Skip to content

deps: bump the production-dependencies group with 7 updates #1931

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 5, 2025
Merged

deps: bump the production-dependencies group with 7 updates #1931

merged 1 commit into from
May 5, 2025

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 5, 2025

Bumps the production-dependencies group with 7 updates:

Package From To
openai 1.76.0 1.77.0
pydantic 2.11.3 2.11.4
pip 25.1 25.1.1
boto3 1.38.3 1.38.8
pymongo 4.12.0 4.12.1
playwright 1.51.0 1.52.0
tavily-python 0.7.0 0.7.1

Updates openai from 1.76.0 to 1.77.0

Release notes

Sourced from openai's releases.

v1.77.0

1.77.0 (2025-05-02)

Full Changelog: v1.76.2...v1.77.0

Features

  • api: add image sizes, reasoning encryption (473469a)

Bug Fixes

Chores

  • only strip leading whitespace (8467d66)

v1.76.2

1.76.2 (2025-04-29)

Full Changelog: v1.76.1...v1.76.2

Chores

v1.76.1

1.76.1 (2025-04-29)

Full Changelog: v1.76.0...v1.76.1

Chores

  • broadly detect json family of content-type headers (b4b1b08)
  • ci: only use depot for staging repos (35312d8)
  • ci: run on more branches and use depot runners (a6a45d4)
Changelog

Sourced from openai's changelog.

1.77.0 (2025-05-02)

Full Changelog: v1.76.2...v1.77.0

Features

  • api: add image sizes, reasoning encryption (473469a)

Bug Fixes

Chores

  • only strip leading whitespace (8467d66)

1.76.2 (2025-04-29)

Full Changelog: v1.76.1...v1.76.2

Chores

1.76.1 (2025-04-29)

Full Changelog: v1.76.0...v1.76.1

Chores

  • broadly detect json family of content-type headers (b4b1b08)
  • ci: only use depot for staging repos (35312d8)
  • ci: run on more branches and use depot runners (a6a45d4)
Commits
  • 67997a4 release: 1.77.0
  • b8a3720 feat(api): add image sizes, reasoning encryption
  • 4fc5252 chore: only strip leading whitespace
  • b3f0daf fix(parsing): handle whitespace only strings (#2007)
  • fad098f release: 1.76.2
  • a646067 chore(api): API spec cleanup
  • b75f409 release: 1.76.1
  • 761be76 chore: broadly detect json family of content-type headers
  • c9cedd8 chore(ci): only use depot for staging repos
  • c1ceebb chore(ci): run on more branches and use depot runners
  • See full diff in compare view

Updates pydantic from 2.11.3 to 2.11.4

Release notes

Sourced from pydantic's releases.

v2.11.4 2025-04-29

What's Changed

Packaging

Changes

  • Allow config and bases to be specified together in create_model() by @​Viicos in #11714. This change was backported as it was previously possible (although not meant to be supported) to provide model_config as a field, which would make it possible to provide both configuration and bases.

Fixes

Changelog

Sourced from pydantic's changelog.

v2.11.4 (2025-04-29)

GitHub release

What's Changed

Packaging

Changes

  • Allow config and bases to be specified together in create_model() by @​Viicos in #11714. This change was backported as it was previously possible (although not meant to be supported) to provide model_config as a field, which would make it possible to provide both configuration and bases.

Fixes

Commits
  • d444cd1 Prepare release v2.11.4
  • 828fc48 Add documentation note about common pitfall with the annotated pattern
  • 42bf1fd Bump pydantic-core to v2.33.2 (#11804)
  • 7b3f513 Allow config and bases to be specified together in create_model()
  • fc52138 Traverse function-before schemas during schema gathering
  • 25af789 Fix issue with recursive generic models
  • 91ef6bb Update monthly download count in documentation
  • a830775 Bump mkdocs-llmstxt to v0.2.0
  • f5d1c87 Fix crash when expanding root type in the mypy plugin
  • c80bb35 Remove coercion of decimal constraints
  • Additional commits viewable in compare view

Updates pip from 25.1 to 25.1.1

Changelog

Sourced from pip's changelog.

25.1.1 (2025-05-02)

Bug Fixes

  • Fix req.source_dir AssertionError when using the legacy resolver. ([#13353](https://github.com/pypa/pip/issues/13353) <https://github.com/pypa/pip/issues/13353>_)
  • Fix crash on Python 3.9.6 and lower when pip failed to compile a Python module during installation. ([#13364](https://github.com/pypa/pip/issues/13364) <https://github.com/pypa/pip/issues/13364>_)
  • Names in dependency group includes are now normalized before lookup, which fixes incorrect Dependency group '...' not found errors. ([#13372](https://github.com/pypa/pip/issues/13372) <https://github.com/pypa/pip/issues/13372>_)

Vendored Libraries

  • Fix issues with using tomllib from the stdlib if available, rather than tomli
  • Upgrade dependency-groups to 1.3.1
Commits
  • 01857ef Bump for release
  • 08d8bb9 Merge pull request #13374 from pfmoore/fixups
  • 2bff84e Merge pull request #13363 from sbidoul/fix-source_dir-assert
  • 644e71d News file fixups
  • 426856f Merge pull request #13364 from ichard26/bugfix/python39
  • b7e3aea Merge pull request #13356 from eli-schwartz/tomllib
  • 8c678fe Merge pull request #13373 from sirosen/update-vendored-dependency-groups
  • 7d00639 Update newsfiles for dependency-groups patch
  • 6d28bbf Update version of dependency-groups to v1.3.1
  • 94bd66d Revert StreamWrapper removal to restore Python 3.9.{0,6} compat
  • Additional commits viewable in compare view

Updates boto3 from 1.38.3 to 1.38.8

Commits
  • 34cbb24 Merge branch 'release-1.38.8'
  • 4756482 Bumping version to 1.38.8
  • fb57777 Add changelog entries from botocore
  • c09e338 Merge branch 'release-1.38.7'
  • adcf36f Merge branch 'release-1.38.7' into develop
  • 12c8943 Bumping version to 1.38.7
  • 41d1c72 Add changelog entries from botocore
  • 98de1f1 Merge branch 'release-1.38.6'
  • 116d908 Merge branch 'release-1.38.6' into develop
  • daa52f1 Bumping version to 1.38.6
  • Additional commits viewable in compare view

Updates pymongo from 4.12.0 to 4.12.1

Release notes

Sourced from pymongo's releases.

PyMongo 4.12.1

Community notes: https://www.mongodb.com/community/forums/t/pymongo-4-12-1-released/320326

What's Changed

Full Changelog: mongodb/mongo-python-driver@4.12.0...4.12.1

Changelog

Sourced from pymongo's changelog.

Changes in Version 4.12.1 (2025/04/29)

Version 4.12.1 is a bug fix release.

  • Fixed a bug that could raise UnboundLocalError when creating asynchronous connections over SSL.
  • Fixed a bug causing SRV hostname validation to fail when resolver and resolved hostnames are identical with three domain levels.
  • Fixed a bug that caused direct use of pymongo.uri_parser to raise an AttributeError.
  • Fixed a bug where clients created with connect=False and a "mongodb+srv://" connection string could cause public pymongo.MongoClient and pymongo.AsyncMongoClient attributes (topology_description, nodes, address, primary, secondaries, arbiters) to incorrectly return a Database, leading to type errors such as: "NotImplementedError: Database objects do not implement truth value testing or bool()".
  • Removed Eventlet testing against Python versions newer than 3.9 since Eventlet is actively being sunset by its maintainers and has compatibility issues with PyMongo's dnspython dependency.
  • Fixed a bug where MongoDB cluster topology changes could cause asynchronous operations to take much longer to complete due to holding the Topology lock while closing stale connections.
  • Fixed a bug that would cause AsyncMongoClient to attempt to use PyOpenSSL when available, resulting in errors such as "pymongo.errors.ServerSelectionTimeoutError: 'SSLContext' object has no attribute 'wrap_bio'".

Issues Resolved ...............

See the PyMongo 4.12.1 release notes in JIRA_ for the list of resolved issues in this release.

.. _PyMongo 4.12.1 release notes in JIRA: https://jira.mongodb.org/secure/ReleaseNote.jspa?projectId=10004&version=43094

Commits
  • 84d0d3d BUMP 4.12.1
  • c52a456 PYTHON-5357 Update changelog for 4.12.1 release (#2321) (#2323)
  • dd99f80 PYTHON-5309: [v4.12] AsyncMongoClient doesn't use PyOpenSSL (#2286) (#2319)
  • fecd29c PYTHON-5336 Added VECTOR_SUBTYPE line to API docs (#2313) [v4.12] (#2314)
  • c11d0f4 PYTHON-5306: [v4.12] - Fix use of public MongoClient attributes before connec...
  • f5836b3 PYTHON-5346: [v4.12] test_init_disconnected_with_srv cannot run against shard...
  • 38bc13d PYTHON-5212 [v4.12] Do not hold Topology lock while resetting pool (#2307)
  • c6671e2 PYTHON-5348 Fix CodeQL Scanning for GitHub Actions (#2308) [v4.12] (#2310)
  • 79cb34a PYTHON-5314 [v4.12] Fix default imports for modules that worked in v4.8 (#230...
  • c837846 PYTHON-5310 [v4.12] Fix uri_parser AttributeError when used directly (#2283) ...
  • Additional commits viewable in compare view

Updates playwright from 1.51.0 to 1.52.0

Release notes

Sourced from playwright's releases.

v1.52.0

Highlights

  • New method expect(locator).to_contain_class() to ergonomically assert individual class names on the element.

      expect(page.get_by_role("listitem", name="Ship v1.52")).to_contain_class("done")

  • Aria Snapshots got two new properties: /children for strict matching and /url for links.

    expect(locator).to_match_aria_snapshot("""
  - list
    - /children: equal
    - listitem: Feature A
    - listitem:
      - link "Feature B":
        - /url: "https://playwright.dev"
""")

Miscellaneous

Breaking Changes

  • Method route.continue() does not allow to override the Cookie header anymore. If a Cookie header is provided, it will be ignored, and the cookie will be loaded from the browser's cookie store. To set custom cookies, use browserContext.add_cookies().
  • macOS 13 is now deprecated and will no longer receive WebKit updates. Please upgrade to a more recent macOS version to continue benefiting from the latest WebKit improvements.

Browser Versions

  • Chromium 136.0.7103.25
  • Mozilla Firefox 137.0
  • WebKit 18.4

This version was also tested against the following stable channels:

  • Google Chrome 135
  • Microsoft Edge 135
Commits
  • eec856f chore(roll): roll glob changes from Playwright 1.52.0 (#2824)
  • f5857df chore: publish win32-arm64 wheel (#2800)
  • ec92f20 build(deps): bump types-requests from 2.32.0.20250306 to 2.32.0.20250328 (#2807)
  • 0e23e33 build(deps): bump pytest-repeat from 0.9.3 to 0.9.4 (#2812)
  • dc525e7 chore: adjust license metadata in pyproject.toml (#2828)
  • 805147f build(deps): bump actions/create-github-app-token from 1 to 2 in the actions ...
  • 10e9ea3 build(deps): bump typing-extensions from 4.12.2 to 4.13.2 (#2817)
  • 353c9d5 build(deps): bump pytest-cov from 6.0.0 to 6.1.1 (#2811)
  • 74e2177 chore(roll): roll Playwright to 1.52.0 (omitting glob changes) (#2823)
  • 68d96cb build(deps): bump flake8 from 7.1.2 to 7.2.0 (#2806)
  • Additional commits viewable in compare view

Updates tavily-python from 0.7.0 to 0.7.1

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels May 5, 2025
@collindutter collindutter force-pushed the dependabot/uv/production-dependencies-5cf5ff2e8d branch from 235be40 to 0f60dd8 Compare May 5, 2025 19:34
@codecov Codecov
Copy link

codecov bot commented May 5, 2025

Codecov Report

All modified and coverable lines are covered by tests ✅

📢 Thoughts on this report? Let us know!

@dependabot @collindutter
deps: bump the production-dependencies group with 7 updates
39b07c4 
Bumps the production-dependencies group with 7 updates:

| Package | From | To |
| --- | --- | --- |
| [openai](https://github.com/openai/openai-python) | `1.76.0` | `1.77.0` |
| [pydantic](https://github.com/pydantic/pydantic) | `2.11.3` | `2.11.4` |
| [pip](https://github.com/pypa/pip) | `25.1` | `25.1.1` |
| [boto3](https://github.com/boto/boto3) | `1.38.3` | `1.38.8` |
| [pymongo](https://github.com/mongodb/mongo-python-driver) | `4.12.0` | `4.12.1` |
| [playwright](https://github.com/microsoft/playwright-python) | `1.51.0` | `1.52.0` |
| [tavily-python](https://github.com/tavily-ai/tavily-python) | `0.7.0` | `0.7.1` |


Updates `openai` from 1.76.0 to 1.77.0
- [Release notes](https://github.com/openai/openai-python/releases)
- [Changelog](https://github.com/openai/openai-python/blob/main/CHANGELOG.md)
- [Commits](openai/openai-python@v1.76.0...v1.77.0)

Updates `pydantic` from 2.11.3 to 2.11.4
- [Release notes](https://github.com/pydantic/pydantic/releases)
- [Changelog](https://github.com/pydantic/pydantic/blob/main/HISTORY.md)
- [Commits](pydantic/pydantic@v2.11.3...v2.11.4)

Updates `pip` from 25.1 to 25.1.1
- [Changelog](https://github.com/pypa/pip/blob/main/NEWS.rst)
- [Commits](pypa/pip@25.1...25.1.1)

Updates `boto3` from 1.38.3 to 1.38.8
- [Release notes](https://github.com/boto/boto3/releases)
- [Commits](boto/boto3@1.38.3...1.38.8)

Updates `pymongo` from 4.12.0 to 4.12.1
- [Release notes](https://github.com/mongodb/mongo-python-driver/releases)
- [Changelog](https://github.com/mongodb/mongo-python-driver/blob/master/doc/changelog.rst)
- [Commits](mongodb/mongo-python-driver@4.12.0...4.12.1)

Updates `playwright` from 1.51.0 to 1.52.0
- [Release notes](https://github.com/microsoft/playwright-python/releases)
- [Commits](microsoft/playwright-python@v1.51.0...v1.52.0)

Updates `tavily-python` from 0.7.0 to 0.7.1
- [Commits](https://github.com/tavily-ai/tavily-python/commits)

---
updated-dependencies:
- dependency-name: openai
  dependency-version: 1.77.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: pydantic
  dependency-version: 2.11.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: pip
  dependency-version: 25.1.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: boto3
  dependency-version: 1.38.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: pymongo
  dependency-version: 4.12.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: playwright
  dependency-version: 1.52.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: tavily-python
  dependency-version: 0.7.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@collindutter collindutter force-pushed the dependabot/uv/production-dependencies-5cf5ff2e8d branch from 0f60dd8 to 39b07c4 Compare May 5, 2025 20:21
@collindutter collindutter merged commit 325d17e into main May 5, 2025
17 checks passed
@collindutter collindutter deleted the dependabot/uv/production-dependencies-5cf5ff2e8d branch May 5, 2025 20:39
@collindutter collindutter mentioned this pull request May 5, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@collindutter collindutter collindutter approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@collindutter