chore(deps)(deps): bump the security-updates group across 1 directory with 31 updates by dependabot[bot] · Pull Request #241 · blairmichaelg/secbrain

dependabot · 2026-06-04T03:45:02Z

Bumps the security-updates group with 28 updates in the /secbrain directory:

Package	From	To
typer	`0.21.1`	`0.26.7`
pydantic	`2.12.5`	`2.13.4`
pydantic-settings	`2.12.0`	`2.14.1`
openai	`2.14.0`	`2.41.0`
eth-hash	`0.7.1`	`0.8.0`
pytest	`9.0.2`	`9.0.3`
pytest-asyncio	`1.3.0`	`1.4.0`
pytest-cov	`7.0.0`	`7.1.0`
ruff	`0.14.10`	`0.15.15`
anyio	`4.12.1`	`4.13.0`
certifi	`2026.1.4`	`2026.5.20`
charset-normalizer	`3.4.4`	`3.4.7`
google-api-core	`2.28.1`	`2.31.0`
google-api-python-client	`2.187.0`	`2.197.0`
google-auth	`2.47.0`	`2.53.0`
google-auth-httplib2	`0.3.0`	`0.4.0`
googleapis-common-protos	`1.72.0`	`1.75.0`
grpcio	`1.76.0`	`1.81.0`
httplib2	`0.31.0`	`0.31.2`
idna	`3.11`	`3.18`
jiter	`0.12.0`	`0.15.0`
markdown-it-py	`4.0.0`	`4.2.0`
proto-plus	`1.27.0`	`1.28.0`
pyasn1	`0.6.1`	`0.6.3`
pyparsing	`3.3.1`	`3.3.2`
python-dotenv	`1.2.1`	`1.2.2`
tqdm	`4.67.1`	`4.67.3`
urllib3	`2.6.3`	`2.7.0`

Updates typer from 0.21.1 to 0.26.7

Release notes

Sourced from typer's releases.

0.26.7

Fixes

🐛 Respect wait=False when launching URLs with xdg-open. PR #1820 by @patrick91.

0.26.6

Fixes

🐛 Ensure that the default of a list argument is used correctly. PR #1821 by @svlandeg.

Internal

👷 Speed up the CI by shuffling the test matrix. PR #1815 by @svlandeg.

0.26.5

Fixes

🐛 Ensure that hidden commands are not shown when Rich markup is disabled. PR #1812 by @svlandeg.

Internal

🔥 Remove old stub packages. PR #1810 by @tiangolo.

0.26.4

Features

📝 Update AI Library Skill to avoid verbose code for CLI Options. PR #1808 by @tiangolo.

Internal

👷 Add CI to create draft release after merging a release PR. PR #1807 by @tiangolo.

👷 Update labeler to accept label release. PR #1806 by @tiangolo.

👷 Update GitHub Action permissions for prepare-release. PR #1804 by @tiangolo.

👷 Add GitHub Actions prepare release workflow. PR #1802 by @tiangolo.

👷 Update publish action, do not use uv cache. PR #1803 by @tiangolo.

⬆ Bump the python-packages group across 1 directory with 5 updates. PR #1793 by @dependabot[bot].

0.26.3

Refactors

♻️ Unify the testing functionality. PR #1792 by @svlandeg.

Internal

👷 Update version of latest-changes GitHub action. PR #1798 by @tiangolo.

0.26.2

Fixes

🐛 Ensure that an envvar set for a typer.Option list is split on whitespace. PR #1791 by @svlandeg.

... (truncated)

Changelog

Sourced from typer's changelog.

0.26.7 (2026-06-03)

Fixes

🐛 Respect wait=False when launching URLs with xdg-open. PR #1820 by @patrick91.

0.26.6 (2026-06-02)

Fixes

🐛 Ensure that the default of a list argument is used correctly. PR #1821 by @svlandeg.

Internal

👷 Speed up the CI by shuffling the test matrix. PR #1815 by @svlandeg.

0.26.5 (2026-06-01)

Fixes

🐛 Ensure that hidden commands are not shown when Rich markup is disabled. PR #1812 by @svlandeg.

Internal

🔥 Remove old stub packages. PR #1810 by @tiangolo.

0.26.4 (2026-05-30)

Features

📝 Update AI Library Skill to avoid verbose code for CLI Options. PR #1808 by @tiangolo.

Internal

👷 Add CI to create draft release after merging a release PR. PR #1807 by @tiangolo.

👷 Update labeler to accept label release. PR #1806 by @tiangolo.

👷 Update GitHub Action permissions for prepare-release. PR #1804 by @tiangolo.

👷 Add GitHub Actions prepare release workflow. PR #1802 by @tiangolo.

👷 Update publish action, do not use uv cache. PR #1803 by @tiangolo.

⬆ Bump the python-packages group across 1 directory with 5 updates. PR #1793 by @dependabot[bot].

0.26.3 (2026-05-28)

Refactors

♻️ Unify the testing functionality. PR #1792 by @svlandeg.

Internal

👷 Update version of latest-changes GitHub action. PR #1798 by @tiangolo.

... (truncated)

Commits

4e10334 🔖 Release version 0.26.7 (#1823)
08a8a03 📝 Update release notes
8e75bc3 🐛 Respect wait=False when launching URLs with xdg-open (#1820)
d2e002a 🔖 Release version 0.26.6 (#1822)
2fe5d0c 📝 Update release notes
06fce7d 🐛 Ensure that the default of a list argument is used correctly (#1821)
7f888b2 📝 Update release notes
2e9bf9e 👷 Speed up the CI by shuffling the test matrix (#1815)
1888fa2 🔖 Release version 0.26.5 (#1813)
a493a98 📝 Update release notes
Additional commits viewable in compare view

Updates pydantic from 2.12.5 to 2.13.4

Release notes

Sourced from pydantic's releases.

v2.13.4 2026-05-06

v2.13.4 (2026-05-06)

What's Changed

Packaging

Bump libc from 0.2.155 to 0.2.185 by @Viicos in #13109

Adapt pydantic-core linker flags on macOS by @washingtoneg and @Viicos in #13147

Fixes

Preserve RootModel core metadata by @Viicos in #13129

Full Changelog: pydantic/pydantic@v2.13.3...v2.13.4

v2.13.3 2026-04-20

v2.13.3 (2026-04-20)

What's Changed

Fixes

Handle AttributeError subclasses with from_attributes by @Viicos in #13096

Full Changelog: pydantic/pydantic@v2.13.2...v2.13.3

v2.13.2 2026-04-17

v2.13.2 (2026-04-17)

What's Changed

Fixes

Fix ValidationInfo.field_name missing with model_validate_json() by @Viicos in #13084

Full Changelog: pydantic/pydantic@v2.13.1...v2.13.2

v2.13.1 2026-04-15

v2.13.1 (2026-04-15)

What's Changed

Fixes

Fix ValidationInfo.data missing with model_validate_json() by @davidhewitt in #13079

Full Changelog: pydantic/pydantic@v2.13.0...v2.13.1

v2.13.0 2026-04-13

... (truncated)

Changelog

Sourced from pydantic's changelog.

v2.13.4 (2026-05-06)

GitHub release

What's Changed

Packaging

Bump libc from 0.2.155 to 0.2.185 by @Viicos in #13109

Adapt pydantic-core linker flags on macOS by @washingtoneg and @Viicos in #13147

Fixes

Preserve RootModel core metadata by @Viicos in #13129

v2.13.3 (2026-04-20)

GitHub release

What's Changed

Fixes

Handle AttributeError subclasses with from_attributes by @Viicos in #13096

v2.13.2 (2026-04-17)

GitHub release

What's Changed

Fixes

Fix ValidationInfo.field_name missing with model_validate_json() by @Viicos in #13084

v2.13.1 (2026-04-15)

GitHub release

What's Changed

Fixes

Fix ValidationInfo.data missing with model_validate_json() by @davidhewitt in #13079

v2.13.0 (2026-04-13)

GitHub release

The highlights of the v2.13 release are available in the blog post.

... (truncated)

Commits

cf67d4b Fix linting
f0d8a21 Prepare release v2.13.4
5e3fe1d Check for pydantic tag pattern in CI
7f9edcc Document tagging conventions
b46a0c9 Adapt pydantic-core linker flags on macOS
50629c8 Update to PyPy 7.3.22
8522ebb Preserve RootModel core metadata
a37f3af Adapt MISSING sentinel test to work with unreleased typing_extensions ver...
909259a Remove Logfire example in documentation
2c4174c Bump libc from 0.2.155 to 0.2.185
Additional commits viewable in compare view

Updates pydantic-settings from 2.12.0 to 2.14.1

Release notes

Sourced from pydantic-settings's releases.

v2.14.1

What's Changed

Bump the python-packages group with 4 updates by @dependabot[bot] in pydantic/pydantic-settings#850

Bump the python-packages group with 5 updates by @dependabot[bot] in pydantic/pydantic-settings#854

Bump the github-actions group with 3 updates by @dependabot[bot] in pydantic/pydantic-settings#853

Bump the python-packages group with 2 updates by @dependabot[bot] in pydantic/pydantic-settings#856

Fix field named cls conflicting with classmethod parameter by @hramezani in pydantic/pydantic-settings#858

Prepare release 2.14.1 by @hramezani in pydantic/pydantic-settings#859

Full Changelog: pydantic/pydantic-settings@v2.14.0...v2.14.1

v2.14.0

What's Changed

Fix parsing env vars into Optional Strict types by @hramezani in pydantic/pydantic-settings#792

Fix RecursionError with mutually recursive models in CLI by @hramezani in pydantic/pydantic-settings#794

Fix env_file from model_config ignored in CliApp.run() (#795) by @hramezani in pydantic/pydantic-settings#796

Update dependencies by @hramezani in pydantic/pydantic-settings#798

Add Dependabot configuration by @hramezani in pydantic/pydantic-settings#801

Bump samuelcolvin/check-python-version from 4.1 to 5 by @dependabot[bot] in pydantic/pydantic-settings#802

Bump actions/upload-artifact from 4 to 7 by @dependabot[bot] in pydantic/pydantic-settings#803

Bump actions/checkout from 4 to 6 by @dependabot[bot] in pydantic/pydantic-settings#804

Bump astral-sh/setup-uv from 5 to 7 by @dependabot[bot] in pydantic/pydantic-settings#805

Bump actions/setup-python from 5 to 6 by @dependabot[bot] in pydantic/pydantic-settings#806

Ignore chardet and group GitHub Actions in Dependabot by @hramezani in pydantic/pydantic-settings#808

Bump actions/download-artifact from 4 to 8 in the github-actions group by @dependabot[bot] in pydantic/pydantic-settings#809

Bump the python-packages group with 2 updates by @dependabot[bot] in pydantic/pydantic-settings#810

Support reading .env files from FIFOs (e.g. 1Password Environments) by @JacobHayes in pydantic/pydantic-settings#776

Fix AliasChoices ignored when changing provider priority by @hramezani in pydantic/pydantic-settings#813

fix: resolve KeyError in run_subcommand for underscore field names by @bradykieffer in pydantic/pydantic-settings#799

Bump the python-packages group with 3 updates by @dependabot[bot] in pydantic/pydantic-settings#814

Fix Literal[numeric Enum] coercion for CLI and env vars by @m9810223 in pydantic/pydantic-settings#811

Fix nested discriminated unions not discovered by env/CLI providers by @hramezani in pydantic/pydantic-settings#816

Bump the python-packages group with 3 updates by @dependabot[bot] in pydantic/pydantic-settings#820

CLI ensure env nested max split internally. by @kschwab in pydantic/pydantic-settings#821

Bump the python-packages group with 4 updates by @dependabot[bot] in pydantic/pydantic-settings#824

Migrate boto3-stubs to types-boto3 by @hramezani in pydantic/pydantic-settings#831

Fix CLI not recognizing field name with validate_by_name and AliasChoices by @hramezani in pydantic/pydantic-settings#826

Allow customisation of the dotevn setting source to filter variables by @CaselIT in pydantic/pydantic-settings#832

Bump the python-packages group with 3 updates by @dependabot[bot] in pydantic/pydantic-settings#833

Introduce yamlfmt by @Viicos in pydantic/pydantic-settings#836

Bump boto3 from 1.42.82 to 1.42.83 in the python-packages group by @dependabot[bot] in pydantic/pydantic-settings#837

Introduce zizmor by @Viicos in pydantic/pydantic-settings#838

Fix CliPositionalArg[list[CustomType]] crash for custom types by @hramezani in pydantic/pydantic-settings#839

Add note about Mypy plugin for BaseSettings.__init__() by @Viicos in pydantic/pydantic-settings#842

Fix cli_ignore_unknown_args=True not working on subcommands by @hramezani in pydantic/pydantic-settings#844

Bump the python-packages group with 4 updates by @dependabot[bot] in pydantic/pydantic-settings#847

Fix CLI descriptions lost under python -OO by falling back to json_schema_extra by @hramezani in pydantic/pydantic-settings#843

Prepare release 2.14.0 by @hramezani in pydantic/pydantic-settings#848

... (truncated)

Commits

e95c30b Prepare release 2.14.1 (#859)
0c87345 Fix field named cls conflicting with classmethod parameter (#858)
7bd0072 Bump the python-packages group with 2 updates (#856)
b03e573 Bump the github-actions group with 3 updates (#853)
eaa3b43 Bump the python-packages group with 5 updates (#854)
9f95615 Bump the python-packages group with 4 updates (#850)
8916bee Prepare release 2.14.0 (#848)
39e551c Fix CLI descriptions lost under python -OO by falling back to `json_schema_...
9ed7f48 Bump the python-packages group with 4 updates (#847)
617c690 Fix cli_ignore_unknown_args=True not working on subcommands (#844)
Additional commits viewable in compare view

Updates openai from 2.14.0 to 2.41.0

Release notes

Sourced from openai's releases.

v2.41.0

2.41.0 (2026-06-03)

Full Changelog: v2.40.0...v2.41.0

Features

api: responses.moderation and chat_completions.moderation (87e46c2)

v2.40.0

2.40.0 (2026-06-01)

Full Changelog: v2.39.0...v2.40.0

Features

api: Add Amazon Bedrock Responses support

Bug Fixes

api: allow setting bedrock api keys on the client directly (4d5bfde)

v2.39.0

2.39.0 (2026-06-01)

Full Changelog: v2.38.0...v2.39.0

Features

api: workload identity in audit logs, additional_tools item in responses, fix ActionSearch.query to be optional. (ab60d7a)

v2.38.0

2.38.0 (2026-05-21)

Full Changelog: v2.37.0...v2.38.0

Features

api: api update (33d1d01)

api: manual updates (a21700a)

api: update OpenAPI spec or Stainless config (00265c5)

Chores

api: docs updates (ee10152)

check release PR custom code sync (2638779)

remove release automation trigger (bd6eea5)

trigger release automation (f62d082)

v2.37.0

... (truncated)

Changelog

Sourced from openai's changelog.

2.41.0 (2026-06-03)

Full Changelog: v2.40.0...v2.41.0

Features

api: responses.moderation and chat_completions.moderation (87e46c2)

2.40.0 (2026-06-01)

Full Changelog: v2.39.0...v2.40.0

Features

api: Add Amazon Bedrock Responses support

Bug Fixes

api: allow setting bedrock api keys on the client directly (4d5bfde)

2.39.0 (2026-06-01)

Full Changelog: v2.38.0...v2.39.0

Features

api: workload identity in audit logs, additional_tools item in responses, fix ActionSearch.query to be optional. (ab60d7a)

2.38.0 (2026-05-21)

Full Changelog: v2.37.0...v2.38.0

Features

api: api update (33d1d01)

api: manual updates (a21700a)

api: update OpenAPI spec or Stainless config (00265c5)

Chores

api: docs updates (ee10152)

check release PR custom code sync (2638779)

remove release automation trigger (bd6eea5)

trigger release automation (f62d082)

2.37.0 (2026-05-13)

Full Changelog: v2.36.0...v2.37.0

Features

... (truncated)

Commits

2d955a1 Merge pull request #3359 from openai/release-please--branches--main--changes-...
519cd02 release: 2.41.0
87e46c2 feat(api): responses.moderation and chat_completions.moderation
a28a3f6 Merge pull request #3352 from openai/release-please--branches--main--changes-...
db6ccaf Update CHANGELOG.md
2264f70 release: 2.40.0
4d5bfde fix(api): allow setting bedrock api keys on the client directly
ccef143 Merge pull request #3326 from openai/codex/bedrock-responses-review
a50ff0a Fix Bedrock with_options overrides
fdf4901 codegen metadata
Additional commits viewable in compare view

Updates eth-hash from 0.7.1 to 0.8.0

Changelog

Sourced from eth-hash's changelog.

eth-hash v0.8.0 (2026-03-25)

No significant changes.

eth-hash v0.8.0-beta.1 (2025-12-17)

Breaking Changes


- Drop support for Python 3.8 and 3.9 (`[#66](https://github.com/ethereum/eth-hash/issues/66) <https://github.com/ethereum/eth-hash/issues/66>`__)
Features

- Add support for Python 3.14 (`[#66](https://github.com/ethereum/eth-hash/issues/66) &lt;https://github.com/ethereum/eth-hash/issues/66&gt;`__)
</code></pre>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>

<li><a href="https://github.com/ethereum/eth-hash/commit/b599a9632c696d0fb63b1903e79b0608f302e4d2&quot;&gt;&lt;code&gt;b599a96&lt;/code&gt;&lt;/a> Bump version: 0.8.0-beta.1 → 0.8.0</li>

<li><a href="https://github.com/ethereum/eth-hash/commit/3651eea939a90c08328bb69fbbc061c1544c34a7&quot;&gt;&lt;code&gt;3651eea&lt;/code&gt;&lt;/a> Compile release notes for v0.8.0</li>

<li><a href="https://github.com/ethereum/eth-hash/commit/fe118e793e1e626762120419bf72548b8f2ec604&quot;&gt;&lt;code&gt;fe118e7&lt;/code&gt;&lt;/a> Bump version: 0.7.1 → 0.8.0-beta.1</li>

<li><a href="https://github.com/ethereum/eth-hash/commit/e2a6b53d8eddb12c4e0ab9534cf31b134c3d2da4&quot;&gt;&lt;code&gt;e2a6b53&lt;/code&gt;&lt;/a> Compile release notes for v0.8.0-beta.1</li>

<li><a href="https://github.com/ethereum/eth-hash/commit/d1b733ecb7ef7ffe86c9701cf333c55bab8bfb80&quot;&gt;&lt;code&gt;d1b733e&lt;/code&gt;&lt;/a> Merge pull request <a href="https://redirect.github.com/ethereum/eth-hash/issues/66&quot;&gt;#66&lt;/a> from kclowes/template-upgrade</li>

<li><a href="https://github.com/ethereum/eth-hash/commit/c97025fb0df6c9389feb795b03aa8fca832f6c7c&quot;&gt;&lt;code&gt;c97025f&lt;/code&gt;&lt;/a> Add newsfragments for <a href="https://redirect.github.com/ethereum/eth-hash/issues/66&quot;&gt;#66&lt;/a&gt;&lt;/li>

<li><a href="https://github.com/ethereum/eth-hash/commit/b17284c4c9ea8da04f70c994136dd8aeadfca968&quot;&gt;&lt;code&gt;b17284c&lt;/code&gt;&lt;/a> lint</li>

<li><a href="https://github.com/ethereum/eth-hash/commit/62b4055a18a683e637489699b31b07fcd76c2e28&quot;&gt;&lt;code&gt;62b4055&lt;/code&gt;&lt;/a> Fix typing</li>

<li><a href="https://github.com/ethereum/eth-hash/commit/75a75ab080513d4b15946a6e3ec8ade9b8168f6b&quot;&gt;&lt;code&gt;75a75ab&lt;/code&gt;&lt;/a> Fix docs build</li>

<li><a href="https://github.com/ethereum/eth-hash/commit/cca06391f173d09936352dd9a512c2abb801383b&quot;&gt;&lt;code&gt;cca0639&lt;/code&gt;&lt;/a> Add py314-backend-* jobs to circleci config</li>

<li>Additional commits viewable in <a href="https://github.com/ethereum/eth-hash/compare/v0.7.1...v0.8.0&quot;&gt;compare view</a></li>

</ul>

</details>
<br />

Updates pytest from 9.0.2 to 9.0.3

Release notes
Sourced from pytest's releases.

9.0.3
pytest 9.0.3 (2026-04-07)
Bug fixes


#12444: Fixed pytest.approx which now correctly takes into account ~collections.abc.Mapping keys order to compare them.


#13634: Blocking a conftest.py file using the -p no: option is now explicitly disallowed.
Previously this resulted in an internal assertion failure during plugin loading.
Pytest now raises a clear UsageError explaining that conftest files are not plugins and cannot be disabled via -p.


#13734: Fixed crash when a test raises an exceptiongroup with __tracebackhide__ = True.


#14195: Fixed an issue where non-string messages passed to unittest.TestCase.subTest() were not printed.


#14343: Fixed use of insecure temporary directory (CVE-2025-71176).


Improved documentation

#13388: Clarified documentation for -p vs PYTEST_PLUGINS plugin loading and fixed an incorrect -p example.
#13731: Clarified that capture fixtures (e.g. capsys and capfd) take precedence over the -s / --capture=no command-line options in Accessing captured output from a test function <accessing-captured-output>.
#14088: Clarified that the default pytest_collection hook sets session.items before it calls pytest_collection_finish, not after.
#14255: TOML integer log levels must be quoted: Updating reference documentation.

Contributor-facing changes


#12689: The test reports are now published to Codecov from GitHub Actions.
The test statistics is visible on the web interface.
-- by aleguy02





Commits

a7d58d7 Prepare release version 9.0.3
089d981 Merge pull request #14366 from bluetech/revert-14193-backport
8127eaf Revert "Fix: assertrepr_compare respects dict insertion order (#14050) (#14193)"
99a7e60 Merge pull request #14363 from pytest-dev/patchback/backports/9.0.x/95d8423bd...
ddee02a Merge pull request #14343 from bluetech/cve-2025-71176-simple
74eac69 doc: Update training info (#14298) (#14301)
f92dee7 Merge pull request #14267 from pytest-dev/patchback/backports/9.0.x/d6fa26c62...
7ee58ac Merge pull request #12378 from Pierre-Sassoulas/fix-implicit-str-concat-and-d...
37da870 Merge pull request #14259 from mitre88/patch-4 (#14268)
c34bfa3 Add explanation for string context diffs (#14257) (#14266)
Additional commits viewable in compare view




Updates pytest-asyncio from 1.3.0 to 1.4.0

Release notes
Sourced from pytest-asyncio's releases.

pytest-asyncio v1.4.0
1.4.0 - 2026-05-26
Deprecated

Overriding the event_loop_policy fixture is deprecated. Use the pytest_asyncio_loop_factories hook instead. (#1419)

Added


Added the pytest_asyncio_loop_factories hook to parametrize asyncio tests with custom event loop factories.
The hook returns a mapping of factory names to loop factories, and pytest.mark.asyncio(loop_factories=[...]) selects a subset of configured factories per test. When a single factory is configured, test names are unchanged.
Synchronous @pytest_asyncio.fixture functions now see the correct event loop when custom loop factories are configured, even when test code disrupts the current event loop (e.g., via asyncio.run() or asyncio.set_event_loop(None)). (#1164)


Changed

Improved the readability of the warning message that is displayed when asyncio_default_fixture_loop_scope is unset (#1298)
Only import asyncio.AbstractEventLoopPolicy for type checking to avoid raising
a DeprecationWarning. (#1394)
Updated minimum supported pytest version to v8.4.0. (#1397)

Fixed

Fixed a ResourceWarning: unclosed event loop warning that could occur when a synchronous test called asyncio.run() or otherwise unset the current event loop after pytest-asyncio had run an async test or fixture. (#724)

Notes for Downstream Packagers

Added dependency on sphinx-tabs >= 3.5 to organize documentation examples into tabs. (#1395)

pytest-asyncio v1.4.0a2
1.4.0a2 - 2026-05-02
Deprecated

Overriding the event_loop_policy fixture is deprecated. Use the pytest_asyncio_loop_factories hook instead. (#1419)

Added


Added the pytest_asyncio_loop_factories hook to parametrize asyncio tests with custom event loop factories.
The hook returns a mapping of factory names to loop factories, and pytest.mark.asyncio(loop_factories=[...]) selects a subset of configured factories per test. When a single factory is configured, test names are unchanged on pytest 8.4+.
Synchronous @pytest_asyncio.fixture functions now see the correct event loop when custom loop factories are configured, even when test code disrupts the current event loop (e.g., via asyncio.run() or asyncio.set_event_loop(None)). (#1164)


Changed

Improved the readability of the warning message that is displayed when asyncio_default_fixture_loop_scope is unset (#1298)
Only import asyncio.AbstractEventLoopPolicy for type checking to avoid raising
a DeprecationWarning. (#1394)



... (truncated)


Commits

6e14cd2 chore: Prepare release of v1.4.0.
4b900fb Build(deps): Bump codecov/codecov-action from 6.0.0 to 6.0.1
ab9f632 Build(deps): Bump zipp from 3.23.1 to 4.1.0
a56fc77 Build(deps): Bump hypothesis from 6.152.6 to 6.152.8
e8bae9b Build(deps): Bump requests from 2.34.0 to 2.34.2
fc43340 Build(deps): Bump idna from 3.14 to 3.15
762eaf5 Build(deps): Bump jaraco-functools from 4.4.0 to 4.5.0
b62e222 Build(deps): Bump click from 8.3.3 to 8.4.0
9190447 Build(deps): Bump pydantic from 2.13.3 to 2.13.4
82a393c ci: Remove unnecessary debug output.
Additional commits viewable in compare view




Updates pytest-cov from 7.0.0 to 7.1.0

Changelog
Sourced from pytest-cov's changelog.

7.1.0 (2026-03-21)


Fixed total coverage computation to always be consistent, regardless of reporting settings.
Previously some reports could produce different total counts, and consequently can make --cov-fail-under behave different depending on
reporting options.
See [#641](https://github.com/pytest-dev/pytest-cov/issues/641) <https://github.com/pytest-dev/pytest-cov/issues/641>_.


Improve handling of ResourceWarning from sqlite3.
The plugin adds warning filter for sqlite3 ResourceWarning unclosed database (since 6.2.0).
It checks if there is already existing plugin for this message by comparing filter regular expression.
When filter is specified on command line the message is escaped and does not match an expected message.
A check for an escaped regular expression is added to handle this case.
With this fix one can suppress ResourceWarning from sqlite3 from command line::
pytest -W "ignore:unclosed database in <sqlite3.Connection object at:ResourceWarning" ...


Various improvements to documentation.
Contributed by Art Pelling in [#718](https://github.com/pytest-dev/pytest-cov/issues/718) <https://github.com/pytest-dev/pytest-cov/pull/718>_ and
"vivodi" in [#738](https://github.com/pytest-dev/pytest-cov/issues/738) <https://github.com/pytest-dev/pytest-cov/pull/738>.
Also closed [#736](https://github.com/pytest-dev/pytest-cov/issues/736) <https://github.com/pytest-dev/pytest-cov/issues/736>.


Fixed some assertions in tests.
Contributed by in Markéta Machová in [#722](https://github.com/pytest-dev/pytest-cov/issues/722) <https://github.com/pytest-dev/pytest-cov/pull/722>_.


Removed unnecessary coverage configuration copying (meant as a backup because reporting commands had configuration side-effects before coverage 5.0).





Commits

66c8a52 Bump version: 7.0.0 → 7.1.0
f707662 Make the examples use pypy 3.11.
6049a78 Make context test use the old ctracer (seems the new sysmon tracer behaves di...
8ebf20b Update changelog.
861d30e Remove the backup context manager  - shouldn't be needed since coverage 5.0, ...
fd4c956 Pass the precision on the nulled total (seems that there's some caching goion...
78c9c4e Only run the 3.9 on older deps.
4849a92 Punctuation.
197c35e Update changelog and hopefully I don't forget to publish release again :))
14dc1c9 Update examples to use 3.11 and make the adhoc layout example look a bit more...
Additional commits viewable in compare view




Updates ruff from 0.14.10 to 0.15.15

Release notes
Sourced from ruff's releases.

0.15.15
Release Notes
Released on 2026-05-28.
Preview features

Fix Markdown closing fence handling (#25310)
[pyflakes] Report duplicate imports in typing.TYPE_CHECKING block (F811) (#22560)

Bug fixes

[pyflakes] Treat function-scope bare annotations as locals per PEP 526 (F821) (#21540)

Performance

Avoid redundant TokenValue drops in the lexer (#25300)
Reduce memory usage by dropping token-excess capacity and improve performance by approximating the initial tokens Vec size (#25354)
Use ThinVec in AST to shrink Stmt (#25361)

Documentation

Fix line-length example for --config option (#25389)
[flake8-comprehensions] Document RecursionError edge case in __len__ (C416) (#25286)
[mccabe] Improve example (C901) (#25287)
[pyupgrade] Clarify fix safety docs (UP007, UP045) (#25288)
[refurb] Document FURB192 exception change for empty sequences (#25317)
[ruff] Document false negative for user-defined types (RUF013) (#25289)

Formatter

Fix formatting of lambdas nested within f-strings (#25398)

Server

Return code action for codeAction/resolve requests that contain no or no valid URL (#25365)

Other changes

Expand semantic syntax errors for invalid walruses (#25415)

Contributors

@chirizxc
@ntBre
@adityasingh2400
@charliermarsh
@fallintoplace
@martin-schlossarek
@MichaReiser



... (truncated)


Changelog
Sourced from ruff's changelog.

0.15.15
Released on 2026-05-28.
Preview features

Fix Markdown closing fence handling (#25310)
[pyflakes] Report duplicate imports in typing.TYPE_CHE...
Description has been truncated

… with 31 updates Bumps the security-updates group with 28 updates in the /secbrain directory: | Package | From | To | | --- | --- | --- | | [typer](https://github.com/fastapi/typer) | `0.21.1` | `0.26.7` | | [pydantic](https://github.com/pydantic/pydantic) | `2.12.5` | `2.13.4` | | [pydantic-settings](https://github.com/pydantic/pydantic-settings) | `2.12.0` | `2.14.1` | | [openai](https://github.com/openai/openai-python) | `2.14.0` | `2.41.0` | | [eth-hash](https://github.com/ethereum/eth-hash) | `0.7.1` | `0.8.0` | | [pytest](https://github.com/pytest-dev/pytest) | `9.0.2` | `9.0.3` | | [pytest-asyncio](https://github.com/pytest-dev/pytest-asyncio) | `1.3.0` | `1.4.0` | | [pytest-cov](https://github.com/pytest-dev/pytest-cov) | `7.0.0` | `7.1.0` | | [ruff](https://github.com/astral-sh/ruff) | `0.14.10` | `0.15.15` | | [anyio](https://github.com/agronholm/anyio) | `4.12.1` | `4.13.0` | | [certifi](https://github.com/certifi/python-certifi) | `2026.1.4` | `2026.5.20` | | [charset-normalizer](https://github.com/jawah/charset_normalizer) | `3.4.4` | `3.4.7` | | [google-api-core](https://github.com/googleapis/google-cloud-python) | `2.28.1` | `2.31.0` | | [google-api-python-client](https://github.com/googleapis/google-api-python-client) | `2.187.0` | `2.197.0` | | [google-auth](https://github.com/googleapis/google-auth-library-python) | `2.47.0` | `2.53.0` | | [google-auth-httplib2](https://github.com/googleapis/google-cloud-python) | `0.3.0` | `0.4.0` | | [googleapis-common-protos](https://github.com/googleapis/google-cloud-python) | `1.72.0` | `1.75.0` | | [grpcio](https://github.com/grpc/grpc) | `1.76.0` | `1.81.0` | | [httplib2](https://github.com/httplib2/httplib2) | `0.31.0` | `0.31.2` | | [idna](https://github.com/kjd/idna) | `3.11` | `3.18` | | [jiter](https://github.com/pydantic/jiter) | `0.12.0` | `0.15.0` | | [markdown-it-py](https://github.com/executablebooks/markdown-it-py) | `4.0.0` | `4.2.0` | | [proto-plus](https://github.com/googleapis/google-cloud-python) | `1.27.0` | `1.28.0` | | [pyasn1](https://github.com/pyasn1/pyasn1) | `0.6.1` | `0.6.3` | | [pyparsing](https://github.com/pyparsing/pyparsing) | `3.3.1` | `3.3.2` | | [python-dotenv](https://github.com/theskumar/python-dotenv) | `1.2.1` | `1.2.2` | | [tqdm](https://github.com/tqdm/tqdm) | `4.67.1` | `4.67.3` | | [urllib3](https://github.com/urllib3/urllib3) | `2.6.3` | `2.7.0` | Updates `typer` from 0.21.1 to 0.26.7 - [Release notes](https://github.com/fastapi/typer/releases) - [Changelog](https://github.com/fastapi/typer/blob/master/docs/release-notes.md) - [Commits](fastapi/typer@0.21.1...0.26.7) Updates `pydantic` from 2.12.5 to 2.13.4 - [Release notes](https://github.com/pydantic/pydantic/releases) - [Changelog](https://github.com/pydantic/pydantic/blob/main/HISTORY.md) - [Commits](pydantic/pydantic@v2.12.5...v2.13.4) Updates `pydantic-settings` from 2.12.0 to 2.14.1 - [Release notes](https://github.com/pydantic/pydantic-settings/releases) - [Commits](pydantic/pydantic-settings@v2.12.0...v2.14.1) Updates `openai` from 2.14.0 to 2.41.0 - [Release notes](https://github.com/openai/openai-python/releases) - [Changelog](https://github.com/openai/openai-python/blob/main/CHANGELOG.md) - [Commits](openai/openai-python@v2.14.0...v2.41.0) Updates `eth-hash` from 0.7.1 to 0.8.0 - [Changelog](https://github.com/ethereum/eth-hash/blob/main/docs/release_notes.rst) - [Commits](ethereum/eth-hash@v0.7.1...v0.8.0) Updates `pytest` from 9.0.2 to 9.0.3 - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst) - [Commits](pytest-dev/pytest@9.0.2...9.0.3) Updates `pytest-asyncio` from 1.3.0 to 1.4.0 - [Release notes](https://github.com/pytest-dev/pytest-asyncio/releases) - [Commits](pytest-dev/pytest-asyncio@v1.3.0...v1.4.0) Updates `pytest-cov` from 7.0.0 to 7.1.0 - [Changelog](https://github.com/pytest-dev/pytest-cov/blob/master/CHANGELOG.rst) - [Commits](pytest-dev/pytest-cov@v7.0.0...v7.1.0) Updates `ruff` from 0.14.10 to 0.15.15 - [Release notes](https://github.com/astral-sh/ruff/releases) - [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md) - [Commits](astral-sh/ruff@0.14.10...0.15.15) Updates `anyio` from 4.12.1 to 4.13.0 - [Release notes](https://github.com/agronholm/anyio/releases) - [Commits](agronholm/anyio@4.12.1...4.13.0) Updates `certifi` from 2026.1.4 to 2026.5.20 - [Commits](certifi/python-certifi@2026.01.04...2026.05.20) Updates `charset-normalizer` from 3.4.4 to 3.4.7 - [Release notes](https://github.com/jawah/charset_normalizer/releases) - [Changelog](https://github.com/jawah/charset_normalizer/blob/master/CHANGELOG.md) - [Commits](jawah/charset_normalizer@3.4.4...3.4.7) Updates `google-api-core` from 2.28.1 to 2.31.0 - [Release notes](https://github.com/googleapis/google-cloud-python/releases) - [Changelog](https://github.com/googleapis/google-cloud-python/blob/main/CHANGELOG.md) - [Commits](googleapis/google-cloud-python@google-cloud-speech-v2.28.1...google-api-core-v2.31.0) Updates `google-api-python-client` from 2.187.0 to 2.197.0 - [Release notes](https://github.com/googleapis/google-api-python-client/releases) - [Commits](googleapis/google-api-python-client@v2.187.0...v2.197.0) Updates `google-auth` from 2.47.0 to 2.53.0 - [Release notes](https://github.com/googleapis/google-auth-library-python/releases) - [Changelog](https://github.com/googleapis/google-auth-library-python/blob/main/CHANGELOG.md) - [Commits](https://github.com/googleapis/google-auth-library-python/commits) Updates `google-auth-httplib2` from 0.3.0 to 0.4.0 - [Release notes](https://github.com/googleapis/google-cloud-python/releases) - [Changelog](https://github.com/googleapis/google-cloud-python/blob/main/CHANGELOG.md) - [Commits](googleapis/google-cloud-python@google-auth-httplib2-v0.3.0...google-auth-httplib2-v0.4.0) Updates `googleapis-common-protos` from 1.72.0 to 1.75.0 - [Release notes](https://github.com/googleapis/google-cloud-python/releases) - [Changelog](https://github.com/googleapis/google-cloud-python/blob/main/packages/google-cloud-documentai/CHANGELOG.md) - [Commits](googleapis/google-cloud-python@googleapis-common-protos-v1.72.0...googleapis-common-protos-v1.75.0) Updates `grpcio` from 1.76.0 to 1.81.0 - [Release notes](https://github.com/grpc/grpc/releases) - [Commits](grpc/grpc@v1.76.0...v1.81.0) Updates `httplib2` from 0.31.0 to 0.31.2 - [Changelog](https://github.com/httplib2/httplib2/blob/master/CHANGELOG) - [Commits](httplib2/httplib2@v0.31.0...v0.31.2) Updates `idna` from 3.11 to 3.18 - [Release notes](https://github.com/kjd/idna/releases) - [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.md) - [Commits](kjd/idna@v3.11...v3.18) Updates `jiter` from 0.12.0 to 0.15.0 - [Release notes](https://github.com/pydantic/jiter/releases) - [Commits](pydantic/jiter@v0.12.0...v0.15.0) Updates `markdown-it-py` from 4.0.0 to 4.2.0 - [Release notes](https://github.com/executablebooks/markdown-it-py/releases) - [Changelog](https://github.com/executablebooks/markdown-it-py/blob/master/CHANGELOG.md) - [Commits](executablebooks/markdown-it-py@v4.0.0...v4.2.0) Updates `proto-plus` from 1.27.0 to 1.28.0 - [Release notes](https://github.com/googleapis/google-cloud-python/releases) - [Changelog](https://github.com/googleapis/google-cloud-python/blob/main/CHANGELOG.md) - [Commits](googleapis/google-cloud-python@google-cloud-channel-v1.27.0...proto-plus-v1.28.0) Updates `protobuf` from 5.29.5 to 5.29.6 - [Release notes](https://github.com/protocolbuffers/protobuf/releases) - [Commits](https://github.com/protocolbuffers/protobuf/commits) Updates `pyasn1` from 0.6.1 to 0.6.3 - [Release notes](https://github.com/pyasn1/pyasn1/releases) - [Changelog](https://github.com/pyasn1/pyasn1/blob/main/CHANGES.rst) - [Commits](pyasn1/pyasn1@v0.6.1...v0.6.3) Updates `pydantic-core` from 2.41.5 to 2.46.4 - [Release notes](https://github.com/pydantic/pydantic/releases) - [Changelog](https://github.com/pydantic/pydantic/blob/main/HISTORY.md) - [Commits](https://github.com/pydantic/pydantic/commits/core-v2.46.4) Updates `pyparsing` from 3.3.1 to 3.3.2 - [Release notes](https://github.com/pyparsing/pyparsing/releases) - [Changelog](https://github.com/pyparsing/pyparsing/blob/master/CHANGES) - [Commits](pyparsing/pyparsing@3.3.1...3.3.2) Updates `python-dotenv` from 1.2.1 to 1.2.2 - [Release notes](https://github.com/theskumar/python-dotenv/releases) - [Changelog](https://github.com/theskumar/python-dotenv/blob/main/CHANGELOG.md) - [Commits](theskumar/python-dotenv@v1.2.1...v1.2.2) Updates `requests` from 2.32.5 to 2.34.2 - [Release notes](https://github.com/psf/requests/releases) - [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md) - [Commits](psf/requests@v2.32.5...v2.34.2) Updates `tqdm` from 4.67.1 to 4.67.3 - [Release notes](https://github.com/tqdm/tqdm/releases) - [Commits](tqdm/tqdm@v4.67.1...v4.67.3) Updates `urllib3` from 2.6.3 to 2.7.0 - [Release notes](https://github.com/urllib3/urllib3/releases) - [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst) - [Commits](urllib3/urllib3@2.6.3...2.7.0) --- updated-dependencies: - dependency-name: typer dependency-version: 0.26.7 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: security-updates - dependency-name: pydantic dependency-version: 2.13.4 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: security-updates - dependency-name: pydantic-settings dependency-version: 2.14.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: security-updates - dependency-name: openai dependency-version: 2.41.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: security-updates - dependency-name: eth-hash dependency-version: 0.8.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: security-updates - dependency-name: pytest dependency-version: 9.0.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: security-updates - dependency-name: pytest-asyncio dependency-version: 1.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: security-updates - dependency-name: pytest-cov dependency-version: 7.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: security-updates - dependency-name: ruff dependency-version: 0.15.15 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: security-updates - dependency-name: anyio dependency-version: 4.13.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: security-updates - dependency-name: certifi dependency-version: 2026.5.20 dependency-type: indirect update-type: version-update:semver-minor dependency-group: security-updates - dependency-name: charset-normalizer dependency-version: 3.4.7 dependency-type: indirect update-type: version-update:semver-patch dependency-group: security-updates - dependency-name: google-api-core dependency-version: 2.31.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: security-updates - dependency-name: google-api-python-client dependency-version: 2.197.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: security-updates - dependency-name: google-auth dependency-version: 2.53.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: security-updates - dependency-name: google-auth-httplib2 dependency-version: 0.4.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: security-updates - dependency-name: googleapis-common-protos dependency-version: 1.75.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: security-updates - dependency-name: grpcio dependency-version: 1.81.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: security-updates - dependency-name: httplib2 dependency-version: 0.31.2 dependency-type: indirect update-type: version-update:semver-patch dependency-group: security-updates - dependency-name: idna dependency-version: '3.18' dependency-type: indirect update-type: version-update:semver-minor dependency-group: security-updates - dependency-name: jiter dependency-version: 0.15.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: security-updates - dependency-name: markdown-it-py dependency-version: 4.2.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: security-updates - dependency-name: proto-plus dependency-version: 1.28.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: security-updates - dependency-name: protobuf dependency-version: 5.29.6 dependency-type: indirect update-type: version-update:semver-patch dependency-group: security-updates - dependency-name: pyasn1 dependency-version: 0.6.3 dependency-type: indirect update-type: version-update:semver-patch dependency-group: security-updates - dependency-name: pydantic-core dependency-version: 2.46.4 dependency-type: indirect update-type: version-update:semver-minor dependency-group: security-updates - dependency-name: pyparsing dependency-version: 3.3.2 dependency-type: indirect update-type: version-update:semver-patch dependency-group: security-updates - dependency-name: python-dotenv dependency-version: 1.2.2 dependency-type: indirect update-type: version-update:semver-patch dependency-group: security-updates - dependency-name: requests dependency-version: 2.34.2 dependency-type: indirect update-type: version-update:semver-minor dependency-group: security-updates - dependency-name: tqdm dependency-version: 4.67.3 dependency-type: indirect update-type: version-update:semver-patch dependency-group: security-updates - dependency-name: urllib3 dependency-version: 2.7.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: security-updates ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2026-06-10T22:43:58Z

Looks like these dependencies are updatable in another way, so this is no longer needed.

dependabot Bot added dependencies Pull requests that update a dependency file python labels Jun 4, 2026

dependabot Bot closed this Jun 10, 2026

dependabot Bot deleted the dependabot/pip/secbrain/security-updates-c0c615f1c3 branch June 10, 2026 22:44

Conversation

dependabot Bot commented on behalf of github Jun 4, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

0.26.7

Fixes

0.26.6

Fixes

Internal

0.26.5

Fixes

Internal

0.26.4

Features

Internal

0.26.3

Refactors

Internal

0.26.2

Fixes

0.26.7 (2026-06-03)

Fixes

0.26.6 (2026-06-02)

Fixes

Internal

0.26.5 (2026-06-01)

Fixes

Internal

0.26.4 (2026-05-30)

Features

Internal

0.26.3 (2026-05-28)

Refactors

Internal

v2.13.4 2026-05-06

v2.13.4 (2026-05-06)

What's Changed

Packaging

Fixes

v2.13.3 2026-04-20

v2.13.3 (2026-04-20)

What's Changed

Fixes

v2.13.2 2026-04-17

v2.13.2 (2026-04-17)

What's Changed

Fixes

v2.13.1 2026-04-15

v2.13.1 (2026-04-15)

What's Changed

Fixes

v2.13.0 2026-04-13

v2.13.4 (2026-05-06)

What's Changed

Packaging

Fixes

v2.13.3 (2026-04-20)

What's Changed

Fixes

v2.13.2 (2026-04-17)

What's Changed

Fixes

v2.13.1 (2026-04-15)

What's Changed

Fixes

v2.13.0 (2026-04-13)

v2.14.1

What's Changed

v2.14.0

What's Changed

v2.41.0

2.41.0 (2026-06-03)

Features

v2.40.0

2.40.0 (2026-06-01)

Features

Bug Fixes

v2.39.0

2.39.0 (2026-06-01)

Features

v2.38.0

dependabot Bot commented on behalf of github Jun 4, 2026 •

edited

Loading