencies: - dependency-name: jupyterlab dependency-version: 4.5.7 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [jupyter-server](https://github.com/jupyter-server/jupyter_server) from 2.12.5 to 2.18.0. - [Release notes](https://github.com/jupyter-server/jupyter_server/releases) - [Changelog](https://github.com/jupyter-server/jupyter_server/blob/main/CHANGELOG.md) - [Commits](jupyter-server/jupyter_server@v2.12.5...v2.18.0) --- updated-dependencies: - dependency-name: jupyter-server dependency-version: 2.18.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [mistune](https://github.com/lepture/mistune) from 3.0.2 to 3.2.1. - [Release notes](https://github.com/lepture/mistune/releases) - [Changelog](https://github.com/lepture/mistune/blob/main/docs/changes.rst) - [Commits](lepture/mistune@v3.0.2...v3.2.1) --- updated-dependencies: - dependency-name: mistune dependency-version: 3.2.1 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [gitpython](https://github.com/gitpython-developers/GitPython) from 3.1.41 to 3.1.50. - [Release notes](https://github.com/gitpython-developers/GitPython/releases) - [Changelog](https://github.com/gitpython-developers/GitPython/blob/main/CHANGES) - [Commits](gitpython-developers/GitPython@3.1.41...3.1.50) --- updated-dependencies: - dependency-name: gitpython dependency-version: 3.1.50 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.6.0 to 2.7.0. - [Release notes](https://github.com/urllib3/urllib3/releases) - [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst) - [Commits](urllib3/urllib3@2.6.0...2.7.0) --- updated-dependencies: - dependency-name: urllib3 dependency-version: 2.7.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [idna](https://github.com/kjd/idna) from 3.7 to 3.15. - [Release notes](https://github.com/kjd/idna/releases) - [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.md) - [Commits](kjd/idna@v3.7...v3.15) --- updated-dependencies: - dependency-name: idna dependency-version: '3.15' dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [dulwich](https://github.com/dulwich/dulwich) from 0.21.7 to 1.2.5. - [Release notes](https://github.com/dulwich/dulwich/releases) - [Changelog](https://github.com/jelmer/dulwich/blob/main/NEWS) - [Commits](jelmer/dulwich@dulwich-0.21.7...dulwich-1.2.5) --- updated-dependencies: - dependency-name: dulwich dependency-version: 1.2.5 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

# Conflicts: # poetry.lock

mathun3003 · 2026-05-29T09:37:01Z

@copilot fix the code style checks

mathun3003 · 2026-05-29T09:54:57Z

@copilot fix the black, mypy, and pylint code style checks by looking at the error messages and fixing the python code accordingly.

dependabot Bot and others added 30 commits January 13, 2026 21:02

Merge branch 'pr-90' into copilot/dependabot-merge-requests

797b021

Merge branch 'pr-91' into copilot/dependabot-merge-requests

8406237

Merge branch 'pr-92' into copilot/dependabot-merge-requests

33c6c77

Merge branch 'pr-95' into copilot/dependabot-merge-requests

c903aeb

Merge branch 'pr-96' into copilot/dependabot-merge-requests

8d676b6

Merge branch 'pr-97' into copilot/dependabot-merge-requests

27a19e5

Merge branch 'pr-98' into copilot/dependabot-merge-requests

bd53da9

# Conflicts: # poetry.lock

Merge branch 'pr-109' into copilot/dependabot-merge-requests

4672fb5

Merge branch 'pr-111' into copilot/dependabot-merge-requests

dbd48cc

# Conflicts: # poetry.lock

Merge branch 'pr-112' into copilot/dependabot-merge-requests

f4e4d26

Copilot AI added 10 commits May 29, 2026 09:28

Merge branch 'pr-113' into copilot/dependabot-merge-requests

febd18f

Merge branch 'pr-114' into copilot/dependabot-merge-requests

9dc2552

Merge branch 'pr-116' into copilot/dependabot-merge-requests

149fff9

# Conflicts: # poetry.lock

Merge branch 'pr-117' into copilot/dependabot-merge-requests

5ddaf95

# Conflicts: # poetry.lock

Merge branch 'pr-118' into copilot/dependabot-merge-requests

c56812b

Merge branch 'pr-119' into copilot/dependabot-merge-requests

4c37c44

Merge branch 'pr-121' into copilot/dependabot-merge-requests

80e7ec4

Merge branch 'pr-122' into copilot/dependabot-merge-requests

05a76bb

Merge branch 'pr-123' into copilot/dependabot-merge-requests

9e75959

Merge branch 'pr-124' into copilot/dependabot-merge-requests

2ad9b4d

Copilot AI assigned Copilot and mathun3003 May 29, 2026

Copilot created this pull request from a session on behalf of mathun3003 May 29, 2026 09:34 View session

mathun3003 marked this pull request as ready for review May 29, 2026 09:34

Copilot started work on behalf of mathun3003 May 29, 2026 09:37 View session

Copilot stopped work on behalf of mathun3003 due to an error May 29, 2026 09:37
Request session.create failed with message: Model "gpt-5.3-codex" is not available.

Copilot AI requested a review from mathun3003 May 29, 2026 09:37

mathun3003 approved these changes May 29, 2026

View reviewed changes

regenerated lock file

3591fde

Copilot started work on behalf of mathun3003 May 29, 2026 09:55 View session

Copilot stopped work on behalf of mathun3003 due to an error May 29, 2026 09:55
Request session.create failed with message: Model "gpt-5.3-codex" is not available.

Copilot AI requested a review from mathun3003 May 29, 2026 09:55

mathun3003 approved these changes May 29, 2026

View reviewed changes

mathun3003 merged commit 792bcd2 into main May 29, 2026
2 of 6 checks passed

mathun3003 deleted the copilot/dependabot-merge-requests branch May 29, 2026 09:58

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Consolidate open Dependabot dependency updates and resolve lockfile merge conflicts#125

Consolidate open Dependabot dependency updates and resolve lockfile merge conflicts#125
mathun3003 merged 41 commits into
mainfrom
copilot/dependabot-merge-requests

Copilot AI commented May 29, 2026

Uh oh!

mathun3003 commented May 29, 2026

Uh oh!

mathun3003 commented May 29, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

Copilot AI commented May 29, 2026

Uh oh!

mathun3003 commented May 29, 2026

Uh oh!

mathun3003 commented May 29, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants