Skip to content

build(deps-dev): bump the safe group across 1 directory with 5 updates#89

Open
dependabot[bot] wants to merge 1 commit intodevfrom
dependabot/uv/dev/safe-545fe4ea29
Open

build(deps-dev): bump the safe group across 1 directory with 5 updates#89
dependabot[bot] wants to merge 1 commit intodevfrom
dependabot/uv/dev/safe-545fe4ea29

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot bot commented on behalf of github Mar 23, 2026

Bumps the safe group with 5 updates in the / directory:

Package From To
hatch 1.16.4 1.16.5
ruff 0.15.4 0.15.7
mkdocs-material 9.7.3 9.7.6
fastapi 0.133.1 0.135.2
pytest-cov 7.0.0 7.1.0

Updates hatch from 1.16.4 to 1.16.5

Release notes

Sourced from hatch's releases.

Hatch v1.16.5

Fixed:

  • Handle a breaking change in virtualenv by only supporting the latest version and adding python-discovery as a dependency.
Commits

Updates ruff from 0.15.4 to 0.15.7

Release notes

Sourced from ruff's releases.

0.15.7

Release Notes

Released on 2026-03-19.

Preview features

  • Display output severity in preview (#23845)
  • Don't show noqa hover for non-Python documents (#24040)

Rule changes

  • [pycodestyle] Recognize pyrefly: as a pragma comment (E501) (#24019)

Server

  • Don't return code actions for non-Python documents (#23905)

Documentation

  • Add company AI policy to contributing guide (#24021)
  • Document editor features for Markdown code formatting (#23924)
  • [pylint] Improve phrasing (PLC0208) (#24033)

Other changes

  • Use PEP 639 license information (#19661)

Contributors

Install ruff 0.15.7

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/ruff/releases/download/0.15.7/ruff-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/ruff/releases/download/0.15.7/ruff-installer.ps1 | iex"
</tr></table>

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.7

Released on 2026-03-19.

Preview features

  • Display output severity in preview (#23845)
  • Don't show noqa hover for non-Python documents (#24040)

Rule changes

  • [pycodestyle] Recognize pyrefly: as a pragma comment (E501) (#24019)

Server

  • Don't return code actions for non-Python documents (#23905)

Documentation

  • Add company AI policy to contributing guide (#24021)
  • Document editor features for Markdown code formatting (#23924)
  • [pylint] Improve phrasing (PLC0208) (#24033)

Other changes

  • Use PEP 639 license information (#19661)

Contributors

0.15.6

Released on 2026-03-12.

Preview features

  • Add support for lazy import parsing (#23755)
  • Add support for star-unpacking of comprehensions (PEP 798) (#23788)
  • Reject semantic syntax errors for lazy imports (#23757)
  • Drop a few rules from the preview default set (#23879)
  • [airflow] Flag Variable.get() calls outside of task execution context (AIR003) (#23584)
  • [airflow] Flag runtime-varying values in DAG/task constructor arguments (AIR304) (#23631)
  • [flake8-bugbear] Implement delattr-with-constant (B043) (#23737)

... (truncated)

Commits
  • 0ef39de Bump 0.15.7 (#24049)
  • beb543b [ty] ecosystem-analyzer: Fail on newly panicking projects (#24043)
  • 378fe73 Don't show noqa hover for non-Python documents (#24040)
  • b5665bd [pylint] Improve phrasing (PLC0208) (#24033)
  • 6e20f22 test: migrate show_settings and version tests to use CliTest (#23702)
  • f99b284 Drain file watcher events during test setup (#24030)
  • 744c996 [ty] Filter out unsatisfiable inference attempts during generic call narrowin...
  • 1616095 [ty] Avoid inferring intersection types for call arguments (#23933)
  • 7f275f4 [ty] Pin mypy_primer in setup_primer_project.py (#24020)
  • 7255e36 [pycodestyle] Recognize pyrefly: as a pragma comment (E501) (#24019)
  • Additional commits viewable in compare view

Updates mkdocs-material from 9.7.3 to 9.7.6

Release notes

Sourced from mkdocs-material's releases.

mkdocs-material-9.7.6

[!WARNING]

Material for MkDocs is in maintenance mode

Going forward, the Material for MkDocs team focuses on Zensical, a next-gen static site generator built from first principles. We will provide critical bug fixes and security updates for Material for MkDocs until November 2026.

Read the full announcement on our blog

Changes

  • Automatically disable MkDocs 2.0 warning for forks of MkDocs

mkdocs-material-9.7.5

[!WARNING]

Material for MkDocs is in maintenance mode

Going forward, the Material for MkDocs team focuses on Zensical, a next-gen static site generator built from first principles. We will provide critical bug fixes and security updates for Material for MkDocs until November 2026.

Read the full announcement on our blog

Changes

  • Limited version range of mkdocs to <2
  • Updated MkDocs 2.0 incompatibility warning (clarify relation with MkDocs)

mkdocs-material-9.7.4

[!WARNING]

Material for MkDocs is in maintenance mode

Going forward, the Material for MkDocs team focuses on Zensical, a next-gen static site generator built from first principles. We will provide critical bug fixes and security updates for Material for MkDocs until November 2026.

Read the full announcement on our blog

Changes

  • Hardened social cards plugin by switching to sandboxed environment (recommended by @​caveeroo)
  • Updated MkDocs 2.0 incompatibility warning
Changelog

Sourced from mkdocs-material's changelog.

mkdocs-material-9.7.6 (2026-03-19)

  • Automatically disable MkDocs 2.0 warning for forks of MkDocs

mkdocs-material-9.7.5 (2026-03-10)

  • Limited version range of mkdocs to <2
  • Updated MkDocs 2.0 incompatibility warning (clarify relation with MkDocs)

mkdocs-material-9.7.4 (2026-03-03)

  • Hardened social cards plugin by switching to sandboxed environment
  • Updated MkDocs 2.0 incompatibility warning

mkdocs-material-9.7.3 (2026-02-24)

  • Fixed #8567: Print MkDocs 2.0 incompatibility warning to stderr

mkdocs-material-9.7.2 (2026-02-18)

  • Opened up version ranges of optional dependencies for forward-compatibility
  • Added warning to 'mkdocs build' about impending MkDocs 2.0 incompatibility

mkdocs-material-9.7.1 (2025-12-18)

  • Updated requests to 2.30+ to mitigate CVE in urllib
  • Fixed privacy plugin not picking up protocol-relative URLs
  • Fixed #8542: false positives and negatives captured in privacy plugin

mkdocs-material-9.7.0 (2025-11-11)

⚠️ Material for MkDocs is now in maintenance mode

This is the last release of Material for MkDocs that will receive new features. Going forward, the Material for MkDocs team focuses on Zensical, a next-gen static site generator built from first principles. We will provide critical bug fixes and security updates for Material for MkDocs for 12 months at least.

Read the full announcement on our blog: https://squidfunk.github.io/mkdocs-material/blog/2025/11/05/zensical/

This release includes all features that were previously exclusive to the Insiders edition. These features are now freely available to everyone.

Note on deprecated plugins: The projects and typeset plugins are included in this release, but must be considered deprecated. Both plugins proved unsustainable to maintain and represent architectural dead ends. They are provided as-is without ongoing support.

Changes:

... (truncated)

Commits
  • 6c52ed6 Prepare 9.7.6 release
  • 51d9b76 Automatically disable MkDocs 2.0 warning for forks of MkDocs
  • 6f9a48b Updated links
  • 00b9933 Prepare 9.7.5 release
  • 37683d1 Updated blog post on MkDocs 2.0
  • 199e315 Updated warning message to clarify relation to MkDocs
  • 1025833 Limited version range of mkdocs to <2
  • 1532f52 Added update log to blog post
  • d0c8b28 Updated dependencies to fix vulnerabilities
  • 71d4869 Updated blog post on MkDocs 2.0
  • Additional commits viewable in compare view

Updates fastapi from 0.133.1 to 0.135.2

Release notes

Sourced from fastapi's releases.

0.135.2

Upgrades

  • ⬆️ Increase lower bound to pydantic >=2.9.0. and fix the test suite. PR #15139 by @​svlandeg.

Docs

Translations

Internal

... (truncated)

Commits
  • 25a3697 🔖 Release version 0.135.2
  • ab125da 📝 Update release notes
  • 122b6d4 📝 Add missing last release notes dates (#15202)
  • 68ac0ab 📝 Update release notes
  • ea6e287 📝 Update docs for contributors and team members regarding translation PRs (#1...
  • d0a6f20 📝 Update release notes
  • fd9e192 💄 Fix code blocks in reference docs overflowing table width (#15094)
  • fce9460 📝 Update release notes
  • 0227991 🔨 Exclude spam comments from statistics in scripts/people.py (#15088)
  • cbd64b0 📝 Update release notes
  • Additional commits viewable in compare view

Updates pytest-cov from 7.0.0 to 7.1.0

Changelog

Sourced from pytest-cov's changelog.

7.1.0 (2026-03-21)

  • Fixed total coverage computation to always be consistent, regardless of reporting settings. Previously some reports could produce different total counts, and consequently can make --cov-fail-under behave different depending on reporting options. See [#641](https://github.com/pytest-dev/pytest-cov/issues/641) <https://github.com/pytest-dev/pytest-cov/issues/641>_.

  • Improve handling of ResourceWarning from sqlite3.

    The plugin adds warning filter for sqlite3 ResourceWarning unclosed database (since 6.2.0). It checks if there is already existing plugin for this message by comparing filter regular expression. When filter is specified on command line the message is escaped and does not match an expected message. A check for an escaped regular expression is added to handle this case.

    With this fix one can suppress ResourceWarning from sqlite3 from command line::

    pytest -W "ignore:unclosed database in <sqlite3.Connection object at:ResourceWarning" ...

  • Various improvements to documentation. Contributed by Art Pelling in [#718](https://github.com/pytest-dev/pytest-cov/issues/718) <https://github.com/pytest-dev/pytest-cov/pull/718>_ and "vivodi" in [#738](https://github.com/pytest-dev/pytest-cov/issues/738) <https://github.com/pytest-dev/pytest-cov/pull/738>. Also closed [#736](https://github.com/pytest-dev/pytest-cov/issues/736) <https://github.com/pytest-dev/pytest-cov/issues/736>.

  • Fixed some assertions in tests. Contributed by in Markéta Machová in [#722](https://github.com/pytest-dev/pytest-cov/issues/722) <https://github.com/pytest-dev/pytest-cov/pull/722>_.

  • Removed unnecessary coverage configuration copying (meant as a backup because reporting commands had configuration side-effects before coverage 5.0).

Commits
  • 66c8a52 Bump version: 7.0.0 → 7.1.0
  • f707662 Make the examples use pypy 3.11.
  • 6049a78 Make context test use the old ctracer (seems the new sysmon tracer behaves di...
  • 8ebf20b Update changelog.
  • 861d30e Remove the backup context manager - shouldn't be needed since coverage 5.0, ...
  • fd4c956 Pass the precision on the nulled total (seems that there's some caching goion...
  • 78c9c4e Only run the 3.9 on older deps.
  • 4849a92 Punctuation.
  • 197c35e Update changelog and hopefully I don't forget to publish release again :))
  • 14dc1c9 Update examples to use 3.11 and make the adhoc layout example look a bit more...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps-dev): bump the safe group across 1 directory with 5 updates
78be9fe 
Bumps the safe group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [hatch](https://github.com/pypa/hatch) | `1.16.4` | `1.16.5` |
| [ruff](https://github.com/astral-sh/ruff) | `0.15.4` | `0.15.7` |
| [mkdocs-material](https://github.com/squidfunk/mkdocs-material) | `9.7.3` | `9.7.6` |
| [fastapi](https://github.com/fastapi/fastapi) | `0.133.1` | `0.135.2` |
| [pytest-cov](https://github.com/pytest-dev/pytest-cov) | `7.0.0` | `7.1.0` |



Updates `hatch` from 1.16.4 to 1.16.5
- [Release notes](https://github.com/pypa/hatch/releases)
- [Commits](pypa/hatch@hatch-v1.16.4...hatch-v1.16.5)

Updates `ruff` from 0.15.4 to 0.15.7
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.4...0.15.7)

Updates `mkdocs-material` from 9.7.3 to 9.7.6
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](squidfunk/mkdocs-material@9.7.3...9.7.6)

Updates `fastapi` from 0.133.1 to 0.135.2
- [Release notes](https://github.com/fastapi/fastapi/releases)
- [Commits](fastapi/fastapi@0.133.1...0.135.2)

Updates `pytest-cov` from 7.0.0 to 7.1.0
- [Changelog](https://github.com/pytest-dev/pytest-cov/blob/master/CHANGELOG.rst)
- [Commits](pytest-dev/pytest-cov@v7.0.0...v7.1.0)

---
updated-dependencies:
- dependency-name: hatch
  dependency-version: 1.16.5
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: safe
- dependency-name: ruff
  dependency-version: 0.15.7
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: safe
- dependency-name: mkdocs-material
  dependency-version: 9.7.6
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: safe
- dependency-name: fastapi
  dependency-version: 0.135.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: safe
- dependency-name: pytest-cov
  dependency-version: 7.1.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: safe
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Mar 23, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants