Skip to content

fix(deps): update all non-major dependencies#42

Open
renovate[bot] wants to merge 1 commit intomainfrom
renovate/all-minor-patch
Open

fix(deps): update all non-major dependencies#42
renovate[bot] wants to merge 1 commit intomainfrom
renovate/all-minor-patch

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Apr 25, 2025

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package Change Age Confidence Type Update
anyio (changelog) ==4.11.0==4.12.1 age confidence minor
asttokens ==3.0.0==3.0.1 age confidence patch
attrs (changelog) ==25.3.0==25.4.0 age confidence minor
babel (source) ==2.17.0==2.18.0 age confidence minor
cems-nuclei ==3.0.1==3.2.0 age confidence minor
certifi ==2025.8.3==2025.11.12 age confidence minor
charset-normalizer (changelog) ==3.4.3==3.4.4 age confidence patch
click (changelog) ==8.3.0==8.3.1 age confidence patch
docutils (changelog) ==0.21.2==0.22.4 age confidence minor
duckdb (changelog) ==1.4.0==1.4.4 age confidence patch
fonttools ==4.60.0==4.61.1 age confidence minor
idna (changelog) ==3.10==3.11 age confidence minor
iniconfig ==2.1.0==2.3.0 age confidence minor
ipython ==9.1.0==9.10.0 age confidence project.optional-dependencies minor
ipython ==9.1.0==9.10.0 age confidence minor
jiter ==0.11.0==0.13.0 age confidence minor
jsonschema (changelog) ==4.25.1==4.26.0 age confidence minor
jupyter-core ==5.8.1==5.9.1 age confidence minor
loro ==1.8.1==1.10.3 age confidence minor
marimo >0.14,<0.15>0.19,<0.20 age confidence project.optional-dependencies minor
marimo ==0.14.17==0.19.11 age confidence minor
markdown (changelog) ==3.9==3.10.2 age confidence minor
markupsafe (changelog) ==3.0.2==3.0.3 age confidence patch
matplotlib ==3.10.6==3.10.8 age confidence patch
matplotlib-inline ==0.1.7==0.2.1 age confidence minor
micropip ==0.10.1==0.11.0 age confidence minor
narwhals ==2.5.0==2.16.0 age confidence minor
numpy (changelog) ==2.3.3==2.4.2 age confidence minor
orjson (changelog) ==3.11.3==3.11.7 age confidence patch
pandas ==2.3.2==2.3.3 age confidence patch
parso ==0.8.5==0.8.6 age confidence patch
platformdirs (changelog) ==4.4.0==4.9.2 age confidence minor
polars (changelog) ==1.33.1==1.38.1 age confidence minor
psutil ==7.1.0==7.2.2 age confidence minor
pydantic (changelog) ==2.11.9==2.12.5 age confidence minor
pydantic-core ==2.33.2==2.41.5 age confidence minor
pyjwt ==2.10.1==2.11.0 age confidence minor
pymdown-extensions ==10.16.1==10.21 age confidence minor
pyparsing ==3.2.5==3.3.2 age confidence minor
python 3.133.14 age confidence uses-with minor
pyyaml (source) ==6.0.2==6.0.3 age confidence patch
referencing (changelog) ==0.36.2==0.37.0 age confidence minor
rpds-py ==0.27.1==0.30.0 age confidence minor
ruff (source, changelog) ==0.13.1==0.15.1 age confidence minor
sphinx-autodoc-typehints (changelog) ==3.1.0==3.6.3 age confidence project.optional-dependencies minor
sphinx-autodoc-typehints (changelog) ==3.1.0==3.6.3 age confidence minor
sphinx-rtd-theme ==3.0.2==3.1.0 age confidence project.optional-dependencies minor
sphinx-rtd-theme ==3.0.2==3.1.0 age confidence minor
sqlglot ==27.17.0==27.29.0 age confidence minor
starlette (changelog) ==0.48.0==0.52.1 age confidence minor
tomlkit ==0.13.3==0.14.0 age confidence minor
tqdm (changelog) ==4.67.1==4.67.3 age confidence patch
typing-inspection (changelog) ==0.4.1==0.4.2 age confidence patch
tzdata ==2025.2==2025.3 age confidence minor
urllib3 (changelog) ==2.5.0==2.6.3 age confidence minor
uvicorn (changelog) ==0.37.0==0.41.0 age confidence minor
wcwidth ==0.2.14==0.6.0 age confidence minor

Release Notes

agronholm/anyio (anyio)

v4.12.1

Compare Source

  • Changed all functions currently raising the private NoCurrentAsyncBackend exception (since v4.12.0) to instead raise the public NoEventLoopError exception (#​1048)
  • Fixed anyio.functools.lru_cache not working with instance methods (#​1042)

v4.12.0

Compare Source

  • Added support for asyncio's task call graphs on Python 3.14 and later when using AnyIO's task groups (#​1025)
  • Added an asynchronous implementation of the functools module (#​1001)
  • Added support for uvloop=True on Windows via the winloop implementation (#​960; PR by @​Vizonex)
  • Added support for use as a context manager to anyio.lowlevel.RunVar (#​1003)
  • Added __all__ declarations to public submodules (anyio.lowlevel etc.) (#​1009)
  • Added the ability to set the token count of a CapacityLimiter to zero (#​1019; requires Python 3.10 or later when using Trio)
  • Added parameters case_sensitive and recurse_symlinks along with support for path-like objects to anyio.Path.glob() and anyio.Path.rglob() (#​1033; PR by @​northisup)
  • Dropped sniffio as a direct dependency and added the get_available_backends() function (#​1021)
  • Fixed Process.stdin.send() not raising ClosedResourceError and BrokenResourceError on asyncio. Previously, a non-AnyIO exception was raised in such cases (#​671; PR by @​gschaffner)
  • Fixed Process.stdin.send() not checkpointing before writing data on asyncio (#​1002; PR by @​gschaffner)
  • Fixed a race condition where cancelling a Future from BlockingPortal.start_task_soon() would sometimes not cancel the async function (#​1011; PR by @​gschaffner)
  • Fixed the presence of the pytest plugin causing breakage with older versions of pytest (<= 6.1.2) (#​1028; PR by @​saper)
  • Fixed a rarely occurring RuntimeError: Set changed size during iteration while shutting down the process pool when using the asyncio backend (#​985)
gristlabs/asttokens (asttokens)

v3.0.1

Compare Source

python-attrs/attrs (attrs)

v25.4.0

Compare Source

Backwards-incompatible Changes
  • Class-level kw_only=True behavior is now consistent with dataclasses.

    Previously, a class that sets kw_only=True makes all attributes keyword-only, including those from base classes.
    If an attribute sets kw_only=False, that setting is ignored, and it is still made keyword-only.

    Now, only the attributes defined in that class that doesn't explicitly set kw_only=False are made keyword-only.

    This shouldn't be a problem for most users, unless you have a pattern like this:

    @&#8203;attrs.define(kw_only=True)
    class Base:
        a: int
        b: int = attrs.field(default=1, kw_only=False)
    
    @&#8203;attrs.define
    class Subclass(Base):
        c: int

    Here, we have a kw_only=True attrs class (Base) with an attribute that sets kw_only=False and has a default (Base.b), and then create a subclass (Subclass) with required arguments (Subclass.c).
    Previously this would work, since it would make Base.b keyword-only, but now this fails since Base.b is positional, and we have a required positional argument (Subclass.c) following another argument with defaults.
    #​1457

Changes
  • Values passed to the __init__() method of attrs classes are now correctly passed to __attrs_pre_init__() instead of their default values (in cases where kw_only was not specified).
    #​1427

  • Added support for Python 3.14 and PEP 749.
    #​1446,
    #​1451

  • attrs.validators.deep_mapping() now allows to leave out either key_validator xor value_validator.
    #​1448

  • attrs.validators.deep_iterator() and attrs.validators.deep_mapping() now accept lists and tuples for all validators and wrap them into a attrs.validators.and_().
    #​1449

  • Added a new experimental way to inspect classes:

    attrs.inspect(cls) returns the effective class-wide parameters that were used by attrs to construct the class.

    The returned class is the same data structure that attrs uses internally to decide how to construct the final class.
    #​1454

  • Fixed annotations for attrs.field(converter=...).
    Previously, a tuple of converters was only accepted if it had exactly one element.
    #​1461

  • The performance of attrs.asdict() has been improved by 45–260%.
    #​1463

  • The performance of attrs.astuple() has been improved by 49–270%.
    #​1469

  • The type annotation for attrs.validators.or_() now allows for different types of validators.

    This was only an issue on Pyright.
    #​1474

python-babel/babel (babel)

v2.18.0

Compare Source

Happy 2026! This release is, coincidentally, also being made from FOSDEM.

We will aspire for a slightly less glacial release cadence in this year;
there are interesting features in the pipeline.

Features


* Core: Add `babel.core.get_cldr_version()` by @&#8203;akx in :gh:`1242`
* Core: Use CLDR 47 by @&#8203;tomasr8 in :gh:`1210`
* Core: Use canonical IANA zone names in zone_territories by @&#8203;akx in :gh:`1220`
* Messages: Improve extract performance via ignoring directories early during os.walk by @&#8203;akx in :gh:`968`
* Messages: Merge in per-format keywords and auto_comments by @&#8203;akx in :gh:`1243`
* Messages: Update keywords for extraction of dpgettext and dnpgettext by @&#8203;mardiros in :gh:`1235`
* Messages: Validate all plurals in Python format checker by @&#8203;tomasr8 in :gh:`1188`
* Time: Use standard library `timezone` instead of `FixedOffsetTimezone` by @&#8203;akx in :gh:`1203`

Bugfixes
  • Core: Fix formatting for "Empty locale identifier" exception added in #​1164 by @​akx in :gh:1184
  • Core: Improve handling of no-inheritance-marker in timezone data by @​akx in :gh:1194
  • Core: Make the number pattern regular expression more efficient by @​akx in :gh:1213
  • Messages: Keep translator comments next to the translation function call by @​akx in :gh:1196
  • Numbers: Fix KeyError that occurred when formatting compact currencies of exactly one thousand in several locales by @​bartbroere in :gh:1246

Other improvements


* Core: Avoid unnecessary uses of `map()` by @&#8203;akx in :gh:`1180`
* Messages: Have init-catalog create directories too by @&#8203;akx in :gh:`1244`
* Messages: Optimizations for read_po by @&#8203;akx in :gh:`1200`
* Messages: Use pathlib.Path() in catalog frontend; improve test coverage by @&#8203;akx in :gh:`1204`

Infrastructure and documentation
  • CI: Renovate CI & lint tools by @​akx in :gh:1228
  • CI: Tighten up CI with Zizmor by @​akx in :gh:1230
  • CI: make job permissions explicit by @​akx in :gh:1227
  • Docs: Add SECURITY.md by @​akx in :gh:1229
  • Docs: Remove u string prefix from docs by @​verhovsky in :gh:1174
  • Docs: Update dates.rst with current unicode.org tr35 link by @​clach04 in :gh:1189
  • General: Add some PyPI classifiers by @​tomasr8 in :gh:1186
  • General: Apply reformatting by hand and with Ruff by @​akx in :gh:1202
  • General: Test on and declare support for Python 3.14 by @​akx in :gh:1233
  • Tests: Convert Unittest testcases with setup/teardown to fixtures by @​akx in :gh:1240
  • Tests: Mark PyPy CI flake as xfail by @​akx in :gh:1197
  • Tests: Move pytest config to pyproject.toml by @​tomasr8 in :gh:1187
  • Tests: Unwrap most unittest test cases to bare functions by @​akx in :gh:1241
cemsbv/nuclei (cems-nuclei)

v3.2.0

Compare Source

Features
  • Set PileCore version "v4" as latest

v3.1.0

Compare Source

Bug Fixes
  • Deps: Update all non-major dependencies (#​239)
Features
  • Add PileCore v4 to routing table
Miscellaneous Tasks
  • Ci:
    • Disable pyink in github super-linter
    • Move from dependabot to renovate
Deploy
  • Update deploy_docs.yaml
certifi/python-certifi (certifi)

v2025.11.12

Compare Source

v2025.10.5

Compare Source

jawah/charset_normalizer (charset-normalizer)

v3.4.4

Compare Source

Changed
  • Bound setuptools to a specific constraint setuptools>=68,<=81.
  • Raised upper bound of mypyc for the optional pre-built extension to v1.18.2
Removed
  • setuptools-scm as a build dependency.
Misc
  • Enforced hashes in dev-requirements.txt and created ci-requirements.txt for security purposes.
  • Additional pre-built wheels for riscv64, s390x, and armv7l architectures.
  • Restore multiple.intoto.jsonl in GitHub releases in addition to individual attestation file per wheel.
pallets/click (click)

v8.3.1

Compare Source

Released 2025-11-15

  • Don't discard pager arguments by correctly using subprocess.Popen. :issue:3039
    :pr:3055
  • Replace Sentinel.UNSET default values by None as they're passed through
    the Context.invoke() method. :issue:3066 :issue:3065 :pr:3068
  • Fix conversion of Sentinel.UNSET happening too early, which caused incorrect
    behavior for multiple parameters using the same name. :issue:3071 :pr:3079
  • Hide Sentinel.UNSET values as None when looking up for other parameters
    through the context inside parameter callbacks. :issue:3136 :pr:3137
  • Fix rendering when prompt and confirm parameter prompt_suffix is
    empty. :issue:3019 :pr:3021
  • When Sentinel.UNSET is found during parsing, it will skip calls to
    type_cast_value. :issue:3069 :pr:3090
duckdb/duckdb-python (duckdb)

v1.4.4: Bugfix Release

Compare Source

DuckDB core v1.4.4 Changelog: duckdb/duckdb@v1.4.3...v1.4.4

What's Changed in the Python Extension

Full Changelog: duckdb/duckdb-python@v1.4.3...v1.4.4

v1.4.3: Python DuckDB v1.4.3

Compare Source

What's Changed

New Contributors

Full Changelog: duckdb/duckdb-python@v1.4.2...v1.4.3

v1.4.2: Python DuckDB v1.4.2

Compare Source

This is a bug fix release for various issues discovered after we released v1.4.1.

Also see the DuckDB v1.4.2 Changelog.

What's Changed

Full Changelog: duckdb/duckdb-python@v1.4.1...v1.4.2

v1.4.1

Compare Source

DuckDB Core: v1.4.1

Bug Fixes
  • ADBC Driver: Fixed ADBC driver implementation (#​81)
  • SQLAlchemy compatibility: Added __hash__ method overload (#​61)
  • Error Handling: Reset PyErr before throwing Python exceptions (#​69)
  • Polars Lazyframes: Fixed Polars expression pushdown (#​102)
Code Quality Improvements & Developer Experience
  • MyPy Support: MyPy is functional again and better integrated with the dev workflow
  • Stubs: Re-created and manually curated stubs for the binary extension
  • Type Shadowing: Deprecated typing and functional modules
  • Linting & Formatting: Comprehensive code quality improvements with Ruff
  • Type Annotations: Added missing overloads and improved type coverage
  • Pre-commit Integration: Added ruff, clang-format, cmake-format and mypy configs
  • CI/CD: Added code quality workflow
fonttools/fonttools (fonttools)

v4.61.1

Compare Source

  • [otlLib] buildCoverage: return empty Coverage instead of None (#​4003, #​4004).
  • [instancer] bug fix in avar2 full instancing (#​4002).
  • [designspaceLib] Preserve empty conditionsets when serializing to XML (#​4001).
  • [fontBu ilder] Fix FontBuilder setupOS2() default params globally polluted (#​3996, #​3997).
  • [ttFont] Add more typing annotations to ttFont, xmlWriter, sfnt, varLib.models and others (#​3952, #​3826).
  • Explicitly test and declare support for Python 3.14, even though we were already shipping pre-built wheels for it (#​3990).

v4.61.0

Compare Source

  • [varLib.main]: SECURITY Only use basename(vf.filename) to prevent path traversal attacks when running fonttools varLib command-line script, or code which invokes fonttools.varLib.main(). Fixes CVE-2025-66034, see: GHSA-768j-98cg-p3fv.
  • [feaLib] Sort BaseLangSysRecords by tag (#​3986).
  • Drop support for EOL Python 3.9 (#​3982).
  • [instancer] Support --remove-overlaps for fonts with CFF2 table (#​3975).
  • [CFF2ToCFF] Add --remove-overlaps option (#​3976).
  • [feaLib] Raise an error for rsub with NULL target (#​3979).
  • [bezierTools] Fix logic bug in curveCurveIntersections (#​3963).
  • [feaLib] Error when condition sets have the same name (#​3958).
  • [cu2qu.ufo] skip processing empty glyphs to support sparse kerning masters (#​3956).
  • [unicodedata] Update to Unicode 17. Require unicodedata2 >= 17.0.0 when installed with 'unicode' extra.

v4.60.2

Compare Source

  • Backport release Same as 4.61.0 but without "Drop support for EOL Python 3.9" change to allow downstream projects still on Python 3.9 to avail of the security fix for CVE-2025-66034 (#​3994, #​3999).

v4.60.1

Compare Source

  • [ufoLib] Reverted accidental method name change in UFOReader.getKerningGroupConversionRenameMaps
    that broke compatibility with downstream projects like defcon (#​3948, #​3947, robotools/defcon#478).
  • [ufoLib] Added test coverage for getKerningGroupConversionRenameMaps method (#​3950).
  • [subset] Don't try to subset BASE table; pass it through by default instead (#​3949).
  • [subset] Remove empty BaseRecord entries in MarkBasePos lookups (#​3897, #​3892).
  • [subset] Add pruning for MarkLigPos and MarkMarkPos lookups (#​3946).
  • [subset] Remove duplicate features when subsetting (#​3945).
  • [Docs] Added documentation for the visitor module (#​3944).
kjd/idna (idna)

v3.11

Compare Source

pytest-dev/iniconfig (iniconfig)

v2.3.0

Compare Source

=====

  • add IniConfig.parse() classmethod with strip_inline_comments parameter (fixes #​55)
    • by default (strip_inline_comments=True), inline comments are properly stripped from values
    • set strip_inline_comments=False to preserve old behavior if needed
  • IniConfig() constructor maintains backward compatibility (does not strip inline comments)
  • users should migrate to IniConfig.parse() for correct comment handling
  • add strip_section_whitespace parameter to IniConfig.parse() (regarding #​4)
    • opt-in parameter to strip Unicode whitespace from section names
    • when True, strips Unicode whitespace (U+00A0, U+2000, U+3000, etc.) from section names
    • when False (default), preserves existing behavior for backward compatibility
  • clarify Unicode whitespace handling (regarding #​4)
    • since iniconfig 2.0.0 (Python 3 only), all strings are Unicode by default
    • Python 3's str.strip() has handled Unicode whitespace since Python 3.0 (2008)
    • iniconfig automatically benefits from this in all supported versions (Python >= 3.10)
    • key names and values have Unicode whitespace properly stripped using Python's built-in methods

v2.2.0

Compare Source

=====

  • drop Python 3.8 and 3.9 support (now requires Python >= 3.10)
  • add Python 3.14 classifier
  • migrate from hatchling to setuptools 77 with setuptools_scm
  • adopt PEP 639 license specifiers and PEP 740 build attestations
  • migrate from black + pyupgrade to ruff
  • migrate CI to uv and unified test workflow
  • automate GitHub releases and PyPI publishing via Trusted Publishing
  • include tests in sdist
  • modernize code for Python 3.10+ (remove future annotations, TYPE_CHECKING guards)
  • rename _ParsedLine to ParsedLine
ipython/ipython (ipython)

v9.10.0

Compare Source

v9.9.0

Compare Source

v9.8.0

Compare Source

v9.7.0

Compare Source

v9.6.0

Compare Source

v9.5.0

Compare Source

v9.4.0

Compare Source

v9.3.0

Compare Source

v9.2.0

Compare Source

pydantic/jiter (jiter)

v0.13.0

Compare Source

What's Changed

Full Changelog: pydantic/jiter@v0.12.0...v0.13.0

v0.12.0: 2025-11-09

Compare Source

What's Changed

Full Changelog: pydantic/jiter@v0.11.1...v0.12.0

v0.11.1: 2025-10-17

Compare Source

What's Changed
New Contributors

Full Changelog: pydantic/jiter@v0.11.0...v0.11.1

python-jsonschema/jsonschema (jsonschema)

v4.26.0

Compare Source

=======

  • Decrease import time by delaying importing of urllib.request (#​1416).
jupyter/jupyter_core (jupyter-core)

v5.9.1

Compare Source

v5.9.0

Compare Source

(Full Changelog)

Enhancements made
Bugs fixed
Maintenance and upkeep improvements
Documentation improvements
Contributors to this release

(GitHub contributors page for this release)

@​AThePeanut4 | @​Carreau | @​dependabot | @​krassowski | @​minrk | @​nikimagic | @​stonebig

loro-dev/loro-py (loro)

v1.10.3

Compare Source

v1.10.0

Compare Source

v1.8.2

[Compare Source](https://redirect.github.com/loro-dev/l

@coveralls
Copy link

coveralls commented Apr 25, 2025

Pull Request Test Coverage Report for Build 22127199315

Details

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 92.258%

Totals Coverage Status
Change from base Build 18002325789: 0.0%
Covered Lines: 143
Relevant Lines: 155

💛 - Coveralls

@renovate renovate bot force-pushed the renovate/all-minor-patch branch 10 times, most recently from 7a81baa to 6576ce8 Compare May 2, 2025 12:10
@renovate renovate bot force-pushed the renovate/all-minor-patch branch 10 times, most recently from c064051 to 9b13c19 Compare May 9, 2025 21:47
@renovate renovate bot force-pushed the renovate/all-minor-patch branch 8 times, most recently from 2174cf0 to b05cbbf Compare May 15, 2025 20:19
@renovate renovate bot force-pushed the renovate/all-minor-patch branch from b05cbbf to 5aa0ac0 Compare May 17, 2025 23:46
@renovate renovate bot force-pushed the renovate/all-minor-patch branch 12 times, most recently from 3d2fb7c to 611b94f Compare February 4, 2026 15:05
@renovate renovate bot force-pushed the renovate/all-minor-patch branch 6 times, most recently from 99cd10b to e8ef2a2 Compare February 12, 2026 17:03
@renovate renovate bot changed the title chore(deps): update all non-major dependencies fix(deps): update all non-major dependencies Feb 12, 2026
@renovate renovate bot force-pushed the renovate/all-minor-patch branch 9 times, most recently from 31cc607 to 2459a2b Compare February 17, 2026 01:42
@renovate renovate bot force-pushed the renovate/all-minor-patch branch from 2459a2b to ea4ccbb Compare February 18, 2026 04:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant

Comments