Skip to content

chore(deps): bump the pip-deps group in /backend with 14 updates#8

Merged
simonvanlierde merged 2 commits into
mainfrom
dependabot/pip/backend/pip-deps-e05ba640fe
Jul 6, 2026
Merged

chore(deps): bump the pip-deps group in /backend with 14 updates#8
simonvanlierde merged 2 commits into
mainfrom
dependabot/pip/backend/pip-deps-e05ba640fe

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 3, 2026

Copy link
Copy Markdown
Contributor

Updates the requirements on fastapi, pydantic-settings, redis, sqlalchemy, structlog, uvicorn, alembic, fakeredis, greenlet, pytest-asyncio, pytest-cov, pytest, ruff and argostranslate to permit the latest version.
Updates fastapi to 0.139.0

Release notes

Sourced from fastapi's releases.

0.139.0

Features

  • ✨ Support dependencies in app.frontend(), e.g. for automatic cookie authentication for the frontend. PR #15908 by @​tiangolo.

Translations

Internal

Commits
  • cecd96d 🔖 Release version 0.139.0 (#15910)
  • aea6609 📝 Update release notes
  • 319be50 ✨ Support dependencies in app.frontend(), e.g. for automatic cookie authent...
  • 66a90f6 📝 Update release notes
  • d30a3eb 👥 Update FastAPI People - Experts (#15909)
  • 122f1b5 📝 Update release notes
  • fd6ece3 👥 Update FastAPI GitHub topic repositories (#15906)
  • ec2a6ad 📝 Update release notes
  • 9d7d7fe 🌐 Update translations for fr (update-outdated) (#15897)
  • 8dc852d 📝 Update release notes
  • Additional commits viewable in compare view

Updates pydantic-settings to 2.14.2

Release notes

Sourced from pydantic-settings's releases.

v2.14.2

What's Changed

This is a security patch release.

Security

Fixes GHSA-4xgf-cpjx-pc3j: NestedSecretsSettingsSource with secrets_nested_subdir=True could follow a symbolic link inside secrets_dir pointing outside it, reading out-of-tree files into settings values and bypassing the secrets_dir_max_size cap. Affected versions: >= 2.12.0, < 2.14.2.

Full Changelog: pydantic/pydantic-settings@v2.14.1...v2.14.2

Commits
  • d703bd7 Prepare release 2.14.2 (#890)
  • e95c30b Prepare release 2.14.1 (#859)
  • 0c87345 Fix field named cls conflicting with classmethod parameter (#858)
  • 7bd0072 Bump the python-packages group with 2 updates (#856)
  • b03e573 Bump the github-actions group with 3 updates (#853)
  • eaa3b43 Bump the python-packages group with 5 updates (#854)
  • 9f95615 Bump the python-packages group with 4 updates (#850)
  • 8916bee Prepare release 2.14.0 (#848)
  • 39e551c Fix CLI descriptions lost under python -OO by falling back to `json_schema_...
  • 9ed7f48 Bump the python-packages group with 4 updates (#847)
  • Additional commits viewable in compare view

Updates redis to 8.0.1

Release notes

Sourced from redis's releases.

8.0.1

Changes

🐛 Bug Fixes

  • Fix Unix socket maintenance notification handling and tests (#4097)
  • Fix async cluster node connection release on write errors (#4111)
  • Fixed async MultiDBClient with underlying RedisCluster (#4108)
  • Fix hiredis readiness checks for high file descriptors (#4115)
  • fix(search): parse RESP3 FT.SEARCH responses with bytes-typed keys (#4109)
  • Fixing pubsub's listen method to be blocking. (#4119)
  • fix(asyncio): release pooled connection when Pipeline.reset() is cancelled (#4123)
  • Avoid per-check fd allocation in hiredis _socket_can_read() — use poll() instead of a per-call selector (#4118)

🧰 Maintenance

  • Updating PyJWT dependency. (#4100)
  • Update CI badge in README.md (#4099)
  • Add missing url query argument parser for ssl_min_version (#4047)
  • ci: least-privilege permissions on spellcheck (read) and stale-issues (job-level write for actions/stale) (#4080)
  • Bumping github-versions actions (#4102)
  • Updating lib version + supported Redis versions in README.md + updating the Redis versions in CI test matrix (#4092)

We'd like to thank all the contributors who worked on this release! @​violuke @​mokashang @​arpitjain099 @​coredumperror @​elena-kolevska @​vladvildanov @​petyaslavova

Commits
  • 7c0fd11 Updating lib version to 8.0.1
  • b7a4d7d Avoid per-check fd allocation in hiredis _socket_can_read() — use poll() ...
  • eec778e fix(asyncio): release pooled connection when Pipeline.reset() is cancelled (#...
  • 08e01bb Fixing pubsub's listen method to be blocking. (#4119)
  • 3d5257a fix(search): parse RESP3 FT.SEARCH responses with bytes-typed keys (#4109)
  • cce28ff Fix hiredis readiness checks for high file descriptors (#4115)
  • e20691c Fixed async MultiDBClient with underlying RedisCluster (#4108)
  • ea37fcc Fix async cluster node connection release on write errors (#4111)
  • f4146fa Updating lib version + supported Redis versions in README.md + updating the R...
  • d47674e Bumping github-versions actions (#4102)
  • Additional commits viewable in compare view

Updates sqlalchemy to 2.0.51

Release notes

Sourced from sqlalchemy's releases.

2.0.51

Released: June 15, 2026

orm

  • [orm] [bug] Fixed issue where _orm.subqueryload() combined with PropComparator.of_type() and PropComparator.and_() would silently drop the additional filter criteria, causing all related objects to be loaded instead of only those matching the filter. The LoaderCriteriaOption was being constructed against the base entity rather than the effective entity indicated by PropComparator.of_type(). Pull request courtesy Arya Rizky.

    References: #13207

  • [orm] [bug] Fixed bug where a failure during tpc_prepare() within _orm.Session.commit() for a two-phase session would raise IllegalStateChangeError instead of the original database exception. The internal _prepare_impl() method's error handler was unable to invoke _orm.SessionTransaction.rollback() due to a state-change guard, preventing proper cleanup and masking the underlying error.

    References: #13356

engine

  • [engine] [bug] Fixed issue where Result.freeze() would lose track of ambiguous column names present in the original CursorResult, causing key-based access on the thawed result to silently return a value instead of raising InvalidRequestError. The SimpleResultMetaData now accepts and propagates ambiguous key information so that frozen, thawed, and pickled results raise consistently for duplicate column names. Pull request courtesy Saurabh Kohli.

    References: #9427

sql

  • [sql] [bug] Fixed issue where _sql.StatementLambdaElement would proxy attribute access through the cached "expected" expression rather than the resolved expression, causing stale closure-bound parameter values to be used when a lambda statement was extended with non-lambda criteria such as an additional .where() clause. Courtesy cjc0013.

    References: #10827

... (truncated)

Commits

Updates structlog to 26.1.0

Release notes

Sourced from structlog's releases.

26.1.0

Highlights

Given how long this release took, it's pretty thicc with nice things all over the board! Apologies for the long release cycle; it's been a victim of the slopocalypse and me trying to navigate my way thru the new normal. Extra big thanks to my sponsors for not abandoning me in these unironically trying times. ❤️

Full changelog below!

Special Thanks

This release would not be possible without my generous sponsors! Thank you to all of you making sustainable maintenance possible! If you would like to join them, go to https://github.com/sponsors/hynek and check out the sweet perks!

Above and Beyond

Variomedia AG (@variomedia), Tidelift (@tidelift), Kraken Tech (@kraken-tech), Klaviyo (@klaviyo), Privacy Solutions GmbH (@privacy-solutions), FilePreviews (@filepreviews), Ecosystems (@ecosyste-ms), TestMu AI Open Source Office (Formerly LambdaTest) (@LambdaTest-Inc), GitHub (@github), Doist (@Doist), Daniel Fortunov (@asqui), and Kevin P. Fleming (@kpfleming).

Maintenance Sustainers

Buttondown (@buttondown), Christopher Dignam (@chdsbd), Magnus Watn (@magnuswatn), David Cramer (@dcramer), Rivo Laks (@rivol), Polar (@polarsource), Mike Fiedler (@miketheman), Duncan Hill (@cricalix), Colin Marquardt (@cmarqu), Pieter Swinkels (@swinkels), Nick Libertini (@libertininick), Brian M. Dennis (@crossjam), Al Sweigart (@asweigart), Celebrity News AG (@celebritynewsag), The Westervelt Company (@westerveltco), Sławomir Ehlert (@slafs), Mostafa Khalil (@khadrawy), Filip Mularczyk (@mukiblejlok), Thomas Klinger (@thmsklngr), Andreas Poehlmann (@ap--), August Trapper Bigelow (@atbigelow), Carlton Gibson (@carltongibson), and Roboflow (@roboflow).

Full Changelog

Removed

  • Python 3.8 and 3.9 support.

Deprecated

  • Support for better-exceptions is deprecated and will be removed within a year. Use our Rich integration or copy-paste the one line of code you need. #802

Added

  • Python 3.15 support. #813

  • structlog.dev.rich_monochrome_traceback for Rich-based monochrome exception rendering and add support for it throughout structlog.dev.ConsoleRenderer when the user asks for no colors. #794

  • structlog.BytesLogger now has a name attribute which allows you to use it with the structlog.stdlib.add_logger_name() processor without using the standard library integration. #786

  • structlog.processors.CallsiteParameterAdder now supports CallsiteParameter.QUAL_MODULE that adds the qualified import name of the module of the callsite, or __main__ if the module is the entry point. This is only available for structlog-originated events since the standard library has no equivalent (except for the convention of setting the logger's name to __name__). #812

  • structlog.stdlib.BoundLogger now has is_enabled_for() and get_effective_level() methods that are snake_case aliases for its isEnabledFor() and getEffectiveLevel() methods. This makes it more compatible with the native structlog.typing.FilteringBoundLogger, so you can swap configurations without changing your call sites. #818

Changed

  • structlog.dev.ConsoleRenderer does not warn anymore when the exception key has a rendered value despite having a fancy formatter configured. #790

... (truncated)

Changelog

Sourced from structlog's changelog.

26.1.0 - 2026-06-06

Removed

  • Python 3.8 and 3.9 support.

Deprecated

  • Support for better-exceptions is deprecated and will be removed within a year. Use our Rich integration or copy-paste the one line of code you need. #802

Added

  • Python 3.15 support. #813

  • structlog.dev.rich_monochrome_traceback for Rich-based monochrome exception rendering and add support for it throughout structlog.dev.ConsoleRenderer when the user asks for no colors. #794

  • structlog.BytesLogger now has a name attribute which allows you to use it with the structlog.stdlib.add_logger_name() processor without using the standard library integration. #786

  • structlog.processors.CallsiteParameterAdder now supports CallsiteParameter.QUAL_MODULE that adds the qualified import name of the module of the callsite, or __main__ if the module is the entry point. This is only available for structlog-originated events since the standard library has no equivalent (except for the convention of setting the logger's name to __name__). #812

  • structlog.stdlib.BoundLogger now has is_enabled_for() and get_effective_level() methods that are snake_case aliases for its isEnabledFor() and getEffectiveLevel() methods. This makes it more compatible with the native structlog.typing.FilteringBoundLogger, so you can swap configurations without changing your call sites. #818

Changed

  • structlog.dev.ConsoleRenderer does not warn anymore when the exception key has a rendered value despite having a fancy formatter configured. #790

Fixed

  • structlog.BytesLogger, structlog.PrintLogger, and structlog.WriteLogger now hold weak references to the files they use for output. This prevents their leakage in long-running processes that open many logfiles, such as task executors that create a per-task BytesLogger or WriteLogger. #807

  • structlog.WriteLogger is usable after unpickling. #787

  • structlog.processors.CallsiteParameterAdder now reports the calling thread's id and name for async log methods, instead of the thread from the executor pool that runs the underlying sync logger.

... (truncated)

Commits

Updates uvicorn to 0.49.0

Release notes

Sourced from uvicorn's releases.

Version 0.49.0

What's Changed

Full Changelog: Kludex/uvicorn@0.48.0...0.49.0

Changelog

Sourced from uvicorn's changelog.

0.49.0 (June 3, 2026)

Changed

  • Bump httptools minimum version to 0.8.0 (#2962)
  • Consume duplicate forwarding headers in ProxyHeadersMiddleware (reverses the 0.48.0 behavior of ignoring them) (#2971)

0.48.0 (May 24, 2026)

Changed

  • Default ssl_ciphers to None and use OpenSSL defaults (#2940)

Fixed

  • Ignore duplicate forwarding headers in ProxyHeadersMiddleware (#2944)

0.47.0 (May 14, 2026)

Added

  • Add ssl_context_factory for custom SSLContext configuration (#2920)

Changed

  • Eagerly import the ASGI app in the parent process (#2919)

Fixed

  • Treat fd=0 as a valid file descriptor with reload/workers (#2927)

0.46.0 (April 23, 2026)

Added

  • Support ws_max_size in wsproto implementation (#2915)
  • Support ws_ping_interval and ws_ping_timeout in wsproto implementation (#2916)

Changed

  • Use bytearray for incoming WebSocket message buffer in websockets-sansio (#2917)

0.45.0 (April 21, 2026)

Added

  • Add --reset-contextvars flag to isolate ASGI request context (#2912)
  • Accept os.PathLike for log_config (#2905)
  • Accept log_level strings case-insensitively (#2907)

... (truncated)

Commits
  • 3ef2e3e Version 0.49.0 (#2973)
  • eeb64b1 Consume duplicate forwarding headers in ProxyHeadersMiddleware (#2971)
  • 630f4ac Make the watchfiles reload tests deterministic (#2972)
  • 9154922 chore(deps): bump the github-actions group across 1 directory with 6 updates ...
  • 739727a Migrate docs deploy from Cloudflare Pages to Workers (#2967)
  • be4a240 Gate docs preview deploy on Cloudflare token presence (#2966)
  • c489d7e Bump httptools minimum version to 0.8.0 (#2962)
  • 9f547bd Skip docs preview deploy for Dependabot PRs (#2961)
  • 44446b8 Migrate documentation from MkDocs Material to Zensical (#2959)
  • cfd659c Bump pymdown-extensions to 10.21.3 (#2958)
  • Additional commits viewable in compare view

Updates alembic to 1.18.5

Release notes

Sourced from alembic's releases.

1.18.5

Released: June 25, 2026

usecase

  • [usecase] [commands] Added --splice support to the merge() command. Previously, the merge command would suggest using --splice when attempting to merge non-head revisions, but the flag was not actually accepted by the command. The splice parameter is now available in both the command-line interface and the command.merge() function, matching the existing support in command.revision(). Pull request courtesy Kadir Can Ozden.

    References: #1712

  • [usecase] [environment] Added ScriptDirectory.get_heads.consider_depends_on parameter to ScriptDirectory.get_heads(). When set to True, head revisions that are also a dependency of another revision via depends_on are excluded from the result, matching the effective heads that would be present in the alembic_version table after running all upgrades.

    References: #1806

bug

  • [bug] [autogenerate] Fixed rendering of dialect keyword arguments containing ~sqlalchemy.schema.Column objects within sequences, such as postgresql_include. These were previously rendered using repr(), producing invalid Python in the generated migration scripts. Column objects within list or tuple values are now correctly rendered as their string column names. Pull request courtesy Ajay Singh.

    References: #1258

  • [bug] [mysql] Implemented type comparison for ENUM datatypes on MySQL, which checks that the individual enum values are equivalent. If additional entries are on either side, this generates a diff. Changes of order do not generate a diff. Pull request courtesy Furkan Köykıran.

    References: #1745, #779

  • [bug] [operations] Fixed bug where the inline_references parameter of Operations.add_column() did not include foreign key referential actions such as ON DELETE, ON UPDATE, DEFERRABLE, INITIALLY, and MATCH when rendering the inline REFERENCES clause.

... (truncated)

Commits

Updates fakeredis to 2.36.2

Release notes

Sourced from fakeredis's releases.

v2.36.2

🐛 Bug Fixes

  • fix: replace async can_read busy-poll with event-based wakeup (#506)
  • fix: enforce GT/LT conditions in ZADD with INCR (#507)
  • fix: reject negative LIMIT in SINTERCARD and ZINTERCARD (#508)
  • fix: EXPIRE GT/LT mishandle keys with no existing TTL (#509)
  • fix: restore missing addr/laddr/fd fields in CLIENT LIST/CLIENT INFO (#512)
  • fix: SORT/SORT_RO BY must keep natural order (#510)

New Contributors

Full Changelog: cunla/fakeredis-py@v2.36.1...v2.36.2

Commits
  • 7d830d6 doc:update
  • f47bbe7 fix: correct key formatting in ClientInfo initialization and items method
  • b23d5fd fix: SORT/SORT_RO BY <constant> must keep natural order (#510)
  • 1781052 fix: correct key formatting in client_info items method
  • a24c832 test: validate presence of 'age' and 'addr' in client_info response
  • 4b06dff add default addr
  • adbce34 fix: GETEX without options must not clear the key TTL (#511)
  • edd3b3c update fake_only marker and doc
  • 37966fb doc:update
  • 72ef07d chore:update deps
  • Additional commits viewable in compare view

Updates greenlet to 3.5.3

Changelog

Sourced from greenlet's changelog.

3.5.3 (2026-06-26)

  • Fix a crash on free-threaded builds when multiple greenlets were holding a critical section on an object and the GIL for the thread was dropped. See issue 513 <https://github.com/python-greenlet/greenlet/issues/513>_. Thanks to ddorian.

3.5.2 (2026-06-17)

  • The minimum supported version of Python 3.15 is now 3.15b2.
  • Fix some garbage-collection related crashes on free-threaded Python 3.15. Thanks to Kumar Aditya in PR [#511](https://github.com/python-greenlet/greenlet/issues/511) <https://github.com/python-greenlet/greenlet/pull/511>_.
  • Improve garbage collection of greenlets. This mostly applies to Python 3.15. Thanks to Kumar Aditya in PR [#512](https://github.com/python-greenlet/greenlet/issues/512) <https://github.com/python-greenlet/greenlet/pull/512>_.

3.5.1 (2026-05-20)

  • Add preliminary support for Python 3.15b1. This has not been reviewed by CPython core developers, but all tests pass. Binary wheels of this version won't work on earlier Python 3.15 builds and may not work on later 3.15 builds.
  • Fix the discrepancy in the way the two getcurrent APIs behave during greenlet teardown. One API (the C API used by, e.g., gevent) raised a RuntimeError; the other (the Python greenlet.getcurrent API) returned None. This second way is incompatible with greenlet's type annotations, so greenlet.getcurrent now raises a RuntimeError as well.

3.5.0 (2026-04-27)

  • Remove the atexit callback. This callback caused greenlet APIs to become unavailable far too soon during interpreter shutdown. Now they remain available while all atexit callbacks run. Sometime after Py_IsFinalizing becomes true, they may begin misbehaving. Because the order in which C extensions are finalized is undefined, C extensions that are sensitive to this need to check the results of that function before invoking greenlet APIs. As a convenience, PyGreenlet_GetCurrent sets an exception and returns NULL when this happens (and greenlet.getcurrent begins returning None); other greenlet C API functions have undefined behaviour.

... (truncated)

Commits
  • 6ee8c2c Preparing release 3.5.3
  • 6ec0bbb Merge pull request #514 from python-greenlet/issue513-preserve-crit-section
  • c03a7e6 Py3.13+: Preserve thread state critical_section to prevent crash on free-thre...
  • bc10829 Speed up manylinux test runs by only running the core checks; only start many...
  • c2db75d Back to development: 3.5.3
  • 0b64e9c Preparing release 3.5.2
  • 3e28d27 Add change note for #512 [skip ci]
  • 6563c5e Merge pull request #512 from kumaraditya303/ft-mem
  • ab6eff6 add ignore for win 3.10
  • 41f5349 revert back to fails_leakcheck_on_py314_or_less
  • Additional commits viewable in compare view

Updates pytest-asyncio to 1.4.0

Release notes

Sourced from pytest-asyncio's releases.

pytest-asyncio v1.4.0

1.4.0 - 2026-05-26

Deprecated

  • Overriding the event_loop_policy fixture is deprecated. Use the pytest_asyncio_loop_factories hook instead. (#1419)

Added

  • Added the pytest_asyncio_loop_factories hook to parametrize asyncio tests with custom event loop factories.

    The hook returns a mapping of factory names to loop factories, and pytest.mark.asyncio(loop_factories=[...]) selects a subset of configured factories per test. When a single factory is configured, test names are unchanged.

    Synchronous @pytest_asyncio.fixture functions now see the correct event loop when custom loop factories are configured, even when test code disrupts the current event loop (e.g., via asyncio.run() or asyncio.set_event_loop(None)). (#1164)

Changed

  • Improved the readability of the warning message that is displayed when asyncio_default_fixture_loop_scope is unset (#1298)
  • Only import asyncio.AbstractEventLoopPolicy for type checking to avoid raising a DeprecationWarning. (#1394)
  • Updated minimum supported pytest version to v8.4.0. (#1397)

Fixed

  • Fixed a ResourceWarning: unclosed event loop warning that could occur when a synchronous test called asyncio.run() or otherwise unset the current event loop after pytest-asyncio had run an async test or fixture. (#724)

Notes for Downstream Packagers

  • Added dependency on sphinx-tabs >= 3.5 to organize documentation examples into tabs. (#1395)
Commits
  • 6e14cd2 chore: Prepare release of v1.4.0.
  • 4b900fb Build(deps): Bump codecov/codecov-action from 6.0.0 to 6.0.1
  • ab9f632 Build(deps): Bump zipp from 3.23.1 to 4.1.0
  • a56fc77 Build(deps): Bump hypothesis from 6.152.6 to 6.152.8
  • e8bae9b Build(deps): Bump requests from 2.34.0 to 2.34.2
  • fc43340 Build(deps): Bump idna from 3.14 to 3.15
  • 762eaf5 Build(deps): Bump jaraco-functools from 4.4.0 to 4.5.0
  • b62e222 Build(deps): Bump click from 8.3.3 to 8.4.0
  • 9190447 Build(deps): Bump pydantic from 2.13.3 to 2.13.4
  • 82a393c ci: Remove unnecessary debug output.
  • Additional commits viewable in compare view

Updates pytest-cov to 7.1.0

Changelog

Sourced from pytest-cov's changelog.

7.1.0 (2026-03-21)

  • Fixed total coverage computation to always be consistent, regardless of reporting settings. Previously some reports could produce different total counts, and consequently can make --cov-fail-under behave different depending on reporting options. See [#641](https://github.com/pytest-dev/pytest-cov/issues/641) <https://github.com/pytest-dev/pytest-cov/issues/641>_.

  • Improve handling of ResourceWarning from sqlite3.

    The plugin adds warning filter for sqlite3 ResourceWarning unclosed database (since 6.2.0). It checks if there is already existing plugin for this message by comparing filter regular expression. When filter is specified on command line the message is escaped and does not match an expected message. A check for an escaped regular expression is added to handle this case.

    With this fix one can suppress ResourceWarning from sqlite3 from command line::

    pytest -W "ignore:unclosed database in <sqlite3.Connection object at:ResourceWarning" ...

  • Various improvements to documentation. Contributed by Art Pelling in [#718](https://github.com/pytest-dev/pytest-cov/issues/718) <https://github.com/pytest-dev/pytest-cov/pull/718>_ and "vivodi" in [#738](https://github.com/pytest-dev/pytest-cov/issues/738) <https://github.com/pytest-dev/pytest-cov/pull/738>. Also closed [#736](https://github.com/pytest-dev/pytest-cov/issues/736) <https://github.com/pytest-dev/pytest-cov/issues/736>.

  • Fixed some assertions in tests. Contributed by in Markéta Machová in [#722](https://github.com/pytest-dev/pytest-cov/issues/722) <https://github.com/pytest-dev/pytest-cov/pull/722>_.

  • Removed unnecessary coverage configuration copying (meant as a backup because reporting commands had configuration side-effects before coverage 5.0).

7.0.0 (2025-09-09)

  • Dropped support for subprocesses measurement.

    It was a feature added long time ago when coverage lacked a nice way to measure subprocesses created in tests. It relied on a .pth file, there was no way to opt-out and it created bad interations with coverage's new patch system <https://coverage.readthedocs.io/en/latest/config.html#run-patch>_ added in 7.10 <https://coverage.readthedocs.io/en/7.10.6/changes.html#version-7-10-0-2025-07-24>_.

    To migrate to this release you might need to enable the suprocess patch, example for .coveragerc:

    .. code-block:: ini

    [run] patch = subprocess

    This release also requires at least coverage 7.10.6.

  • Switched packaging to have metadata completely in pyproject.toml and use hatchling <https://pypi.org/project/hatchling/>_ for building. Contributed by Ofek Lev in [#551](https://github.com/pytest-dev/pytest-cov/issues/551) <https://github.com/pytest-dev/pytest-cov/pull/551>_ with some extras in [#716](https://github.com/pytest-dev/pytest-cov/issues/716) <https://github.com/pytest-dev/pytest-cov/pull/716>_.

  • Removed some not really necessary testing deps like six.

... (truncated)

Commits
  • 66c8a52 Bump version: 7.0.0 → 7.1.0
  • f707662 Make the examples use pypy 3.11.
  • 6049a78 Make context test use the old ctracer (seems the new sysmon tracer behaves di...
  • 8ebf20b Update changelog.
  • 861d30e Remove the backup context manager - shouldn't be needed since coverage 5.0, ...
  • fd4c956 Pass the precision on the nulled total (seems that there's some caching goion...
  • 78c9c4e Only run the 3.9 on older deps.
  • 4849a92 Punctuation.
  • 197c35e Update changelog and hopefully I don't forget to publish release again :))
  • 14dc1c9 Update examples to use 3.11 and make the adhoc layout example look a bit more...
  • Additional commits viewable in compare view

Updates pytest to 9.1.1

Release notes

Sourced from pytest's releases.

9.1.1

pytest 9.1.1 (2026-06-19)

Bug fixes

  • #14220: Fixed a logic bug in pytest.RaisesGroup which would might cause it to display incorrect "It matches FooError() which was paired with BarError" messages.
  • #14591: Fixed a regression in pytest 9.1.0 which caused overriding a parametrized fixture with an indirect @​pytest.mark.parametrize to fail with "duplicate parametrization of '<fixture name>'".
  • #14606: Fixed list-item typing errors from mypy in @pytest.mark.parametrize <pytest.mark.parametrize ref> argvalues parameter.
  • #14608: Fixed a regression in pyte...

    Description has been truncated

Updates the requirements on [fastapi](https://github.com/fastapi/fastapi), [pydantic-settings](https://github.com/pydantic/pydantic-settings), [redis](https://github.com/redis/redis-py), [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy), [structlog](https://github.com/hynek/structlog), [uvicorn](https://github.com/Kludex/uvicorn), [alembic](https://github.com/sqlalchemy/alembic), [fakeredis](https://github.com/cunla/fakeredis-py), [greenlet](https://github.com/python-greenlet/greenlet), [pytest-asyncio](https://github.com/pytest-dev/pytest-asyncio), [pytest-cov](https://github.com/pytest-dev/pytest-cov), [pytest](https://github.com/pytest-dev/pytest), [ruff](https://github.com/astral-sh/ruff) and [argostranslate](https://github.com/argosopentech/argos-translate) to permit the latest version.

Updates `fastapi` to 0.139.0
- [Release notes](https://github.com/fastapi/fastapi/releases)
- [Commits](fastapi/fastapi@0.122.0...0.139.0)

Updates `pydantic-settings` to 2.14.2
- [Release notes](https://github.com/pydantic/pydantic-settings/releases)
- [Commits](pydantic/pydantic-settings@v2.12.0...v2.14.2)

Updates `redis` to 8.0.1
- [Release notes](https://github.com/redis/redis-py/releases)
- [Changelog](https://github.com/redis/redis-py/blob/master/CHANGES)
- [Commits](redis/redis-py@v5.0.0...v8.0.1)

Updates `sqlalchemy` to 2.0.51
- [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases)
- [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst)
- [Commits](https://github.com/sqlalchemy/sqlalchemy/commits)

Updates `structlog` to 26.1.0
- [Release notes](https://github.com/hynek/structlog/releases)
- [Changelog](https://github.com/hynek/structlog/blob/main/CHANGELOG.md)
- [Commits](hynek/structlog@25.5.0...26.1.0)

Updates `uvicorn` to 0.49.0
- [Release notes](https://github.com/Kludex/uvicorn/releases)
- [Changelog](https://github.com/Kludex/uvicorn/blob/main/docs/release-notes.md)
- [Commits](Kludex/uvicorn@0.44.0...0.49.0)

Updates `alembic` to 1.18.5
- [Release notes](https://github.com/sqlalchemy/alembic/releases)
- [Changelog](https://github.com/sqlalchemy/alembic/blob/main/CHANGES)
- [Commits](https://github.com/sqlalchemy/alembic/commits)

Updates `fakeredis` to 2.36.2
- [Release notes](https://github.com/cunla/fakeredis-py/releases)
- [Commits](cunla/fakeredis-py@v2.34.1...v2.36.2)

Updates `greenlet` to 3.5.3
- [Changelog](https://github.com/python-greenlet/greenlet/blob/master/CHANGES.rst)
- [Commits](python-greenlet/greenlet@3.3.2...3.5.3)

Updates `pytest-asyncio` to 1.4.0
- [Release notes](https://github.com/pytest-dev/pytest-asyncio/releases)
- [Commits](pytest-dev/pytest-asyncio@v1.3.0...v1.4.0)

Updates `pytest-cov` to 7.1.0
- [Changelog](https://github.com/pytest-dev/pytest-cov/blob/master/CHANGELOG.rst)
- [Commits](pytest-dev/pytest-cov@v7.0.0...v7.1.0)

Updates `pytest` to 9.1.1
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](pytest-dev/pytest@9.0.1...9.1.1)

Updates `ruff` to 0.15.20
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.14.6...0.15.20)

Updates `argostranslate` to 1.11.0
- [Release notes](https://github.com/argosopentech/argos-translate/releases)
- [Changelog](https://github.com/argosopentech/argos-translate/blob/master/ReleaseNotes.md)
- [Commits](argosopentech/argos-translate@v1.9.6...v1.11.0)

---
updated-dependencies:
- dependency-name: fastapi
  dependency-version: 0.139.0
  dependency-type: direct:production
  dependency-group: pip-deps
- dependency-name: pydantic-settings
  dependency-version: 2.14.2
  dependency-type: direct:production
  dependency-group: pip-deps
- dependency-name: redis
  dependency-version: 8.0.1
  dependency-type: direct:production
  dependency-group: pip-deps
- dependency-name: sqlalchemy
  dependency-version: 2.0.51
  dependency-type: direct:production
  dependency-group: pip-deps
- dependency-name: structlog
  dependency-version: 26.1.0
  dependency-type: direct:production
  dependency-group: pip-deps
- dependency-name: uvicorn
  dependency-version: 0.49.0
  dependency-type: direct:production
  dependency-group: pip-deps
- dependency-name: alembic
  dependency-version: 1.18.5
  dependency-type: direct:development
  dependency-group: pip-deps
- dependency-name: fakeredis
  dependency-version: 2.36.2
  dependency-type: direct:development
  dependency-group: pip-deps
- dependency-name: greenlet
  dependency-version: 3.5.3
  dependency-type: direct:development
  dependency-group: pip-deps
- dependency-name: pytest-asyncio
  dependency-version: 1.4.0
  dependency-type: direct:development
  dependency-group: pip-deps
- dependency-name: pytest-cov
  dependency-version: 7.1.0
  dependency-type: direct:development
  dependency-group: pip-deps
- dependency-name: pytest
  dependency-version: 9.1.1
  dependency-type: direct:development
  dependency-group: pip-deps
- dependency-name: ruff
  dependency-version: 0.15.20
  dependency-type: direct:development
  dependency-group: pip-deps
- dependency-name: argostranslate
  dependency-version: 1.11.0
  dependency-type: direct:development
  dependency-group: pip-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Jul 3, 2026
@simonvanlierde simonvanlierde merged commit 5e960dd into main Jul 6, 2026
12 checks passed
@dependabot dependabot Bot deleted the dependabot/pip/backend/pip-deps-e05ba640fe branch July 6, 2026 19:24
@codecov

codecov Bot commented Jul 6, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant