Skip to content

chore(deps): bump the pip-version-updates group across 1 directory with 5 updates #88

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: beta
Choose a base branch
from
Open

chore(deps): bump the pip-version-updates group across 1 directory with 5 updates #88

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 21, 2025
edited
Loading

Updates the requirements on cryptography, testcontainers, python-dotenv, sphinx and fawltydeps to permit the latest version.
Updates cryptography to 46.0.3

Changelog

Sourced from cryptography's changelog.

46.0.3 - 2025-10-15


* Fixed compilation when using LibreSSL 4.2.0.

.. _v46-0-2:


46.0.2 - 2025-09-30

  • Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.4.

.. _v46-0-1:

46.0.1 - 2025-09-16


* Fixed an issue where users installing via ``pip`` on Python 3.14 development
  versions would not properly install a dependency.
* Fixed an issue building the free-threaded macOS 3.14 wheels.

.. _v46-0-0:


46.0.0 - 2025-09-16

  • BACKWARDS INCOMPATIBLE: Support for Python 3.7 has been removed.
  • Support for OpenSSL < 3.0 is deprecated and will be removed in the next release.
  • Support for x86_64 macOS (including publishing wheels) is deprecated and will be removed in two releases. We will switch to publishing an arm64 only wheel for macOS.
  • Support for 32-bit Windows (including publishing wheels) is deprecated and will be removed in two releases. Users should move to a 64-bit Python installation.
  • Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.3.
  • We now build ppc64le manylinux wheels and publish them to PyPI.
  • We now build win_arm64 (Windows on Arm) wheels and publish them to PyPI.
  • Added support for free-threaded Python 3.14.
  • Removed the deprecated get_attribute_for_oid method on :class:~cryptography.x509.CertificateSigningRequest. Users should use :meth:~cryptography.x509.Attributes.get_attribute_for_oid instead.
  • Removed the deprecated CAST5, SEED, IDEA, and Blowfish classes from the cipher module. These are still available in :doc:/hazmat/decrepit/index.
  • In X.509, when performing a PSS signature with a SHA-3 hash, it is now encoded with the official NIST SHA3 OID.

.. _v45-0-7:

... (truncated)

Commits

Updates testcontainers from 3.7.1 to 4.13.3

Release notes

Sourced from testcontainers's releases.

testcontainers: v4.13.3

4.13.3 (2025-11-14)

python 3.14 is now supported!

Bug Fixes

  • do not require consumer of library to state nonsupport for py4 (#912) (f608df9)
  • docs: Update dependencies for docs (#900) (3f66784)

testcontainers: v4.13.2

4.13.2 (2025-10-07)

Bug Fixes

  • core: Fix issues with doctests (#893) (2e4d80a)
  • core: waiting improvements + remove decorators in core (#894) (f93f379)
  • issue #889 by changing the annotated return type of waiting_for to Self. (#890) (fe941b1)
  • mongo: mongo start waiting forever for old mongo versions (#783) (1388612)
  • redpanda: copy the startup script to a path that can be written … (#867) (e6b976d)
  • trino: Remove deprecated class and decorator from Trino container (#895) (bb646e9)

testcontainers: v4.13.1

4.13.1 (2025-09-24)

Bug Fixes

  • core: Added 'compose' in compose_command_property (#879) (769b7b6)
  • core: make sure context manager exits (#876) (10089f6)

testcontainers: v4.13.0

4.13.0 (2025-08-27)

Features

  • azurite: Enhance connection string generation for network and local access (#859) (b21e5e3)
  • core: add enhanced wait strategies (#855) (60d21f8)
  • core: DockerCompose: support list of env_files (#847) (fe206eb)

Bug Fixes

  • assert-in-get_container_host_ip-before-start (#862) (fc4155e)
  • core: improper reading of .testcontainers.properties (#863) (350f246)
  • core: Make TC_POOLING_INTERVAL/sleep_time a float (#839) (a072f3f)

testcontainers: v4.12.0

... (truncated)

Changelog

Sourced from testcontainers's changelog.

4.13.3 (2025-11-14)

Bug Fixes

  • do not require consumer of library to state nonsupport for py4 (#912) (f608df9)
  • docs: Update dependencies for docs (#900) (3f66784)
  • support python 3.14!!! - (#917) (f76e982)

4.13.2 (2025-10-07)

Bug Fixes

  • core: Fix issues with doctests (#893) (2e4d80a)
  • core: waiting improvements + remove decorators in core (#894) (f93f379)
  • issue #889 by changing the annotated return type of waiting_for to Self. (#890) (fe941b1)
  • mongo: mongo start waiting forever for old mongo versions (#783) (1388612)
  • redpanda: copy the startup script to a path that can be written … (#867) (e6b976d)
  • trino: Remove deprecated class and decorator from Trino container (#895) (bb646e9)

4.13.1 (2025-09-24)

Bug Fixes

  • core: Added 'compose' in compose_command_property (#879) (769b7b6)
  • core: make sure context manager exits (#876) (10089f6)

4.13.0 (2025-08-27)

Features

  • azurite: Enhance connection string generation for network and local access (#859) (b21e5e3)
  • core: add enhanced wait strategies (#855) (60d21f8)
  • core: DockerCompose: support list of env_files (#847) (fe206eb)

Bug Fixes

  • assert-in-get_container_host_ip-before-start (#862) (fc4155e)
  • core: improper reading of .testcontainers.properties (#863) (350f246)
  • core: Make TC_POOLING_INTERVAL/sleep_time a float (#839) (a072f3f)

4.12.0 (2025-07-21)

Features

... (truncated)

Commits
  • 5c00041 chore(main): release testcontainers 4.13.3 (#909)
  • f76e982 chore: add python 3.14 to CI matrix (#917)
  • f608df9 fix: do not require consumer of library to state nonsupport for py4 (#912)
  • 3f66784 fix(docs): Update dependencies for docs (#900)
  • 5c1504c chore(main): release testcontainers 4.13.2 (#891)
  • 1388612 fix(mongo): mongo start waiting forever for old mongo versions (#783)
  • e6b976d fix(redpanda): copy the startup script to a path that can be written … (#867)
  • bb646e9 fix(trino): Remove deprecated class and decorator from Trino container (#895)
  • 2e4d80a fix(core): Fix issues with doctests (#893)
  • f93f379 fix(core): waiting improvements + remove decorators in core (#894)
  • Additional commits viewable in compare view

Updates python-dotenv from 1.1.1 to 1.2.1

Release notes

Sourced from python-dotenv's releases.

v1.2.1

What's Changed

New Contributors

Full Changelog: theskumar/python-dotenv@v1.2.0...v1.2.1

v1.2.0

What's Changed

New Contributors

Full Changelog: theskumar/python-dotenv@v1.1.1...v1.2.0

Changelog

Sourced from python-dotenv's changelog.

[1.2.1] - 2025-10-26

  • Move more config to pyproject.toml, removed setup.cfg
  • Add support for reading .env from FIFOs (Unix) by [@​sidharth-sudhir] in #586

[1.2.0] - 2025-10-26

Commits
  • eaf2a91 Do not remove .coverage file
  • 8716196 Bump version: 1.2.0 → 1.2.1
  • b87807f Update changelog
  • 3af77d3 Support reading .env from FIFOs (Unix) (#586)
  • 467ee22 Fix test failures after moving config to pyproject.toml
  • 76999e7 Move more config pyproject.toml
  • 222ce2c Update to use trusted publisher on pypi
  • 8ed4f79 Update docs requirements
  • 5bf8822 Bump version: 1.1.1 → 1.2.0
  • 1fe11cc upadate changelog
  • Additional commits viewable in compare view

Updates sphinx from 7.4.7 to 8.1.3

Release notes

Sourced from sphinx's releases.

Sphinx 8.1.3

Changelog: https://www.sphinx-doc.org/en/master/changes/8.1.html

Bugs fixed

  • #13013: Restore support for cut_lines() with no object type. Patch by Adam Turner.

Sphinx 8.1.2

Changelog: https://www.sphinx-doc.org/en/master/changes/8.1.html

Bugs fixed

  • #13012: Expose sphinx.errors.ExtensionError in sphinx.util for backwards compatibility. This will be removed in Sphinx 9, as exposing the exception in sphinx.util was never intentional. ExtensionError has been part of sphinx.errors since Sphinx 0.9. Patch by Adam Turner.

Sphinx 8.1.1

Changelog: https://www.sphinx-doc.org/en/master/changes/8.1.html

Bugs fixed

  • #13006: Use the preferred https://www.cve.org/ URL for the :cve: role. Patch by Hugo van Kemenade.
  • #13007: LaTeX: Improve resiliency when the required fontawesome or fontawesome5 packages are not installed. Patch by Jean-François B.

Sphinx 8.1.0

Changelog: https://www.sphinx-doc.org/en/master/changes/8.1.html

Dependencies

  • #12756: Add lower-bounds to the sphinxcontrib-* dependencies. Patch by Adam Turner.
  • #12833: Update the LaTeX parskip package from 2001 to 2018. Patch by Jean-François B.

Incompatible changes

  • #12763: Remove unused internal class sphinx.util.Tee. Patch by Adam Turner.
  • #12822: LaTeX: for Unicode engines, the fvset default is changed to '\\fvset{fontsize=auto}' from '\\fvset{fontsize=\\small}'. Code-blocks are unchanged as FreeMono is now loaded with Scale=0.9. An adjustment to existing projects is needed only if they used a custom fontpkg configuration and did not set fvset.

... (truncated)

Changelog

Sourced from sphinx's changelog.

Release 8.1.3 (released Oct 13, 2024)

Bugs fixed

  • #13013: Restore support for :func:!cut_lines with no object type. Patch by Adam Turner.

Release 8.1.2 (released Oct 12, 2024)

Bugs fixed

  • #13012: Expose :exc:sphinx.errors.ExtensionError in sphinx.util for backwards compatibility. This will be removed in Sphinx 9, as exposing the exception in sphinx.util was never intentional. :exc:!ExtensionError has been part of sphinx.errors since Sphinx 0.9. Patch by Adam Turner.

Release 8.1.1 (released Oct 11, 2024)

Bugs fixed

  • #13006: Use the preferred https://www.cve.org/ URL for the :rst:role::cve: <cve> role. Patch by Hugo van Kemenade.
  • #13007: LaTeX: Improve resiliency when the required fontawesome or fontawesome5 packages are not installed. Patch by Jean-François B.

Release 8.1.0 (released Oct 10, 2024)

Dependencies

  • #12756: Add lower-bounds to the sphinxcontrib-* dependencies. Patch by Adam Turner.
  • #12833: Update the LaTeX parskip package from 2001 to 2018. Patch by Jean-François B.

Incompatible changes

  • #12763: Remove unused internal class sphinx.util.Tee.

... (truncated)

Commits

Updates fawltydeps from 0.19.0 to 0.20.0

Release notes

Sourced from fawltydeps's releases.

v0.20.0

As we're nearing the release of v1.0, here is an update with various quality-of-life improvements.

Suggesting package names for undeclared dependencies

When FawltyDeps finds a 3rd-party import that is not declared, it will output that import name as an undeclared dependency. But as we've talked about before, import names in Python are not necessarily synonymous with the package names that you would have to declare in order to make those import names available.

For example, if you import sklearn in your code, it might not be obvious that the corresponding dependency declaration should be scikit-learn, and not sklearn.

Starting with this version, if you run FawltyDeps with the --detailed option, and if there happens to be one or more (undeclared) packages in your Python environment that provide the relevant import name, then FawltyDeps will suggest these packages as potential solutions to your undeclared dependency.

For the sklearn/scikit-learn example:

These imports appear to be undeclared dependencies:
- 'sklearn'
    imported at:
      some/file.py:123
    may be provided by these packages:
      'scikit-learn'

New option to control where FawltyDeps looks for 1st-party imports

By default (and before this release) FawltyDeps looks at the paths on the command-line to deduce where 1st-party imports (i.e. your project's own modules) can be found. In some corner cases this deduction fails, and the result is typically that a 1st-party import is flagged by FawltyDeps as an undeclared dependency.

The new --base-dir allows you to control where FawltyDeps looks for 1st-party imports, and it can help fix those cases where the default deduction fails, for example in cases where you are passing individual file names (instead of directory names) on the FawltyDeps command line.

We have a new section in our FAQ to more precisely describe how the new option works, and when it's needed.

Thanks to our new co-maintainer @​layus for suggesting and contributing both of the above improvements!

Otherwise

This release also includes various quality-of-life improvements for us maintainers, not necessarily user visible:

  • We now have CodeQL and actionlint checks running in our CI pipeline, thanks to @​smelc 🎉
  • Improved documentation
  • Various internal cleanups and modernizations

What's Changed

... (truncated)

Commits
  • c0ed1a1 Bump version to v0.20.0
  • b0c9d77 test_sample_projects: Fix incorrect type annotation, found by new Mypy
  • 437361e Bump minimum Python version to allow update of transitive dependency
  • 3e8636a Update lock file, re-pin dependencies
  • b7208c7 extract_imports.parse_source: Improve interaction with dirs_between()
  • d7be28c extract_imports.parse_source(): Fix case when base_dir is not a parent
  • 7b581f8 test_extract_imports_simple: Add failing test case for issue #490
  • de7c126 test_extract_imports_simple: Reformat test vectors with dataclass
  • 4ea2c22 CI: call the CodeQL workflow from the main workflow file
  • ce4b485 Rename codeql.yml to use the yaml extension
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Dec 21, 2025
@dependabot
chore(deps): bump the pip-version-updates group across 1 directory wi…
78ba8eb 
…th 5 updates

Updates the requirements on [cryptography](https://github.com/pyca/cryptography), [testcontainers](https://github.com/testcontainers/testcontainers-python), [python-dotenv](https://github.com/theskumar/python-dotenv), [sphinx](https://github.com/sphinx-doc/sphinx) and [fawltydeps](https://github.com/tweag/FawltyDeps) to permit the latest version.

Updates `cryptography` to 46.0.3
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](pyca/cryptography@44.0.1...46.0.3)

Updates `testcontainers` from 3.7.1 to 4.13.3
- [Release notes](https://github.com/testcontainers/testcontainers-python/releases)
- [Changelog](https://github.com/testcontainers/testcontainers-python/blob/main/CHANGELOG.md)
- [Commits](testcontainers/testcontainers-python@v3.7.1...testcontainers-v4.13.3)

Updates `python-dotenv` from 1.1.1 to 1.2.1
- [Release notes](https://github.com/theskumar/python-dotenv/releases)
- [Changelog](https://github.com/theskumar/python-dotenv/blob/main/CHANGELOG.md)
- [Commits](theskumar/python-dotenv@v1.1.1...v1.2.1)

Updates `sphinx` from 7.4.7 to 8.1.3
- [Release notes](https://github.com/sphinx-doc/sphinx/releases)
- [Changelog](https://github.com/sphinx-doc/sphinx/blob/v8.1.3/CHANGES.rst)
- [Commits](sphinx-doc/sphinx@v7.4.7...v8.1.3)

Updates `fawltydeps` from 0.19.0 to 0.20.0
- [Release notes](https://github.com/tweag/FawltyDeps/releases)
- [Commits](tweag/FawltyDeps@v0.19.0...v0.20.0)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-version: 46.0.3
  dependency-type: direct:production
  dependency-group: pip-version-updates
- dependency-name: testcontainers
  dependency-version: 4.13.3
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: pip-version-updates
- dependency-name: python-dotenv
  dependency-version: 1.2.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: pip-version-updates
- dependency-name: sphinx
  dependency-version: 8.1.3
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: pip-version-updates
- dependency-name: fawltydeps
  dependency-version: 0.20.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: pip-version-updates
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/pip/pip-version-updates-9b8610f16c branch from ebb3365 to 78ba8eb Compare December 21, 2025 01:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant