Skip to content

Bump the python-dependencies group across 1 directory with 6 updates#266

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/python-dependencies-56dcc3c17f
Closed

Bump the python-dependencies group across 1 directory with 6 updates#266
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/python-dependencies-56dcc3c17f

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 30, 2026

Copy link
Copy Markdown
Contributor

Bumps the python-dependencies group with 6 updates in the / directory:

Package From To
fastapi 0.123.10 0.138.2
elastic-apm 6.26.1 6.26.2
starlette 0.49.3 1.3.1
pytest 9.1.0 9.1.1
coverage 7.14.1 7.14.3
mkdocstrings-python 2.0.4 2.0.5

Updates fastapi from 0.123.10 to 0.138.2

Release notes

Sourced from fastapi's releases.

0.138.1

Refactors

  • ♻️ Refactor Library Skills, make info easier to find for agents. PR #15841 by @​tiangolo.

Internal

0.138.0

Features

  • ✨ Add support for app.frontend("/", directory="dist") and router.frontend("/", directory="dist"). PR #15800 by @​tiangolo.

Docs

Translations

Internal

0.137.2

Features

  • ✨ Add iter_route_contexts() for advanced use cases that used to use router.routes (e.g. Jupyverse). PR #15785 by @​tiangolo.

Translations

... (truncated)

Commits
  • 702fea8 🔖 Release version 0.138.2 (#15864)
  • 6466865 📝 Update release notes
  • b790e14 ♻️ Make app.frontend() return 404 for methods other than GET or HEAD wi...
  • c2708d9 📝 Update release notes
  • 403b1fa 🔧 Update sponsors: remove Stainless (#15862)
  • 1929ac2 📝 Update release notes
  • cba4158 ♻️ Refactor how sponsors data is handled for banners (#15852)
  • b90c49a 🔖 Release version 0.138.1 (#15842)
  • 1f2f3df 📝 Update release notes
  • 0af003a ♻️ Refactor Library Skills, make info easier to find for agents (#15841)
  • Additional commits viewable in compare view

Updates elastic-apm from 6.26.1 to 6.26.2

Release notes

Sourced from elastic-apm's releases.

v6.26.2

What's Changed

Bug fixes

  • Fix httpcore instrumentation handling of default port #2669
  • Handle FastAPI 0.137 _IncludedRouter in route name resolution #2682
Region ARN
af-south-1 arn:aws:lambda:af-south-1:267093732750:layer:elastic-apm-python-ver-6-26-2:1
ap-east-1 arn:aws:lambda:ap-east-1:267093732750:layer:elastic-apm-python-ver-6-26-2:1
ap-northeast-1 arn:aws:lambda:ap-northeast-1:267093732750:layer:elastic-apm-python-ver-6-26-2:1
ap-northeast-2 arn:aws:lambda:ap-northeast-2:267093732750:layer:elastic-apm-python-ver-6-26-2:1
ap-northeast-3 arn:aws:lambda:ap-northeast-3:267093732750:layer:elastic-apm-python-ver-6-26-2:1
ap-south-1 arn:aws:lambda:ap-south-1:267093732750:layer:elastic-apm-python-ver-6-26-2:1
ap-southeast-1 arn:aws:lambda:ap-southeast-1:267093732750:layer:elastic-apm-python-ver-6-26-2:1
ap-southeast-2 arn:aws:lambda:ap-southeast-2:267093732750:layer:elastic-apm-python-ver-6-26-2:1
ap-southeast-3 arn:aws:lambda:ap-southeast-3:267093732750:layer:elastic-apm-python-ver-6-26-2:1
ca-central-1 arn:aws:lambda:ca-central-1:267093732750:layer:elastic-apm-python-ver-6-26-2:1
eu-central-1 arn:aws:lambda:eu-central-1:267093732750:layer:elastic-apm-python-ver-6-26-2:1
eu-north-1 arn:aws:lambda:eu-north-1:267093732750:layer:elastic-apm-python-ver-6-26-2:1
eu-south-1 arn:aws:lambda:eu-south-1:267093732750:layer:elastic-apm-python-ver-6-26-2:1
eu-west-1 arn:aws:lambda:eu-west-1:267093732750:layer:elastic-apm-python-ver-6-26-2:1
eu-west-2 arn:aws:lambda:eu-west-2:267093732750:layer:elastic-apm-python-ver-6-26-2:1
eu-west-3 arn:aws:lambda:eu-west-3:267093732750:layer:elastic-apm-python-ver-6-26-2:1
me-south-1 arn:aws:lambda:me-south-1:267093732750:layer:elastic-apm-python-ver-6-26-2:1
sa-east-1 arn:aws:lambda:sa-east-1:267093732750:layer:elastic-apm-python-ver-6-26-2:1
us-east-1 arn:aws:lambda:us-east-1:267093732750:layer:elastic-apm-python-ver-6-26-2:1
us-east-2 arn:aws:lambda:us-east-2:267093732750:layer:elastic-apm-python-ver-6-26-2:1
us-west-1 arn:aws:lambda:us-west-1:267093732750:layer:elastic-apm-python-ver-6-26-2:1
us-west-2 arn:aws:lambda:us-west-2:267093732750:layer:elastic-apm-python-ver-6-26-2:1

New Contributors

Full Changelog: elastic/apm-agent-python@v6.26.1...v6.26.2

Changelog

Sourced from elastic-apm's changelog.

==== 6.26.2 - 2026-06-22

[float] ===== Bug fixes

  • Fix httpcore instrumentation handling of default port {pull}2669#2669
  • Handle FastAPI 0.137 _IncludedRouter in route name resolution {pull}2682#2682

[[release-notes-6.26.1]]

Commits
  • e8c1f3d update CHANGELOG and bump version to 6.26.2 (#2685)
  • d231f39 build(deps): bump wolfi/chainguard-base from 0b158df to a257ae1 (#2676)
  • 61b1d3d fix(starlette): handle FastAPI 0.137 _IncludedRouter in route name resolution...
  • 4505c92 build(deps): bump alpine from a2d49ea to 28bd5fe (#2678)
  • 88f4cb3 tests/requirements: limits kafka-newest to < 3 (#2675)
  • 4943dda build(deps): bump https://github.com/ambv/black from 26.5.0 to 26.5.1 (#2656)
  • f3da8cd build(deps): bump wolfi/chainguard-base from 65aa5f8 to 0b158df (#2672)
  • 9c64881 build(deps): bump alpine from 5b10f43 to a2d49ea (#2674)
  • e8924f4 build(deps): bump wolfi/chainguard-base from ec3de09 to 65aa5f8 (#2670)
  • c32f0fd build(deps): bump certifi from 2026.4.22 to 2026.5.20 in /dev-utils (#2654)
  • Additional commits viewable in compare view

Updates starlette from 0.49.3 to 1.3.1

Release notes

Sourced from starlette's releases.

Version 1.3.1

What's Changed

Full Changelog: Kludex/starlette@1.3.0...1.3.1

Version 1.3.0

What's Changed

New Contributors

Full Changelog: Kludex/starlette@1.2.1...1.3.0

Version 1.2.1

What's Changed

New Contributors

Full Changelog: Kludex/starlette@1.2.0...1.2.1

Version 1.2.0

What's Changed

Full Changelog: Kludex/starlette@1.1.0...1.2.0

Version 1.1.0

... (truncated)

Changelog

Sourced from starlette's changelog.

1.3.1 (June 12, 2026)

Fixed

  • Enforce max_fields and max_part_size in FormParser #3329.
  • Enforce FormParser limits in parser callbacks #3331.

1.3.0 (June 11, 2026)

Added

  • Add httpx2 to the full extra #3323.
  • Annotate the URLPath protocol parameter with Literal #3285.

Fixed

  • Build request.url from structured components #3326.
  • Clamp oversized suffix ranges in FileResponse #3307.
  • Catch OSError alongside MultiPartException when closing temp files #3191.
  • Avoid collapsing exception groups raised from user code #2830.
  • Use removeprefix to strip the weak ETag indicator in is_not_modified #3193.
  • Fix IndexError in URL.replace() on a URL with no authority #3317.
  • Adjust testclient typing and warnings #3322.

1.2.1 (May 31, 2026)

Fixed

  • Use httpx2 for type checking in the testclient module #3304.
  • Add assert error for requires() when the request parameter is not a Request type #3298.

1.2.0 (May 28, 2026)

Added

  • Support httpx2 in the test client #3291.

1.1.0 (May 23, 2026)

Added

  • Use "application/octet-stream" as the FileResponse media type fallback #3283.

Fixed

  • Only dispatch standard HTTP verbs in HTTPEndpoint #3286.
  • Reject absolute paths in StaticFiles.lookup_path #3287.

1.0.1 (May 21, 2026)

... (truncated)

Commits
  • 8ebffd0 Version 1.3.1 (#3330)
  • 25b8e17 Enforce FormParser limits in parser callbacks (#3331)
  • dba1c4b Enforce max_fields and max_part_size in FormParser (#3329)
  • 45e51dc Use StarletteDeprecationWarning instead of DeprecationWarning (#3119)
  • 5f8610c Version 1.3.0 (#3327)
  • 167b585 Build request.url from structured components (#3326)
  • 3730925 Use removeprefix to strip weak ETag indicator in is_not_modified (#3193)
  • e6f7ad1 avoid collapsing exception groups from user code (#2830)
  • 115228f Annotate URLPath protocol parameter with Literal (#3285)
  • 113f193 docs: replace inline ASGI server list with link to canonical implemen… (#3204)
  • Additional commits viewable in compare view

Updates pytest from 9.1.0 to 9.1.1

Release notes

Sourced from pytest's releases.

9.1.1

pytest 9.1.1 (2026-06-19)

Bug fixes

  • #14220: Fixed a logic bug in pytest.RaisesGroup which would might cause it to display incorrect "It matches FooError() which was paired with BarError" messages.
  • #14591: Fixed a regression in pytest 9.1.0 which caused overriding a parametrized fixture with an indirect @​pytest.mark.parametrize to fail with "duplicate parametrization of '<fixture name>'".
  • #14606: Fixed list-item typing errors from mypy in @pytest.mark.parametrize <pytest.mark.parametrize ref> argvalues parameter.
  • #14608: Fixed a regression in pytest 9.1.0 where conftest.py files located in <invocation dir>/test* were no longer loaded as initial conftests when invoked without arguments. This could cause certain hooks (like pytest_addoption) in these files to not fire.
Commits
  • cf470ec Prepare release version 9.1.1
  • e0c8ce6 Merge pull request #14625 from pytest-dev/patchback/backports/9.1.x/a07c31a97...
  • 1b82d16 Merge pull request #14624 from pytest-dev/patchback/backports/9.1.x/b375b79ec...
  • 501c4bc Merge pull request #14596 from bluetech/doc-classmethod
  • b61f588 Merge pull request #14622 from chrisburr/fix-14608-initial-conftest-test-subdir
  • 9a567e0 [automated] Update plugin list (#14617) (#14618)
  • ef8b299 Merge pull request #14620 from pytest-dev/patchback/backports/9.1.x/680f9f3ed...
  • 66abd07 Merge pull request #14220 from bysiber/fix-stale-iexp-raisesgroup
  • 79fbf93 Merge pull request #14612 from pytest-dev/patchback/backports/9.1.x/974ed48b6...
  • 0d312eb Merge pull request #14611 from bluetech/parametrize-argvalues-typing
  • Additional commits viewable in compare view

Updates coverage from 7.14.1 to 7.14.3

Changelog

Sourced from coverage's changelog.

Version 7.14.3 — 2026-06-22

  • Fix: the default ... exclusion rule now also matches function bodies whose closing return-type bracket is on its own line (for example, after a long -> dict[ ... ] annotation that a formatter has split over multiple lines). Closes issue 2185, thanks Mengjia Shang <pull 2196_>.

  • Fix: On 3.13t, we incorrectly issued Couldn't import C tracer errors. We can't import the C tracer because in 7.14.2 we stopped shipping compiled wheels for 3.13t. Thanks, Hugo van Kemenade <pull 2203_>_.

.. _issue 2185: coveragepy/coveragepy#2185 .. _pull 2196: coveragepy/coveragepy#2196 .. _pull 2203: coveragepy/coveragepy#2203

.. _changes_7-14-2:

Version 7.14.2 — 2026-06-20

  • Fix: some messages were being written to stdout, making coverage json -o - useless for capturing JSON output. Now messages are written to stderr, fixing issue 2197_.

  • Fix: CoverageData kept one SQLite connection per thread that recorded coverage, but never closed them when those threads terminated. On long runs with many short-lived threads this leaked one file descriptor per dead thread, eventually failing with OSError: [Errno 24] Too many open files. Connections belonging to terminated threads are now closed and dropped. Fixes issue 2192. Thanks, Matthew Lloyd <pull 2193_>.

  • Fix: when using sys.monitoring, we were assuming we could use the COVERAGE_ID tool id. But other tools might also assume they could use that id. Pre-allocated ids don't really make sense, so now we search for a usable one instead. Fixes issue 2187_.

  • Following the advice of cibuildwheel <no-13t_>_, we no longer distribute wheels for Python 3.13 free-threaded.

.. _issue 2187: coveragepy/coveragepy#2187 .. _issue 2192: coveragepy/coveragepy#2192 .. _pull 2193: coveragepy/coveragepy#2193 .. _issue 2197: coveragepy/coveragepy#2197 .. _no-13t: https://py-free-threading.github.io/ci/#building-free-threaded-wheels-with-cibuildwheel

.. _changes_7-14-1:

Commits
  • 22f13ea docs: sample HTML for 7.14.3
  • 2ca4e5f docs: prep for 7.14.3
  • 01d714e docs: add changelog entry for #2203
  • f36248d fix: don't emit 'Couldn't import C tracer' warning for 3.13t (#2203)
  • 86d73d1 docs: thanks, Mengjia Shang
  • 3d4ae3c docs: add the #2196 pr link to CHANGES
  • f4b2b4d fix: exclude ... bodies after multi-line return-type annotations (#2185) (#...
  • 1980ed0 chore: bump sigstore/gh-action-sigstore-python (#2201)
  • bca3217 build: since we don't ship 3.13t, don't test it
  • 77550d8 docs: oops, mismatched pull requests
  • Additional commits viewable in compare view

Updates mkdocstrings-python from 2.0.4 to 2.0.5

Release notes

Sourced from mkdocstrings-python's releases.

2.0.5

2.0.5 - 2026-06-19

Compare with 2.0.4

Bug Fixes

  • Allow relative cross-references to work in summaries (abe2888 by Timothée Mazzucotelli). Issue-331
  • Always display attribute values as they're written in the source (0334131 by Timothée Mazzucotelli). Issue-311
Changelog

Sourced from mkdocstrings-python's changelog.

2.0.5 - 2026-06-19

Compare with 2.0.4

Bug Fixes

  • Allow relative cross-references to work in summaries (abe2888 by Timothée Mazzucotelli). Issue-331
  • Always display attribute values as they're written in the source (0334131 by Timothée Mazzucotelli). Issue-311
Commits
  • 1670ecb chore: Prepare release 2.0.5
  • abe2888 fix: Allow relative cross-references to work in summaries
  • 0334131 fix: Always display attribute values as they're written in the source
  • 39311c7 docs: Lint docs
  • 835a406 chore: Never fail type-checking (maintenance mode)
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the python-dependencies group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [fastapi](https://github.com/fastapi/fastapi) | `0.123.10` | `0.138.2` |
| [elastic-apm](https://github.com/elastic/apm-agent-python) | `6.26.1` | `6.26.2` |
| [starlette](https://github.com/Kludex/starlette) | `0.49.3` | `1.3.1` |
| [pytest](https://github.com/pytest-dev/pytest) | `9.1.0` | `9.1.1` |
| [coverage](https://github.com/coveragepy/coveragepy) | `7.14.1` | `7.14.3` |
| [mkdocstrings-python](https://github.com/mkdocstrings/python) | `2.0.4` | `2.0.5` |



Updates `fastapi` from 0.123.10 to 0.138.2
- [Release notes](https://github.com/fastapi/fastapi/releases)
- [Commits](fastapi/fastapi@0.123.10...0.138.2)

Updates `elastic-apm` from 6.26.1 to 6.26.2
- [Release notes](https://github.com/elastic/apm-agent-python/releases)
- [Changelog](https://github.com/elastic/apm-agent-python/blob/main/CHANGELOG.asciidoc)
- [Commits](elastic/apm-agent-python@v6.26.1...v6.26.2)

Updates `starlette` from 0.49.3 to 1.3.1
- [Release notes](https://github.com/Kludex/starlette/releases)
- [Changelog](https://github.com/Kludex/starlette/blob/main/docs/release-notes.md)
- [Commits](Kludex/starlette@0.49.3...1.3.1)

Updates `pytest` from 9.1.0 to 9.1.1
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](pytest-dev/pytest@9.1.0...9.1.1)

Updates `coverage` from 7.14.1 to 7.14.3
- [Release notes](https://github.com/coveragepy/coveragepy/releases)
- [Changelog](https://github.com/coveragepy/coveragepy/blob/main/CHANGES.rst)
- [Commits](coveragepy/coveragepy@7.14.1...7.14.3)

Updates `mkdocstrings-python` from 2.0.4 to 2.0.5
- [Release notes](https://github.com/mkdocstrings/python/releases)
- [Changelog](https://github.com/mkdocstrings/python/blob/main/CHANGELOG.md)
- [Commits](mkdocstrings/python@2.0.4...2.0.5)

---
updated-dependencies:
- dependency-name: fastapi
  dependency-version: 0.138.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-dependencies
- dependency-name: elastic-apm
  dependency-version: 6.26.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-dependencies
- dependency-name: starlette
  dependency-version: 1.3.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: python-dependencies
- dependency-name: pytest
  dependency-version: 9.1.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: python-dependencies
- dependency-name: coverage
  dependency-version: 7.14.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: python-dependencies
- dependency-name: mkdocstrings-python
  dependency-version: 2.0.5
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: python-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Jun 30, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jul 8, 2026

Copy link
Copy Markdown
Contributor Author

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml

@dependabot dependabot Bot deleted the dependabot/pip/python-dependencies-56dcc3c17f branch July 8, 2026 10:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant