Skip to content

Bump the pip-deps group across 1 directory with 9 updates #2994

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: develop
Choose a base branch
from
Open

Bump the pip-deps group across 1 directory with 9 updates #2994

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 29, 2025

Bumps the pip-deps group with 9 updates in the / directory:

Package From To
boto3 1.42.0 1.42.17
flask-cors 6.0.1 6.0.2
openapi-core 0.19.5 0.22.0
asf-search 10.2.0 11.0.0
moto[dynamodb] 5.1.18 5.1.19
pytest 9.0.1 9.0.2
ruff 0.14.7 0.14.10
mypy 1.19.0 1.19.1
cfn-lint 1.42.0 1.43.1

Updates boto3 from 1.42.0 to 1.42.17

Commits
  • 9a88f84 Merge branch 'release-1.42.17'
  • 850e57e Bumping version to 1.42.17
  • 7fdd80a Add changelog entries from botocore
  • 663b0db Merge branch 'release-1.42.16'
  • 770ca10 Merge branch 'release-1.42.16' into develop
  • 251caad Bumping version to 1.42.16
  • ca9a619 Add changelog entries from botocore
  • 19a9efb Merge branch 'release-1.42.15'
  • 910d5d6 Merge branch 'release-1.42.15' into develop
  • 35be475 Bumping version to 1.42.15
  • Additional commits viewable in compare view

Updates flask-cors from 6.0.1 to 6.0.2

Release notes

Sourced from flask-cors's releases.

6.0.2

What's Changed

New Contributors

Full Changelog: corydolphin/flask-cors@6.0.1...6.0.2

Commits

Updates openapi-core from 0.19.5 to 0.22.0

Release notes

Sourced from openapi-core's releases.

0.22.0

Features

  • Typed style deserializers (casting is part of style deserializing) #1075
  • Urlencoded deserializer schema matching type coercion #1077

Fixes

  • BooleanCaster consistent boolean values fix #1076
  • Error with multiple schemas in urlencoded request body #1077

Backward incpomatibilities

  • style_deserializers_factory and media_tyles_deserialization_factory defaults to None in configuration and protocols
  • CastError inherits from DeserializeError
  • StyleDeserializersFactory requires schema_caster_factory
  • removed style_deserialization_factory and media_tyles_deserialization_factory objects

0.21.0

Features

  • Cache compiled path parsers #1063
  • Path tilda special character support #1071

Refactors

  • Path parser refactor #1071

0.20.0

Upgrades

  • Python 3.13 support #994
  • Python 3.14 support #1045
  • Support aioitertools 0.13 #1039
  • Allow FastAPI 0.120 and Starlette 0.49 #1027

Backward incompatibilities

  • Python 3.8 support dropped #994

Fixes

Commits
  • 92b4147 Version 0.22.0
  • 7c98dc8 Merge pull request #1077 from python-openapi/feature/urlencoded-deserializer-...
  • e1ed412 Urlencoded deserializer schema matching type coercion
  • 28ad2f9 Merge pull request #1076 from python-openapi/fix/boolean-caster-consistent-vo...
  • 9f01a88 BooleanCaster consistent boolean values fix
  • 5d0a7d0 Merge pull request #1075 from python-openapi/feature/typed-style-deserializers
  • 0c301b7 Typed style deserializers
  • 33e4503 Merge pull request #1073 from python-openapi/dependabot/pip/pymdown-extension...
  • dd1fa5d Bump pymdown-extensions from 10.9 to 10.16.1
  • af8d160 Merge pull request #1072 from python-openapi/fix/starlette-middleware-skip-va...
  • Additional commits viewable in compare view

Updates asf-search from 10.2.0 to 11.0.0

Release notes

Sourced from asf-search's releases.

v11.0.0

v11.0.0

Changed

  • ASF_AUTH_HOST auth.asf.alaska.edu replaced with cumulus.asf.alaska.edu. This change should be seamless
  • auth_with_creds() now queries ASF_AUTH_HOST for asf-urs cookie after generating EDL token via https://urs.earthdata.nasa.gov/api/users/find_or_create_token

v10.3.0

v10.3.0

Added

  • Add a Pair class that groups ASFProducts as reference and secondary scenes, and provides temporal and perpendicular baselines as member variables. Pair will be used for creating InSAR SBAS stacks, though its utility extends beyond that use case. A new dependency group coherence is included in the setup.py.

v10.2.1

v10.2.1

Added

  • Added get_searchable_attributes() search method, return dict mapping of additional attribute names to AdditionalAttribute data class object
Changelog

Sourced from asf-search's changelog.

v11.0.0

Changed

  • ASF_AUTH_HOST auth.asf.alaska.edu replaced with cumulus.asf.alaska.edu. This change should be seamless
  • auth_with_creds() now queries ASF_AUTH_HOST for asf-urs cookie after generating EDL token via https://urs.earthdata.nasa.gov/api/users/find_or_create_token

v10.3.0

Added

  • Add a Pair class that groups ASFProducts as reference and secondary scenes, and provides temporal and perpendicular baselines as member variables. Pair will be used for creating InSAR SBAS stacks, though its utility extends beyond that use case. A new dependency group coherence is included in the setup.py.

v10.2.1

Added

  • Added get_searchable_attributes() search method, return dict mapping of additional attribute names to AdditionalAttribute data class object
Commits

Updates moto[dynamodb] from 5.1.18 to 5.1.19

Changelog

Sourced from moto[dynamodb]'s changelog.

5.1.19

Docker Digest for 5.1.19: sha256:1bba01d147a15d14a5816b69ee6d346ba04bd43baab4a3a27a55c368ecc2bb90

General:
    * Removed support for ElasticTranscoder, now that AWS has also deprecated this service

New Methods:
* ACM-PCA:
* revoke_certificate()


* DSQL:
    * delete_cluster()
    * get_vpc_endpoint_service_name()
    * list_tags_for_resource()

    

  • 

    FSX:
    

      

    • describe_backups()
      • 

    

    • 

  • 

    SESv2:
    

      

    • list_tags_for_resource()
      • 

    • tag_resource()
      • 

    • untag_resource()
      • 

    

    • 

  • 

    VPC Lattice:
    

      

    • delete_auth_policy()
      • 

    • delete_resource_policy()
      • 

    • get_auth_policy()
      • 

    • get_resource_policy()
      • 

    • put_auth_policy()
      • 

    • put_resource_policy()
      






Miscellaneous:
* DynamoDB: put_item() now correctly validates numeric and boolean values
* EC2: describe_instances() now returns the correct status for BlockDeviceMappings.Ebs.Status (attached, instead of in-use)
* EC2: describe_network_acls() now supports the 'association.association-id' Filter
* ELBv2: modify_load_balancer_attributes() no longer fails when modifying the 'health_check_logs.s3.enabled' attribute
* ResourceGroupsTaggingAPI: get_resources() now supports the SESv2 resources: ConfigurationSets, ContactLists, DedicatedIpPool, EmailIdentity
* Route53: change_tags_for_resource() no longer throws an error for removing a non-existing tag
* S3: list_object_versions() now correctly calculates the IsLatest-attribute
* Scheduler: list_schedules() and list_schedule_groups() now support pagination
* SecretsManager: batch_get_secret_value() now returns error handling for unknown secrets
* SSM: put_parameter() now returns the Tier-attribute

Commits
  • 714c6d8 Pre-Release: Up Version Number
  • dadd622 Prep release 5.1.19 (#9597)
  • 09ce366 chore: update SSM default parameters (#9595)
  • b543be0 Autoscaling: Improve parity around LaunchTemplates (#9596)
  • dae4435 chore: update EC2 Instance Offerings (#9592)
  • d15adc0 chore: update EMR Instance Types (#9591)
  • 409f728 Upgrade ruff to 0.14.10 (current latest). (#9588)
  • b1055ca EC2: describe_network_acls() now supports the 'association.association-id' Fi...
  • 393e41e SSM: add Tier to PutParameter response (#9590)
  • 8d4f40c remove pylint mention from docs, remove pylint comments (#9587)
  • Additional commits viewable in compare view

Updates pytest from 9.0.1 to 9.0.2

Release notes

Sourced from pytest's releases.

9.0.2

pytest 9.0.2 (2025-12-06)

Bug fixes

  • #13896: The terminal progress feature added in pytest 9.0.0 has been disabled by default, except on Windows, due to compatibility issues with some terminal emulators.

    You may enable it again by passing -p terminalprogress. We may enable it by default again once compatibility improves in the future.

    Additionally, when the environment variable TERM is dumb, the escape codes are no longer emitted, even if the plugin is enabled.

  • #13904: Fixed the TOML type of the tmp_path_retention_count settings in the API reference from number to string.

  • #13946: The private config.inicfg attribute was changed in a breaking manner in pytest 9.0.0. Due to its usage in the ecosystem, it is now restored to working order using a compatibility shim. It will be deprecated in pytest 9.1 and removed in pytest 10.

  • #13965: Fixed quadratic-time behavior when handling unittest subtests in Python 3.10.

Improved documentation

  • #4492: The API Reference now contains cross-reference-able documentation of pytest's command-line flags <command-line-flags>.
Commits
  • 3d10b51 Prepare release version 9.0.2
  • 188750b Merge pull request #14030 from pytest-dev/patchback/backports/9.0.x/1e4b01d1f...
  • b7d7bef Merge pull request #14014 from bluetech/compat-note
  • bd08e85 Merge pull request #14013 from pytest-dev/patchback/backports/9.0.x/922b60377...
  • bc78386 Add CLI options reference documentation (#13930)
  • 5a4e398 Fix docs typo (#14005) (#14008)
  • d7ae6df Merge pull request #14006 from pytest-dev/maintenance/update-plugin-list-tmpl...
  • 556f6a2 pre-commit: fix rst-lint after new release (#13999) (#14001)
  • c60fbe6 Fix quadratic-time behavior when handling unittest subtests in Python 3.10 ...
  • 73d9b01 Merge pull request #13995 from nicoddemus/patchback/backports/9.0.x/1b5200c0f...
  • Additional commits viewable in compare view

Updates ruff from 0.14.7 to 0.14.10

Release notes

Sourced from ruff's releases.

0.14.10

Release Notes

Released on 2025-12-18.

Preview features

  • [formatter] Fluent formatting of method chains (#21369)
  • [formatter] Keep lambda parameters on one line and parenthesize the body if it expands (#21385)
  • [flake8-implicit-str-concat] New rule to prevent implicit string concatenation in collections (ISC004) (#21972)
  • [flake8-use-pathlib] Make fixes unsafe when types change in compound statements (PTH104, PTH105, PTH109, PTH115) (#22009)
  • [refurb] Extend support for Path.open (FURB101, FURB103) (#21080)

Bug fixes

  • [pyupgrade] Fix parsing named Unicode escape sequences (UP032) (#21901)

Rule changes

  • [eradicate] Ignore ruff:disable and ruff:enable comments in ERA001 (#22038)
  • [flake8-pytest-style] Allow match and check keyword arguments without an expected exception type (PT010) (#21964)
  • [syntax-errors] Annotated name cannot be global (#20868)

Documentation

  • Add uv and ty to the Ruff README (#21996)
  • Document known lambda formatting deviations from Black (#21954)
  • Update setup.md (#22024)
  • [flake8-bandit] Fix broken link (S704) (#22039)

Other changes

  • Fix playground Share button showing "Copied!" before clipboard copy completes (#21942)

Contributors

... (truncated)

Changelog

Sourced from ruff's changelog.

0.14.10

Released on 2025-12-18.

Preview features

  • [formatter] Fluent formatting of method chains (#21369)
  • [formatter] Keep lambda parameters on one line and parenthesize the body if it expands (#21385)
  • [flake8-implicit-str-concat] New rule to prevent implicit string concatenation in collections (ISC004) (#21972)
  • [flake8-use-pathlib] Make fixes unsafe when types change in compound statements (PTH104, PTH105, PTH109, PTH115) (#22009)
  • [refurb] Extend support for Path.open (FURB101, FURB103) (#21080)

Bug fixes

  • [pyupgrade] Fix parsing named Unicode escape sequences (UP032) (#21901)

Rule changes

  • [eradicate] Ignore ruff:disable and ruff:enable comments in ERA001 (#22038)
  • [flake8-pytest-style] Allow match and check keyword arguments without an expected exception type (PT010) (#21964)
  • [syntax-errors] Annotated name cannot be global (#20868)

Documentation

  • Add uv and ty to the Ruff README (#21996)
  • Document known lambda formatting deviations from Black (#21954)
  • Update setup.md (#22024)
  • [flake8-bandit] Fix broken link (S704) (#22039)

Other changes

  • Fix playground Share button showing "Copied!" before clipboard copy completes (#21942)

Contributors

0.14.9

... (truncated)

Commits
  • 45bbb4c Bump 0.14.10 (#22058)
  • 42b9727 [ty] Use datatest instead of dirtest (#21937)
  • f7ec178 [ty] Gracefully handle client requests that can't be deserialized (#22051)
  • c315164 [ty] Don't suggest keyword statements when only expressions are valid
  • bb1955e [ty] Use cursor context in a few more places...
  • 070e08a [ty] Move completion function to the top
  • bab3924 [ty] Refactor completion generation
  • 10748b2 [flake8-pytest-style] Allow match and check keyword arguments without a...
  • 56539db [ty] Fix some configuration panics in the LSP (#22040)
  • 8d32ad1 [ty] Add support for attribute docstrings (#22036)
  • Additional commits viewable in compare view

Updates mypy from 1.19.0 to 1.19.1

Changelog

Sourced from mypy's changelog.

Mypy 1.19.1

  • Fix noncommutative joins with bounded TypeVars (Shantanu, PR 20345)
  • Respect output format for cached runs by serializing raw errors in cache metas (Ivan Levkivskyi, PR 20372)
  • Allow types.NoneType in match cases (A5rocks, PR 20383)
  • Fix mypyc generator regression with empty tuple (BobTheBuidler, PR 20371)
  • Fix crash involving Unpack-ed TypeVarTuple (Shantanu, PR 20323)
  • Fix crash on star import of redefinition (Ivan Levkivskyi, PR 20333)
  • Fix crash on typevar with forward ref used in other module (Ivan Levkivskyi, PR 20334)
  • Fail with an explicit error on PyPy (Ivan Levkivskyi, PR 20389)

Acknowledgements

Thanks to all mypy contributors who contributed to this release:

  • A5rocks
  • BobTheBuidler
  • bzoracler
  • Chainfire
  • Christoph Tyralla
  • David Foster
  • Frank Dana
  • Guo Ci
  • iap
  • Ivan Levkivskyi
  • James Hilton-Balfe
  • jhance
  • Joren Hammudoglu
  • Jukka Lehtosalo
  • KarelKenens
  • Kevin Kannammalil
  • Marc Mueller
  • Michael Carlstrom
  • Michael J. Sullivan
  • Piotr Sawicki
  • Randolf Scholz
  • Shantanu
  • Sigve Sebastian Farstad
  • sobolevn
  • Stanislav Terliakov
  • Stephen Morton
  • Theodore Ando
  • Thiago J. Barbalho
  • wyattscarpenter

I’d also like to thank my employer, Dropbox, for supporting mypy development.

Mypy 1.18

We’ve just uploaded mypy 1.18.1 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features, performance

... (truncated)

Commits

Updates cfn-lint from 1.42.0 to 1.43.1

Release notes

Sourced from cfn-lint's releases.

Release v1.43.1

What's Changed

Full Changelog: aws-cloudformation/cfn-lint@v1.43.0...v1.43.1

Release v1.43.0

What's Changed

Full Changelog: aws-cloudformation/cfn-lint@v1.42.1...v1.43.0

Release v1.42.1

What's Changed

New Contributors

Full Changelog: aws-cloudformation/cfn-lint@v1.42.0...v1.42.1

Changelog

Sourced from cfn-lint's changelog.

v1.43.1

What's Changed

Full Changelog: aws-cloudformation/cfn-lint@v1.43.0...v1.43.1

v1.43.0

What's Changed

Full Changelog: aws-cloudformation/cfn-lint@v1.42.1...v1.43.0

v1.42.1

What's Changed

New Contributors

Full Changelog: aws-cloudformation/cfn-lint@v1.42.0...v1.42.1

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the pip-deps group across 1 directory with 9 updates
36f3519 
Bumps the pip-deps group with 9 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [boto3](https://github.com/boto/boto3) | `1.42.0` | `1.42.17` |
| [flask-cors](https://github.com/corydolphin/flask-cors) | `6.0.1` | `6.0.2` |
| [openapi-core](https://github.com/python-openapi/openapi-core) | `0.19.5` | `0.22.0` |
| [asf-search](https://github.com/asfadmin/Discovery-asf_search) | `10.2.0` | `11.0.0` |
| [moto[dynamodb]](https://github.com/getmoto/moto) | `5.1.18` | `5.1.19` |
| [pytest](https://github.com/pytest-dev/pytest) | `9.0.1` | `9.0.2` |
| [ruff](https://github.com/astral-sh/ruff) | `0.14.7` | `0.14.10` |
| [mypy](https://github.com/python/mypy) | `1.19.0` | `1.19.1` |
| [cfn-lint](https://github.com/aws-cloudformation/cfn-lint) | `1.42.0` | `1.43.1` |



Updates `boto3` from 1.42.0 to 1.42.17
- [Release notes](https://github.com/boto/boto3/releases)
- [Commits](boto/boto3@1.42.0...1.42.17)

Updates `flask-cors` from 6.0.1 to 6.0.2
- [Release notes](https://github.com/corydolphin/flask-cors/releases)
- [Changelog](https://github.com/corydolphin/flask-cors/blob/main/CHANGELOG.md)
- [Commits](corydolphin/flask-cors@6.0.1...6.0.2)

Updates `openapi-core` from 0.19.5 to 0.22.0
- [Release notes](https://github.com/python-openapi/openapi-core/releases)
- [Commits](python-openapi/openapi-core@0.19.5...0.22.0)

Updates `asf-search` from 10.2.0 to 11.0.0
- [Release notes](https://github.com/asfadmin/Discovery-asf_search/releases)
- [Changelog](https://github.com/asfadmin/Discovery-asf_search/blob/master/CHANGELOG.md)
- [Commits](asfadmin/Discovery-asf_search@v10.2.0...v11.0.0)

Updates `moto[dynamodb]` from 5.1.18 to 5.1.19
- [Release notes](https://github.com/getmoto/moto/releases)
- [Changelog](https://github.com/getmoto/moto/blob/master/CHANGELOG.md)
- [Commits](getmoto/moto@5.1.18...5.1.19)

Updates `pytest` from 9.0.1 to 9.0.2
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](pytest-dev/pytest@9.0.1...9.0.2)

Updates `ruff` from 0.14.7 to 0.14.10
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.14.7...0.14.10)

Updates `mypy` from 1.19.0 to 1.19.1
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](python/mypy@v1.19.0...v1.19.1)

Updates `cfn-lint` from 1.42.0 to 1.43.1
- [Release notes](https://github.com/aws-cloudformation/cfn-lint/releases)
- [Changelog](https://github.com/aws-cloudformation/cfn-lint/blob/main/CHANGELOG.md)
- [Commits](aws-cloudformation/cfn-lint@v1.42.0...v1.43.1)

---
updated-dependencies:
- dependency-name: boto3
  dependency-version: 1.42.17
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-deps
- dependency-name: flask-cors
  dependency-version: 6.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-deps
- dependency-name: openapi-core
  dependency-version: 0.22.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-deps
- dependency-name: asf-search
  dependency-version: 11.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: pip-deps
- dependency-name: moto[dynamodb]
  dependency-version: 5.1.19
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-deps
- dependency-name: pytest
  dependency-version: 9.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-deps
- dependency-name: ruff
  dependency-version: 0.14.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-deps
- dependency-name: mypy
  dependency-version: 1.19.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-deps
- dependency-name: cfn-lint
  dependency-version: 1.43.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added bumpless Changes to documentation, CI/CD pipelines, etc that don't affect the project's version major Bump the major version number of this project labels Dec 29, 2025
@dependabot dependabot bot requested review from a team as code owners December 29, 2025 19:02
@dependabot dependabot bot added major Bump the major version number of this project bumpless Changes to documentation, CI/CD pipelines, etc that don't affect the project's version labels Dec 29, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

bumpless Changes to documentation, CI/CD pipelines, etc that don't affect the project's version major Bump the major version number of this project

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant