Skip to content

pip: bump the pip-updates group across 1 directory with 7 updates#1540

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/registrar/pip-updates-cfcfd4a56c
Open

pip: bump the pip-updates group across 1 directory with 7 updates#1540
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/registrar/pip-updates-cfcfd4a56c

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 16, 2026

Copy link
Copy Markdown
Contributor

Updates the requirements on anyio, cffi, fastapi, typing-extensions, uvicorn, ruff and coverage to permit the latest version.
Updates anyio from 4.14.1 to 4.14.2

Release notes

Sourced from anyio's releases.

4.14.2

  • Changed ByteReceiveStream.receive() implementations to raise a ValueError when max_bytes is not a positive integer (#1191)
  • Fixed CapacityLimiter.total_tokens rejecting float("inf") when the limiter was instantiated outside of an event loop. The adapter setter checked for infinity by identity (value is math.inf), so only the exact math.inf singleton was accepted, while every backend setter (using math.isinf()) accepts any positive infinity (#1189; PR by @​greymoth-jp).
  • Fixed to_process.run_sync() deadlocking when the worker function writes enough data to sys.stderr to fill the (undrained) pipe buffer. The worker process now redirects sys.stderr to os.devnull as well, matching the documented behavior
  • Fixed TLSStream.wrap() matching an internationalized (unicode) host name against the peer certificate using IDNA 2003 (via the standard library) instead of IDNA 2008, which could cause the host name to be matched against the wrong certificate (#1208)
  • Fixed anyio.open_process() (and run_process()) ignoring the extra_groups argument, as it mistakenly passed the value of the group argument instead (#1209)
  • Fixed CapacityLimiter.acquire_nowait() and CapacityLimiter.acquire_nowait_on_behalf_of() raising trio.WouldBlock instead of anyio.WouldBlock on the trio backend when there are no tokens available (#1218)
  • Fixed CapacityLimiter on the asyncio backend over-granting tokens (borrowed_tokens exceeding total_tokens and available_tokens going negative) when a non-blocking acquire was made in the window between a token being released and the notified waiter resuming. The freed token is now reserved for the woken waiter right away, so the non-blocking acquire correctly raises WouldBlock (#1170; PR by @​gaoflow)
  • Fixed unnecessary CPU spin when delivering cancellation from CancelScope on asyncio under certain conditions, including improper cancel scope nesting (#1111)
Commits
  • c384f99 Bumped up the version
  • dbba29d Fixed 100% CPU spin on cancel scope misuse (#1217)
  • 6bbc6c3 Fix CapacityLimiter over-granting tokens on asyncio (#1172)
  • 6f82b25 Refactored TestTLSStream.test_receive_invalid_max_bytes() to be less flaky
  • be24b04 Relaxed timeouts to fix test flakiness
  • 8113506 Fix test flakiness caused by slow callback duration logging
  • 1e988b6 Fixed CapacityLimiter raising trio.WouldBlock instead of anyio.WouldBlock (#1...
  • 44713f3 Pin setup-uv to a commit sha across downstream jobs (#1213)
  • f1b7301 Fixed stderr writes in a worker subprocess causing a deadlock (#1207)
  • 212be93 Fix flaky test_tcp_listener_same_port using a hardcoded port (#1206)
  • Additional commits viewable in compare view

Updates cffi from 2.0.0 to 2.1.0

Release notes

Sourced from cffi's releases.

v2.1.0

  • Added support for Python 3.15 and support for C extensions generated by CFFI to target the new abi3t free-threaded ABI.
  • Dropped support for Python 3.9.
  • Added cffi-gen-src CLI to generate CFFI C extension source for alternate build backend support.
  • Fixed crashes inside __delitem__.
  • Fixed "string too big" error under MSVC.
  • Fixed mingw builds.
  • Added support for arm64 iOS wheels.
Commits
  • d9f6f70 New release 2.1.0
  • 02a7b0e Misc pre-2.1 release/packaging cleanup (#253)
  • 1362e5d Move cffi-gen-src release note to 2.1.0 notes
  • a797055 Make error message when embedding version test fails more friendly
  • f1f40a8 Update changelog
  • dc62c93 Delete missed cp39 Windows builds
  • a341180 Update version numbers to prepare for v2.1 release
  • 9f04d85 Mark test using inet_ntoa as thread-unsafe
  • 5f12702 Fix flaky pytest-run-parallel CI crash
  • 26b3d3a Merge branch 'main' into integrate-buildtool
  • Additional commits viewable in compare view

Updates fastapi from 0.139.0 to 0.139.2

Release notes

Sourced from fastapi's releases.

0.139.2

Fixes

  • 🐛 Refactor router route building to make it thread-safe, mainly relevant for tests running in parallel threads (uncommon). PR #16013 by @​tiangolo.

0.139.1

Fixes

  • 🐛 Fix frontend fallback support for doted paths like /users/john.doe. PR #16011 by @​tiangolo.

Docs

  • 📝 Fix topic repository list not being displayed and skip_users not being applied. PR #15995 by @​YuriiMotov.

Translations

Internal

Commits
  • 866b7a3 🔖 Release version 0.139.2 (#16014)
  • 7b3effe 📝 Update release notes
  • 7fe315c 🐛 Refactor router route building to make it thread-safe, mainly relevant for ...
  • c48e67b 🔖 Release version 0.139.1 (#16012)
  • 2acc4fb 📝 Update release notes
  • eb75fd0 🐛 Fix frontend fallback support for doted paths like /users/john.doe (#16011)
  • 9b8410b 📝 Update release notes
  • e24d44c 📝 Fix topic repository list not being displayed and skip_users not being ap...
  • 93b78f8 📝 Update release notes
  • b959b44 📝 Update release notes
  • Additional commits viewable in compare view

Updates typing-extensions from 4.15.0 to 4.16.0

Release notes

Sourced from typing-extensions's releases.

4.16.0

No changes since 4.16.0rc2.

Changes since 4.15.0:

  • Make typing_extensions.TypeAliasType's __module__ attribute writable. Backport of CPython PR #149172.
  • Fix setting of __required_keys__ and __optional_keys__ when inheriting keys with the same name.
  • Add support for AsyncIterator, io.Reader, io.Writer and os.PathLike protocols as bases for other protocols.
  • Fix incorrect behaviour on Python 3.9 and Python 3.10 that meant that calling isinstance with typing_extensions.Concatenate[...] or typing_extensions.Unpack[...] as the first argument could have a different result in some situations depending on whether or not a profiling function had been set using sys.setprofile. This affected both CPython and PyPy implementations. Patch by Brian Schubert.
  • Fix __init_subclass__() behavior in the presence of multiple inheritance involving an @deprecated-decorated base class. Backport of CPython PR #138210 by Brian Schubert.
  • Raise TypeError when attempting to subclass typing_extensions.ParamSpec on Python 3.9. The typing implementation has always raised an error, and the typing_extensions implementation has raised an error on Python 3.10+ since typing_extensions v4.6.0. Patch by Brian Schubert.
  • Add the bound, covariant, contravariant, and infer_variance parameters to TypeVarTuple.
  • Officially support the bound, covariant, contravariant and infer_variance parameters to ParamSpec. Improve the validation of these parameters at runtime.
  • Rename typing_extensions.Sentinel to typing_extensions.sentinel, following the name that has been adopted for builtins.sentinel on Python 3.15. typing_extensions.Sentinel is retained as a soft-deprecated alias for backwards compatibility.
  • Add support for pickling sentinels.
  • Sentinels now preserve their identity when copied or deep-copied.
  • Deprecate passing name as a keyword argument or repr as a positional argument to the sentinel constructor.
  • The default repr of a sentinel X = sentinel("X") is now X rather than <X>.
  • Deprecate arbitrary attribute assignments to sentinels.
  • Deprecate subclassing sentinels.
  • Add support for Python 3.15.
  • Avoid a DeprecationWarning when deprecated is applied to a coroutine function on Python 3.14.0.

4.16.0rc2

Changes since 4.16.0rc1:

  • Avoid a DeprecationWarning when deprecated is applied to a coroutine function on Python 3.14.0.

Changes since 4.15.0:

  • Make typing_extensions.TypeAliasType's __module__ attribute writable. Backport of CPython PR #149172.
  • Fix setting of __required_keys__ and __optional_keys__ when inheriting keys with the same name.
  • Add support for AsyncIterator, io.Reader, io.Writer and os.PathLike protocols as bases for other protocols.
  • Fix incorrect behaviour on Python 3.9 and Python 3.10 that meant that calling isinstance with typing_extensions.Concatenate[...] or typing_extensions.Unpack[...] as the first argument could have a different result in some situations depending on whether or not a profiling function had been set using sys.setprofile. This affected both CPython and PyPy implementations. Patch by Brian Schubert.
  • Fix __init_subclass__() behavior in the presence of multiple inheritance involving an @deprecated-decorated base class. Backport of CPython PR #138210 by Brian Schubert.
  • Raise TypeError when attempting to subclass typing_extensions.ParamSpec on Python 3.9. The typing implementation has always raised an error, and the typing_extensions implementation has raised an error on Python 3.10+ since typing_extensions v4.6.0. Patch by Brian Schubert.
  • Add the bound, covariant, contravariant, and infer_variance parameters to TypeVarTuple.
  • Officially support the bound, covariant, contravariant and infer_variance parameters to ParamSpec. Improve the validation of these parameters at runtime.
  • Rename typing_extensions.Sentinel to typing_extensions.sentinel, following the name that has been adopted for builtins.sentinel on Python 3.15. typing_extensions.Sentinel is retained as a soft-deprecated alias for backwards compatibility.
  • Add support for pickling sentinels.
  • Sentinels now preserve their identity when copied or deep-copied.
  • Deprecate passing name as a keyword argument or repr as a positional argument to the sentinel constructor.
  • The default repr of a sentinel X = sentinel("X") is now X rather than <X>.
  • Deprecate arbitrary attribute assignments to sentinels.
  • Deprecate subclassing sentinels.
  • Add support for Python 3.15.

4.16.0rc1

  • Make typing_extensions.TypeAliasType's __module__ attribute writable. Backport of CPython PR #149172.
  • Fix setting of __required_keys__ and __optional_keys__ when inheriting keys with the same name.

... (truncated)

Changelog

Sourced from typing-extensions's changelog.

Release 4.16.0 (July 2, 2025)

No user-facing changes since 4.16.0rc2.

Release 4.16.0rc2 (June 25, 2026)

  • Avoid a DeprecationWarning when deprecated is applied to a coroutine function on Python 3.14.0.

Release 4.16.0rc1 (June 24, 2026)

  • Make typing_extensions.TypeAliasType's __module__ attribute writable. Backport of CPython PR #149172.
  • Fix setting of __required_keys__ and __optional_keys__ when inheriting keys with the same name.
  • Add support for AsyncIterator, io.Reader, io.Writer and os.PathLike protocols as bases for other protocols.
  • Fix incorrect behaviour on Python 3.9 and Python 3.10 that meant that calling isinstance with typing_extensions.Concatenate[...] or typing_extensions.Unpack[...] as the first argument could have a different result in some situations depending on whether or not a profiling function had been set using sys.setprofile. This affected both CPython and PyPy implementations. Patch by Brian Schubert.
  • Fix __init_subclass__() behavior in the presence of multiple inheritance involving an @deprecated-decorated base class. Backport of CPython PR #138210 by Brian Schubert.
  • Raise TypeError when attempting to subclass typing_extensions.ParamSpec on Python 3.9. The typing implementation has always raised an error, and the typing_extensions implementation has raised an error on Python 3.10+ since typing_extensions v4.6.0. Patch by Brian Schubert.
  • Add the bound, covariant, contravariant, and infer_variance parameters to TypeVarTuple.
  • Officially support the bound, covariant, contravariant and infer_variance parameters to ParamSpec. Improve the validation of these parameters at runtime.
  • Rename typing_extensions.Sentinel to typing_extensions.sentinel, following the name that has been adopted for builtins.sentinel on Python 3.15. typing_extensions.Sentinel is retained as a soft-deprecated alias for backwards compatibility.
  • Add support for pickling sentinels.
  • Sentinels now preserve their identity when copied or deep-copied.
  • Deprecate passing name as a keyword argument or repr as a positional argument to the sentinel constructor.
  • The default repr of a sentinel X = sentinel("X") is now X rather than <X>.
  • Deprecate arbitrary attribute assignments to sentinels.
  • Deprecate subclassing sentinels.
  • Add support for Python 3.15.
Commits

Updates uvicorn from 0.49.0 to 0.51.0

Release notes

Sourced from uvicorn's releases.

Version 0.51.0

What's Changed

Full Changelog: Kludex/uvicorn@0.50.2...0.51.0

Version 0.50.1

What's Changed

New Contributors

Full Changelog: Kludex/uvicorn@0.50.0...0.50.1

Version 0.50.0

What's Changed

Full Changelog: Kludex/uvicorn@0.49.0...0.50.0

Changelog

Sourced from uvicorn's changelog.

0.51.0 (July 8, 2026)

Added

  • Restart workers one at a time on SIGHUP, bringing each replacement up before retiring the old worker, so reloads no longer drop requests (#3025)

Removed

  • Remove colorama from the standard extra (#3027)

0.50.2 (July 6, 2026)

Fixed

  • Require websockets>=13.0, which the default websockets-sansio implementation needs (#3021)

0.50.1 (July 6, 2026)

Fixed

  • Split comma-separated Sec-WebSocket-Protocol values in the websockets-sansio implementation (#3019)

0.50.0 (July 4, 2026)

If you use WebSockets, note that --ws auto now picks the websockets-sansio implementation. You shouldn't need it, but you can pin --ws websockets to get the deprecated legacy one back.

Changed

  • Exit with the dedicated code 3 on any startup failure: app loading, socket bind and lifespan startup errors previously exited with a mix of 0, 1 and 3 (#3001)
  • Stop the multiprocess supervisor when a worker exits with code 3 instead of restarting it forever (#3001)
  • Default --ws auto to websockets-sansio when websockets is installed (#2985)
  • Skip the eager app import in the parent process with --reload or --workers, fixing a memory regression introduced in 0.47.0 (#3012)
  • Build a fresh asgi scope dict per request (#2977)
  • Cache the asgi scope sub-dict per connection (#2976)
  • Avoid copying single-frame WebSocket payloads in websockets-sansio (#2983)
  • Memoize trusted host checks in ProxyHeadersMiddleware (#2970)
  • Replace click.style with an internal ANSI style helper (#2981)

Deprecated

  • Deprecate the legacy websockets implementation; use websockets-sansio or wsproto instead (#2985)
Commits
  • e4d0b05 Version 0.51.0 (#3028)
  • 944e43d Remove colorama from the standard extra (#3027)
  • 2e78770 Restart workers with overlap on SIGHUP for near-zero-downtime reloads (#3025)
  • a1b570c Version 0.50.2 (#3022)
  • 83c7da7 Require websockets>=13.0 for the default sansio implementation (#3021)
  • b4d0116 Version 0.50.1 (#3020)
  • 2a9151d Split comma-separated Sec-WebSocket-Protocol values in the websockets-sansi...
  • 1bf3ab4 Cover the excluded-directory branch in FileFilter with a direct test (#3014)
  • 837b5f9 Deflake multiprocess, reload, and signal supervisor tests (#2975)
  • 21d2c16 Version 0.50.0 (#3013)
  • Additional commits viewable in compare view

Updates ruff to 0.15.22

Release notes

Sourced from ruff's releases.

0.15.22

Release Notes

Released on 2026-07-16.

Preview features

  • [pycodestyle] Add an autofix for E402 (#22212)
  • [refurb] Allow subclassing builtins in stub files (FURB189) (#26812)
  • [ruff] Add rule to replace noqa comments with ruff:ignore (RUF105) (#26423)
  • [ruff] Add rule to use human-readable names in ruff:ignore comments (RUF106) (#26682)
  • [ruff] Add rule to use human-readable names in configuration selectors (RUF201) (#26772)

Bug fixes

  • [flake8-pyi] Fix false positive in __all__ (PYI053) (#26872)

Rule changes

  • [pylint] Ignore mutable type updates in redefined-loop-name (PLW2901) (#25733)

Performance

  • Avoid redundant lexer token bookkeeping (#26765)
  • Avoid redundant pending-indentation writes (#26774)
  • Avoid unnecessary identifier lookahead (#26525)
  • Reuse parser scratch buffers (#26798)

Documentation

  • Document argfile support (#26803)
  • [flake8-datetimez] Clarify naming guidance for datetime.today (DTZ002) (#26658)
  • [pycodestyle] Document E731 fix safety (#26847)
  • [ruff] Clarify intentional async contexts for unused-async (RUF029) (#26641)

Contributors

Install ruff 0.15.22

Install prebuilt binaries via shell script

</tr></table> 

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.22

Released on 2026-07-16.

Preview features

  • [pycodestyle] Add an autofix for E402 (#22212)
  • [refurb] Allow subclassing builtins in stub files (FURB189) (#26812)
  • [ruff] Add rule to replace noqa comments with ruff:ignore (RUF105) (#26423)
  • [ruff] Add rule to use human-readable names in ruff:ignore comments (RUF106) (#26682)
  • [ruff] Add rule to use human-readable names in configuration selectors (RUF201) (#26772)

Bug fixes

  • [flake8-pyi] Fix false positive in __all__ (PYI053) (#26872)

Rule changes

  • [pylint] Ignore mutable type updates in redefined-loop-name (PLW2901) (#25733)

Performance

  • Avoid redundant lexer token bookkeeping (#26765)
  • Avoid redundant pending-indentation writes (#26774)
  • Avoid unnecessary identifier lookahead (#26525)
  • Reuse parser scratch buffers (#26798)

Documentation

  • Document argfile support (#26803)
  • [flake8-datetimez] Clarify naming guidance for datetime.today (DTZ002) (#26658)
  • [pycodestyle] Document E731 fix safety (#26847)
  • [ruff] Clarify intentional async contexts for unused-async (RUF029) (#26641)

Contributors

0.15.21

Released on 2026-07-09.

Preview features

... (truncated)

Commits

Updates coverage to 7.15.2

Release notes

Sourced from coverage's releases.

7.15.2

Version 7.15.2 — 2026-07-15

  • Fix: one of the performance improvements in 7.15.1 (pull 2215) dramatically increased memory use during reporting for large projects. Now we use a different approach that is both faster and slimmer than 7.15.0. Fixes issue 2229.

➡️  PyPI page: coverage 7.15.2. :arrow_right:  To install: python3 -m pip install coverage==7.15.2

Changelog

Sourced from coverage's changelog.

Version 7.15.2 — 2026-07-15

  • Fix: one of the performance improvements in 7.15.1 (pull 2215) dramatically increased memory use during reporting for large projects. Now we use a different approach that is both faster and slimmer than 7.15.0. Fixes issue 2229_.

.. _issue 2229: coveragepy/coveragepy#2229

.. _changes_7-15-1:

Version 7.15.1 — 2026-07-12

  • Fix: in the HTML report with show_contexts enabled, a context label containing </script> (for example a parametrized pytest node id) could close the inline <script> element in a file page early, injecting markup. Context labels are now fully escaped. Thanks, Rajath Mohare <pull 2224_>_.

  • A number of performance improvements thanks to Paul Kehrer, in pull requests 2213 <pull 2213_>, 2214 <pull 2214_>, 2215 <pull 2215_>, 2216 <pull 2216_>, 2218 <pull 2218_>, 2220 <pull 2220_>, and 2221 <pull 2221_>_.

.. _pull 2213: coveragepy/coveragepy#2213 .. _pull 2214: coveragepy/coveragepy#2214 .. _pull 2215: coveragepy/coveragepy#2215 .. _pull 2216: coveragepy/coveragepy#2216 .. _pull 2218: coveragepy/coveragepy#2218 .. _pull 2220: coveragepy/coveragepy#2220 .. _pull 2221: coveragepy/coveragepy#2221 .. _pull 2224: coveragepy/coveragepy#2224

.. _changes_7-15-0:

Version 7.15.0 — 2026-07-02

  • Since 7.14.0, reporting commands implicitly combine parallel data files. Now those commands have a new option --keep-combined to retain the data files after combining them instead of the default, which is to delete them. Finishes issue 2198_.

  • Fix: the LCOV report would incorrectly count excluded functions as uncovered, as described in issue 2205. This is now fixed thanks to Martin Kuntz Jacobsen <pull 2206_>.

  • When running your program, coverage now correctly sets

... (truncated)

Commits
  • 50d8659 docs: sample HTML for 7.15.2
  • b5eed20 docs: prep for 7.15.2
  • 78cab6e fix: reduce memory use during reporting. #2229 (#2231)
  • b4c1fda build: bump version to 7.15.2
  • da63bed docs: sample HTML for 7.15.1
  • bc35e64 docs: prep for 7.15.1
  • 182b010 perf: resolve sysmon branch events lazily, one pair at a time (#2221)
  • ee271ee perf: compute multiline maps cheaply in the sysmon core (#2220)
  • 1441b96 chore: bump the action-dependencies group with 6 updates (#2225)
  • dd80635 fix: escape context labels in html report inline script block (#2224)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Updates the requirements on [anyio](https://github.com/agronholm/anyio), [cffi](https://github.com/python-cffi/cffi), [fastapi](https://github.com/fastapi/fastapi), [typing-extensions](https://github.com/python/typing_extensions), [uvicorn](https://github.com/Kludex/uvicorn), [ruff](https://github.com/astral-sh/ruff) and [coverage](https://github.com/coveragepy/coveragepy) to permit the latest version.

Updates `anyio` from 4.14.1 to 4.14.2
- [Release notes](https://github.com/agronholm/anyio/releases)
- [Commits](agronholm/anyio@4.14.1...4.14.2)

Updates `cffi` from 2.0.0 to 2.1.0
- [Release notes](https://github.com/python-cffi/cffi/releases)
- [Commits](python-cffi/cffi@v2.0.0...v2.1.0)

Updates `fastapi` from 0.139.0 to 0.139.2
- [Release notes](https://github.com/fastapi/fastapi/releases)
- [Commits](fastapi/fastapi@0.139.0...0.139.2)

Updates `typing-extensions` from 4.15.0 to 4.16.0
- [Release notes](https://github.com/python/typing_extensions/releases)
- [Changelog](https://github.com/python/typing_extensions/blob/main/CHANGELOG.md)
- [Commits](python/typing_extensions@4.15.0...4.16.0)

Updates `uvicorn` from 0.49.0 to 0.51.0
- [Release notes](https://github.com/Kludex/uvicorn/releases)
- [Changelog](https://github.com/Kludex/uvicorn/blob/main/docs/release-notes.md)
- [Commits](Kludex/uvicorn@0.49.0...0.51.0)

Updates `ruff` to 0.15.22
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.20...0.15.22)

Updates `coverage` to 7.15.2
- [Release notes](https://github.com/coveragepy/coveragepy/releases)
- [Changelog](https://github.com/coveragepy/coveragepy/blob/main/CHANGES.rst)
- [Commits](coveragepy/coveragepy@7.14.3...7.15.2)

---
updated-dependencies:
- dependency-name: anyio
  dependency-version: 4.14.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-updates
- dependency-name: cffi
  dependency-version: 2.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-updates
- dependency-name: fastapi
  dependency-version: 0.139.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-updates
- dependency-name: typing-extensions
  dependency-version: 4.16.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-updates
- dependency-name: uvicorn
  dependency-version: 0.51.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-updates
- dependency-name: ruff
  dependency-version: 0.15.22
  dependency-type: direct:production
  dependency-group: pip-updates
- dependency-name: coverage
  dependency-version: 7.15.2
  dependency-type: direct:production
  dependency-group: pip-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added automation This issue or pull request was created by automation pip-update This pull request updates a pip package registrar This issue or pull request affects the registrar labels Jul 16, 2026
@dependabot
dependabot Bot requested a review from a team as a code owner July 16, 2026 21:04
@dependabot dependabot Bot added registrar This issue or pull request affects the registrar automation This issue or pull request was created by automation pip-update This pull request updates a pip package labels Jul 16, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

automation This issue or pull request was created by automation pip-update This pull request updates a pip package registrar This issue or pull request affects the registrar

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant