Skip to content

chore(deps): bump the default group with 4 updates #262

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jun 30, 2025
Merged

chore(deps): bump the default group with 4 updates #262

merged 1 commit into from
Jun 30, 2025

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jun 23, 2025
edited
Loading

Bumps the default group with 4 updates: boto3, uv, pytest and tox.

Updates boto3 from 1.38.36 to 1.38.41

Commits
  • 1e814dd Merge branch 'release-1.38.41'
  • 6733db3 Bumping version to 1.38.41
  • bddf62c Add changelog entries from botocore
  • bc5c039 Merge branch 'release-1.38.40'
  • 5d74c47 Merge branch 'release-1.38.40' into develop
  • 5c42073 Bumping version to 1.38.40
  • ef2deab Add changelog entries from botocore
  • 0a143ee Merge pull request #4559 from boto/ruff_update_2025
  • 0b2d98e Merge branch 'release-1.38.39'
  • 4105be1 Merge branch 'release-1.38.39' into develop
  • Additional commits viewable in compare view

Updates uv from 0.7.13 to 0.7.14

Release notes

Sourced from uv's releases.

0.7.14

Release Notes

Enhancements

  • Add XPU to --torch-backend (#14172)
  • Add ROCm backends to --torch-backend (#14120)
  • Remove preview label from --torch-backend (#14119)
  • Add [tool.uv.dependency-groups].mygroup.requires-python (#13735)
  • Add auto-detection for AMD GPUs (#14176)
  • Show retries for HTTP status code errors (#13897)
  • Support transparent Python patch version upgrades (#13954)
  • Warn on empty index directory (#13940)
  • Publish to DockerHub (#14088)

Performance

  • Make cold resolves about 10% faster (#14035)

Bug fixes

  • Don't use walrus operator in interpreter query script (#14108)
  • Fix handling of changes to requires-python (#14076)
  • Fix implied platform_machine marker for win_amd64 platform tag (#14041)
  • Only update existing symlink directories on preview uninstall (#14179)
  • Serialize Python requests for tools as canonicalized strings (#14109)
  • Support netrc and same-origin credential propagation on index redirects (#14126)
  • Support reading dependency-groups from pyproject.tomls with no [project] (#13742)
  • Handle an existing shebang in uv init --script (#14141)
  • Prevent concurrent updates of the environment in uv run (#14153)
  • Filter managed Python distributions by platform before querying when included in request (#13936)

Documentation

  • Replace cuda124 with cuda128 (#14168)
  • Document the way member sources shadow workspace sources (#14136)
  • Sync documented PyTorch integration index for CUDA and ROCm versions from PyTorch website (#14100)

Install uv 0.7.14

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/uv/releases/download/0.7.14/uv-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://github.com/astral-sh/uv/releases/download/0.7.14/uv-installer.ps1 | iex"
</tr></table>

... (truncated)

Changelog

Sourced from uv's changelog.

0.7.14

Enhancements

  • Add XPU to --torch-backend (#14172)
  • Add ROCm backends to --torch-backend (#14120)
  • Remove preview label from --torch-backend (#14119)
  • Add [tool.uv.dependency-groups].mygroup.requires-python (#13735)
  • Add auto-detection for AMD GPUs (#14176)
  • Show retries for HTTP status code errors (#13897)
  • Support transparent Python patch version upgrades (#13954)
  • Warn on empty index directory (#13940)
  • Publish to DockerHub (#14088)

Performance

  • Make cold resolves about 10% faster (#14035)

Bug fixes

  • Don't use walrus operator in interpreter query script (#14108)
  • Fix handling of changes to requires-python (#14076)
  • Fix implied platform_machine marker for win_amd64 platform tag (#14041)
  • Only update existing symlink directories on preview uninstall (#14179)
  • Serialize Python requests for tools as canonicalized strings (#14109)
  • Support netrc and same-origin credential propagation on index redirects (#14126)
  • Support reading dependency-groups from pyproject.tomls with no [project] (#13742)
  • Handle an existing shebang in uv init --script (#14141)
  • Prevent concurrent updates of the environment in uv run (#14153)
  • Filter managed Python distributions by platform before querying when included in request (#13936)

Documentation

  • Replace cuda124 with cuda128 (#14168)
  • Document the way member sources shadow workspace sources (#14136)
  • Sync documented PyTorch integration index for CUDA and ROCm versions from PyTorch website (#14100)
Commits
  • e7f5967 Don't block docker logins on it being a pull-request (#14222)
  • 92de53f Bump version to 0.7.14 (#14218)
  • 2d2dd0c Update upgrade tests to use 3.10.17 instead of 3.10.8 (#14219)
  • b06dec8 Improve Python uninstall perf by removing unnecessary call to `installations....
  • 6481aa3 Consolidate logic for checking for a virtual environment (#14214)
  • a9a9e71 Update google-github-actions/setup-gcloud digest to a8b5801 (#14205)
  • ac1405e Update Rust crate syn to v2.0.104 (#14208)
  • 3e9dbe8 Update Rust crate mimalloc to v0.1.47 (#14207)
  • 46221b4 Update EmbarkStudios/cargo-deny-action action to v2.0.12 (#14206)
  • a52595b Update google-github-actions/auth digest to 0920706 (#14204)
  • Additional commits viewable in compare view

Updates pytest from 8.4.0 to 8.4.1

Release notes

Sourced from pytest's releases.

8.4.1

pytest 8.4.1 (2025-06-17)

Bug fixes

  • #13461: Corrected _pytest.terminal.TerminalReporter.isatty to support being called as a method. Before it was just a boolean which could break correct code when using -o log_cli=true).

  • #13477: Reintroduced pytest.PytestReturnNotNoneWarning{.interpreted-text role="class"} which was removed by accident in pytest [8.4]{.title-ref}.

    This warning is raised when a test functions returns a value other than None, which is often a mistake made by beginners.

    See return-not-none{.interpreted-text role="ref"} for more information.

  • #13497: Fixed compatibility with Twisted 25+.

Improved documentation

  • #13492: Fixed outdated warning about faulthandler not working on Windows.
Commits

Updates tox from 4.26.0 to 4.27.0

Release notes

Sourced from tox's releases.

4.27.0

What's Changed

Full Changelog: tox-dev/tox@4.26.0...4.27.0

Changelog

Sourced from tox's changelog.

v4.27.0 (2025-06-17)

Features - 4.27.0

- Add ``free_threaded`` flag to to ``"python"`` entries in json output of ``--result-json``. (:issue:`3534`)

Bugfixes - 4.27.0

  • Fix dependency-group name normalization. (:issue:3539)
  • Improves logging of environment variables by sorting them by key and redacting the values for the ones that are likely to contain secrets. (:issue:3542)
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot requested a review from a team as a code owner June 23, 2025 20:54
@dependabot
chore(deps): bump the default group with 4 updates
0343627 
Bumps the default group with 4 updates: [boto3](https://github.com/boto/boto3), [uv](https://github.com/astral-sh/uv), [pytest](https://github.com/pytest-dev/pytest) and [tox](https://github.com/tox-dev/tox).


Updates `boto3` from 1.38.36 to 1.38.41
- [Release notes](https://github.com/boto/boto3/releases)
- [Commits](boto/boto3@1.38.36...1.38.41)

Updates `uv` from 0.7.13 to 0.7.14
- [Release notes](https://github.com/astral-sh/uv/releases)
- [Changelog](https://github.com/astral-sh/uv/blob/main/CHANGELOG.md)
- [Commits](astral-sh/uv@0.7.13...0.7.14)

Updates `pytest` from 8.4.0 to 8.4.1
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](pytest-dev/pytest@8.4.0...8.4.1)

Updates `tox` from 4.26.0 to 4.27.0
- [Release notes](https://github.com/tox-dev/tox/releases)
- [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst)
- [Commits](tox-dev/tox@4.26.0...4.27.0)

---
updated-dependencies:
- dependency-name: boto3
  dependency-version: 1.38.41
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: default
- dependency-name: uv
  dependency-version: 0.7.14
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: default
- dependency-name: pytest
  dependency-version: 8.4.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: default
- dependency-name: tox
  dependency-version: 4.27.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: default
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/pip/default-15d4fdeeba branch from 7ed409c to 0343627 Compare June 30, 2025 21:25
@edgarrmondragon edgarrmondragon merged commit 22d167c into main Jun 30, 2025
5 checks passed
@edgarrmondragon edgarrmondragon deleted the dependabot/pip/default-15d4fdeeba branch June 30, 2025 21:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@edgarrmondragon edgarrmondragon edgarrmondragon approved these changes

Assignees
No one assigned
Labels
dependencies
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@edgarrmondragon