Skip to content

chore(deps): bump the package-updates group across 1 directory with 11 updates#3786

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/uv/package-updates-5eea4c5e3e
Open

chore(deps): bump the package-updates group across 1 directory with 11 updates#3786
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/uv/package-updates-5eea4c5e3e

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 27, 2026

Updates the requirements on django-health-check, django-storages[s3], django, environs[django], psycopg2-binary, sentry-sdk, granian, bandit[toml], django-stubs, pyrefly and ruff to permit the latest version.
Updates django-health-check from 4.2.2 to 4.4.0

Release notes

Sourced from django-health-check's releases.

4.4.0

What's Changed

New Contributors

Full Changelog: codingjoe/django-health-check@4.3.1...4.4.0

4.3.1

What's Changed

New Contributors

Full Changelog: codingjoe/django-health-check@4.3.0...4.3.1

4.3.0

What's Changed

Full Changelog: codingjoe/django-health-check@4.2.2...4.3.0

Commits
  • e480bc0 Resolve #724 -- Add public dataclass field as OpenMetric label (#725)
  • e56c871 Clean up storage probe files when validation fails (#717)
  • 3421a3c Update copilot review instructions
  • c674d2f Revert "Update celery requirement from >=5.0.0 to >=5.6.3"
  • 04a22e5 Revert "Update flit-core requirement from >=3.2 to >=3.12.0"
  • 4d47e8a Revert "Update aio-pika requirement from >=9.0.0 to >=9.6.2"
  • e0d4479 Revert "Update django requirement from >=5.2 to >=5.2.13"
  • 8994dcc Revert "Update confluent-kafka requirement from >=2.0.0 to >=2.14.0"
  • 1f31638 Ref #701 -- Add support for a custom executor for synchronous checks (#716)
  • b79e960 Bump actions/upload-pages-artifact from 4 to 5
  • Additional commits viewable in compare view

Updates django-storages[s3] to 1.14.6

Changelog

Sourced from django-storages[s3]'s changelog.

1.14.6 (2025-04-01)

Google Cloud

  • Add option to sign URLs via IAM Blob API ([#1427](https://github.com/jschneier/django-storages/issues/1427)_)

S3

  • Fix exists calls when using SSE-C ([#1451](https://github.com/jschneier/django-storages/issues/1451)_)
  • Default url_protocol to https: if set to None ([#1483](https://github.com/jschneier/django-storages/issues/1483)_)

.. _#1427: jschneier/django-storages#1427 .. _#1451: jschneier/django-storages#1451 .. _#1483: jschneier/django-storages#1483

1.14.5 (2025-02-15)

General

  • Revert exists() behavior to pre-1.14.4 semantics with additional hardening for Django versions < 4.2 to fix CVE-2024-39330. This change matches the eventual behavior Django itself shipped with. ([#1484](https://github.com/jschneier/django-storages/issues/1484), [#1486](https://github.com/jschneier/django-storages/issues/1486))
  • Add support for Django 5.1 ([#1444](https://github.com/jschneier/django-storages/issues/1444)_)

Azure

  • Deprecated: The setting AZURE_API_VERSION/api_version setting is deprecated in favor of the new AZURE_CLIENT_OPTIONS setting. A future version will remove support for this setting.
  • Add AZURE_CLIENT_OPTIONS settings to enable customization of all BlobServiceClient parameters such as api_version and all retry* options. ([#1432](https://github.com/jschneier/django-storages/issues/1432)_)

Dropbox

  • As part of the above hardening fix a bug was uncovered whereby a root_path setting would be applied multiple times during save() ([#1484](https://github.com/jschneier/django-storages/issues/1484)_)
  • Fix setting OAuth2 access token via env var ([#1452](https://github.com/jschneier/django-storages/issues/1452)_)

FTP

  • Fix incorrect exists() results due to an errant appended slash ([#1438](https://github.com/jschneier/django-storages/issues/1438)_)

Google Cloud

... (truncated)

Commits

Updates django from 5.2.13 to 6.0.4

Commits

Updates environs[django] to 15.0.1

Changelog

Sourced from environs[django]'s changelog.

15.0.1 (2026-04-06)

Bug fixes:

  • Exported environment variables take precedence over .env files (regression from 15.0.0) (#464). Thanks DougEdey-Slice for reporting.

15.0.0 (2026-03-31)

Features:

  • Env.read_env no longer mutates os.environ (#393). Values from .env files are loaded into the Env instance only. This comes with two breaking changes:
    • Env.read_env is now an instance method rather than a @staticmethod. Env.read_env() -> env.read_env()
    • The verbose parameter of read_env is been removed.

Other changes:

  • Drop support for marshmallow 3, which is EOL. marshmallow>=4.0.0 is supported.
  • Minor typing improvements (#463).

14.6.0 (2026-02-19)

Bug fixes:

  • Fix variable expansion with other characters (#359). Thanks flymanzhao for reporting and veeceey for the PR.

Other changes:

  • Update lowest supported marshmallow version to 3.26.2 (#448). Thanks whyscream for the PR.

14.5.0 (2025-11-02)

Features:

  • Add strip_whitespace param to FileAwareEnv (#431). Thanks eandersons for the suggestion and PR.

Other changes:

  • Drop support for Python 3.9, which is EOL.

14.4.0 (2025-10-29)

Features:

  • Add support for ISO 8601 durations to env.timedelta. (#434). Thanks lucas-bremond for the suggestion and PR.

... (truncated)

Commits

Updates psycopg2-binary from 2.9.11 to 2.9.12

Changelog

Sourced from psycopg2-binary's changelog.

Current release

What's new in psycopg 2.9.12 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • Fix infinite loop with malformed interval (:ticket:1835).

What's new in psycopg 2.9.11 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • Add support for Python 3.14.
  • Avoid a segfault passing more arguments than placeholders if Python is built with assertions enabled (:ticket:[#1791](https://github.com/psycopg/psycopg2/issues/1791)).
  • Add riscv64 platform binary packages (:ticket:[#1813](https://github.com/psycopg/psycopg2/issues/1813)).
  • ~psycopg2.errorcodes map and ~psycopg2.errors classes updated to PostgreSQL 18.
  • Drop support for Python 3.8.

What's new in psycopg 2.9.10 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • Add support for Python 3.13.
  • Receive notifications on commit (:ticket:[#1728](https://github.com/psycopg/psycopg2/issues/1728)).
  • ~psycopg2.errorcodes map and ~psycopg2.errors classes updated to PostgreSQL 17.
  • Drop support for Python 3.7.

What's new in psycopg 2.9.9 ^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • Add support for Python 3.12.
  • Drop support for Python 3.6.

What's new in psycopg 2.9.8 ^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • Wheel package bundled with PostgreSQL 16 libpq in order to add support for recent features, such as sslcertmode.

What's new in psycopg 2.9.7 ^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • Fix propagation of exceptions raised during module initialization (:ticket:[#1598](https://github.com/psycopg/psycopg2/issues/1598)).

... (truncated)

Commits
  • 3a6d9d6 ci: include almalinux in whieel building
  • ebca6bf chore: bump to version 3.9.12
  • 0196f02 build(deps): bump pypa/cibuildwheel from 3.3.1 to 3.4.0
  • d157bdc build(deps): bump docker/setup-qemu-action from 3 to 4
  • 7fccc0f build(deps): bump actions/upload-artifact from 6 to 7
  • d52a61e chore: bump dependency libraries
  • b231d72 chore: fix building binary images
  • 6d76e84 Merge pull request #1836 from psycopg/fix-1835
  • f7e314c fix: overflow in malformed interval
  • eb905c1 docs: replace bare except clause with except Exception
  • Additional commits viewable in compare view

Updates sentry-sdk from 2.57.0 to 2.58.0

Release notes

Sourced from sentry-sdk's releases.

2.58.0

New Features ✨

Bug Fixes 🐛

Anthropic

Pydantic Ai

Other

Internal Changes 🔧

Litellm

Other

Other

... (truncated)

Changelog

Sourced from sentry-sdk's changelog.

2.58.0

New Features ✨

Bug Fixes 🐛

Anthropic

Pydantic Ai

Other

Internal Changes 🔧

Litellm

Other

Other

Commits
  • ce445d9 release: 2.58.0
  • c0c0e9c feat(litellm): Add async callbacks (#5969)
  • ea74b63 test(litellm): Replace mocks with httpx types in rate-limit test (#5975)
  • 06ed1bc test(litellm): Replace mocks with httpx types in embedding tests (#5970)
  • 66ef2e6 test(litellm): Replace mocks with httpx types in nonstreaming `completion()...
  • 96ebbf6 fix(litellm): Avoid double span exits when streaming (#5933)
  • 7e22b5d build(deps): bump actions/github-script from 8.0.0 to 9.0.0 (#5979)
  • 35151a9 build(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 (#5980)
  • d1c5b53 build(deps): bump actions/create-github-app-token from 3.0.0 to 3.1.1 (#5981)
  • e255aaf build(deps): bump getsentry/testing-ai-sdk-integrations from 6b1f51ec8af03e19...
  • Additional commits viewable in compare view

Updates granian from 2.7.3 to 2.7.4

Release notes

Sourced from granian's releases.

Granian 2.7.4

Patch release

Changes since 2.7.3:

  • Fix a bug in ASGI protocol leading to panics on malformed websocket subprotocol headers
  • Fix a bug in RSGI and WSGI protocols leading to panics on malformed response headers
  • Bump dependencies
Commits

Updates bandit[toml] to 1.9.4

Release notes

Sourced from bandit[toml]'s releases.

1.9.4

What's Changed

New Contributors

Full Changelog: PyCQA/bandit@1.9.3...1.9.4

Commits
  • 92ae8b8 Fix B106 reporting wrong line number on multiline function calls (#1360)
  • c8c8a55 Lower version guard in check_ast_node to Python 3.12 (#1355)
  • 8f2f928 Fix B615 false positive when revision is set via variable (#1358)
  • e27493f Include filename in nosec 'no failed test' warning (#1363)
  • b69b336 Fix B613 crash when reading from stdin (#1361)
  • e418b79 Bump docker/build-push-action from 6.18.0 to 6.19.2 (#1357)
  • ff646fd Bump docker/login-action from 3.6.0 to 3.7.0 (#1353)
  • c0def6c chore: fixed some typos in comments (#1351)
  • 765f00d Limit B614 to torch.load deserializers (#1348)
  • 06fbbab Bump docker/setup-buildx-action from 3.11.1 to 3.12.0 (#1347)
  • Additional commits viewable in compare view

Updates django-stubs from 5.2.9 to 6.0.3

Commits

Updates pyrefly from 0.60.2 to 0.62.0

Release notes

Sourced from pyrefly's releases.

Pyrefly v0.62.0

Full Changelog: facebook/pyrefly@0.61.1...0.62.0

Pyrefly v0.61.1

Full Changelog: facebook/pyrefly@0.61.0...0.61.1

Pyrefly v0.61.0

Full Changelog: facebook/pyrefly@0.60.2...0.61.0

Commits
  • de28393 Update pyrefly version
  • 05a213c upgrade provenant to 0.0.22
  • 141dd71 Fix lint issues
  • 4707a8f Assume unannotated __new__ returns Self (#3139)
  • 05b3e73 Add provenant-cli binary dependency
  • 593495b Bump semver 1.0.27 -> 1.0.28
  • 2dbb18d Fix incorrect type inference for enum member .value with mixin
  • 69bb021 Fix false positive invalid-type-var for generic functions used as closure def...
  • 9bc95b4 include a schema version in pyrefly report #3103 (#3163)
  • 24c22be Fix(#2918): NotImplemented being incorrectly accepted as a callable (#3101)
  • Additional commits viewable in compare view

Updates ruff from 0.15.10 to 0.15.12

Release notes

Sourced from ruff's releases.

0.15.12

Release Notes

Released on 2026-04-24.

Preview features

  • Implement #ruff:file-ignore file-level suppressions (#23599)
  • Implement #ruff:ignore logical-line suppressions (#23404)
  • Revert preview changes to displayed diagnostic severity in LSP (#24789)
  • [airflow] Implement task-branch-as-short-circuit (AIR004) (#23579)
  • [flake8-bugbear] Fix break/continue handling in loop-iterator-mutation (B909) (#24440)
  • [pylint] Fix PLC2701 for type parameter scopes (#24576)

Rule changes

  • [pandas-vet] Suggest .array as well in PD011 (#24805)

CLI

  • Respect default Unix permissions for cache files (#24794)

Documentation

  • [pylint] Fix PLR0124 description not to claim self-comparison always returns the same value (#24749)
  • [pyupgrade] Expand docs on reusable TypeVars and scoping (UP046) (#24153)
  • Improve rules table accessibility (#24711)

Contributors

Install ruff 0.15.12

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/ruff/releases/download/0.15.12/ruff-installer.sh | sh

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.12

Released on 2026-04-24.

Preview features

  • Implement #ruff:file-ignore file-level suppressions (#23599)
  • Implement #ruff:ignore logical-line suppressions (#23404)
  • Revert preview changes to displayed diagnostic severity in LSP (#24789)
  • [airflow] Implement task-branch-as-short-circuit (AIR004) (#23579)
  • [flake8-bugbear] Fix break/continue handling in loop-iterator-mutation (B909) (#24440)
  • [pylint] Fix PLC2701 for type parameter scopes (#24576)

Rule changes

  • [pandas-vet] Suggest .array as well in PD011 (#24805)

CLI

  • Respect default Unix permissions for cache files (#24794)

Documentation

  • [pylint] Fix PLR0124 description not to claim self-comparison always returns the same value (#24749)
  • [pyupgrade] Expand docs on reusable TypeVars and scoping (UP046) (#24153)
  • Improve rules table accessibility (#24711)

Contributors

0.15.11

Released on 2026-04-16.

Preview features

  • [ruff] Ignore RUF029 when function is decorated with asynccontextmanager (#24642)
  • [airflow] Implement airflow-xcom-pull-in-template-string (AIR201) (#23583)
  • [flake8-bandit] Fix S103 false positives and negatives in mask analysis (#24424)

... (truncated)

Commits
  • 66f93cf Bump 0.15.12 (#24815)
  • 476a4d0 [ty] Complete support for more detailed diagnostics on possibly unbound error...
  • ed669ea Implement #ruff:file-ignore file-level suppressions (#23599)
  • e73d952 [ty] Include inferred type in invalid-key concise diagnostic for union/inte...
  • 80feb29 [ty] report only dead annotation-only locals as unused (#24811)
  • 0fbf2bc Drop deprecated license classifier (#24808)
  • 43b174c [ty] Infer lambda parameter types with Callable type context (#24317)
  • 4f449ae [ty] Add error context for intersection types (#24772)
  • 5b4e753 [ty] Add support for goto in literal enum member inlay hint (#24792)
  • e7cc762 [ty] Add error context for TypedDict assignments (#24790)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the package-updates group across 1 directory with 1…
4b6c426 
…1 updates

Updates the requirements on [django-health-check](https://github.com/codingjoe/django-health-check), [django-storages[s3]](https://github.com/jschneier/django-storages), [django](https://github.com/django/django), [environs[django]](https://github.com/sloria/environs), [psycopg2-binary](https://github.com/psycopg/psycopg2), [sentry-sdk](https://github.com/getsentry/sentry-python), [granian](https://github.com/emmett-framework/granian), [bandit[toml]](https://github.com/PyCQA/bandit), [django-stubs](https://github.com/typeddjango/django-stubs), [pyrefly](https://github.com/facebook/pyrefly) and [ruff](https://github.com/astral-sh/ruff) to permit the latest version.

Updates `django-health-check` from 4.2.2 to 4.4.0
- [Release notes](https://github.com/codingjoe/django-health-check/releases)
- [Commits](codingjoe/django-health-check@4.2.2...4.4.0)

Updates `django-storages[s3]` to 1.14.6
- [Changelog](https://github.com/jschneier/django-storages/blob/master/CHANGELOG.rst)
- [Commits](jschneier/django-storages@1.14.4...1.14.6)

Updates `django` from 5.2.13 to 6.0.4
- [Commits](django/django@5.2.13...6.0.4)

Updates `environs[django]` to 15.0.1
- [Changelog](https://github.com/sloria/environs/blob/main/CHANGELOG.md)
- [Commits](sloria/environs@11.0.0...15.0.1)

Updates `psycopg2-binary` from 2.9.11 to 2.9.12
- [Changelog](https://github.com/psycopg/psycopg2/blob/master/NEWS)
- [Commits](psycopg/psycopg2@2.9.11...2.9.12)

Updates `sentry-sdk` from 2.57.0 to 2.58.0
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](getsentry/sentry-python@2.57.0...2.58.0)

Updates `granian` from 2.7.3 to 2.7.4
- [Release notes](https://github.com/emmett-framework/granian/releases)
- [Commits](emmett-framework/granian@v2.7.3...v2.7.4)

Updates `bandit[toml]` to 1.9.4
- [Release notes](https://github.com/PyCQA/bandit/releases)
- [Commits](PyCQA/bandit@1.7.9...1.9.4)

Updates `django-stubs` from 5.2.9 to 6.0.3
- [Release notes](https://github.com/typeddjango/django-stubs/releases)
- [Commits](typeddjango/django-stubs@5.2.9...6.0.3)

Updates `pyrefly` from 0.60.2 to 0.62.0
- [Release notes](https://github.com/facebook/pyrefly/releases)
- [Commits](facebook/pyrefly@0.60.2...0.62.0)

Updates `ruff` from 0.15.10 to 0.15.12
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.10...0.15.12)

---
updated-dependencies:
- dependency-name: django-health-check
  dependency-version: 4.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: package-updates
- dependency-name: django-storages[s3]
  dependency-version: 1.14.6
  dependency-type: direct:production
  dependency-group: package-updates
- dependency-name: django
  dependency-version: 6.0.4
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: package-updates
- dependency-name: environs[django]
  dependency-version: 15.0.1
  dependency-type: direct:production
  dependency-group: package-updates
- dependency-name: psycopg2-binary
  dependency-version: 2.9.12
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: package-updates
- dependency-name: sentry-sdk
  dependency-version: 2.58.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: package-updates
- dependency-name: granian
  dependency-version: 2.7.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: package-updates
- dependency-name: bandit[toml]
  dependency-version: 1.9.4
  dependency-type: direct:development
  dependency-group: package-updates
- dependency-name: django-stubs
  dependency-version: 6.0.3
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: package-updates
- dependency-name: pyrefly
  dependency-version: 0.62.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: package-updates
- dependency-name: ruff
  dependency-version: 0.15.12
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: package-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update Python:uv code labels Apr 27, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@derkweijers derkweijers

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update Python:uv code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@derkweijers