Skip to content

chore(deps): bump the python-dependencies group across 1 directory with 6 updates #519

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
dependabot wants to merge 1 commit into from
Closed

chore(deps): bump the python-dependencies group across 1 directory with 6 updates #519

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 23, 2025
edited
Loading

Bumps the python-dependencies group with 6 updates in the / directory:

Package From To
sqlalchemy 2.0.44 2.0.45
newrelic 11.1.0 11.2.0
ruff 0.14.6 0.14.9
pytest 9.0.1 9.0.2
mypy 1.18.2 1.19.1
pre-commit 4.5.0 4.5.1

Updates sqlalchemy from 2.0.44 to 2.0.45

Release notes

Sourced from sqlalchemy's releases.

2.0.45

Released: December 9, 2025

orm

  • [orm] [bug] Fixed issue where calling Mapper.add_property() within mapper event hooks such as MapperEvents.instrument_class(), MapperEvents.after_mapper_constructed(), or MapperEvents.before_mapper_configured() would raise an AttributeError because the mapper's internal property collections were not yet initialized. The Mapper.add_property() method now handles early-stage property additions correctly, allowing properties including column properties, deferred columns, and relationships to be added during mapper initialization events. Pull request courtesy G Allajmi.

    References: #12858

  • [orm] [bug] Fixed issue in Python 3.14 where dataclass transformation would fail when a mapped class using MappedAsDataclass included a relationship() referencing a class that was not available at runtime (e.g., within a TYPE_CHECKING block). This occurred when using Python 3.14's PEP 649 deferred annotations feature, which is the default behavior without a from __future__ import annotations directive.

    References: #12952

examples

  • [examples] [bug] Fixed the "short_selects" performance example where the cache was being used in all the examples, making it impossible to compare performance with and without the cache. Less important comparisons like "lambdas" and "baked queries" have been removed.

sql

  • [sql] [bug] Some improvements to the _sql.ClauseElement.params() method to replace bound parameters in a query were made, however the ultimate issue in #12915 involving ORM _orm.aliased() cannot be fixed fully until 2.1, where the method is being rewritten to work without relying on Core cloned traversal.

    References: #12915

  • [sql] [bug] Fixed issue where using the ColumnOperators.in_() operator with a nested CompoundSelect statement (e.g. an INTERSECT of UNION queries) would raise a NotImplementedError when the

... (truncated)

Commits

Updates newrelic from 11.1.0 to 11.2.0

Release notes

Sourced from newrelic's releases.

v11.2.0

Notes

This release of the Python agent adds support for the following:

This release also addresses a bug in ASGI instrumentation where headers are not reported by the web server.

Install the agent using easy_install/pip/distribute via the Python Package Index, using conda via the Conda-Forge Package Index, or download it directly from the New Relic download site.

Features

  • Add support for Strands

    • Add instrumentation for Strands tools and agents in single and multi-agent (swarms, graphs, etc.) setups

  • Add support for AWS Bedrock Converse Streaming

    • Add monitoring support for streaming Converse API. This includes support for Converse chat completion calls made with boto3 and aioboto3 clients using converse_stream().

  • Add support for Redis methods

    • Add support for the following methods:
    • hybrid_search
    • msetex

  • Add support for loop_factory in asyncio.Runner

    • In Python 3.11, the asyncio.Runner class was added as well as the loop_factory parameter. The loop_factory parameter provides a replacement for loop policies. Now, the loop that is created is instrumented, regardless of whether it is through a global event loop setting or a custom event loop.

  • Capture Langchain role assignments in LLM events

    • Langchain LlmChatCompletionMessage events now contains the assigned role from Langchain.

  • Capture LLM event timestamp at time of LLM request

    • Previously, the LLM event's timestamp was captured at the time of event creation. Now, it is more accurately captured at the time of the LLM request.

Bug fixes

  • ASGI header consumption

    • When an ASGIWebTransaction consumes the headers from a http.response.start event, it was doing so without regard to the allowable input types. When the headers are a generator, the generator was consumed by the call to process_response() leaving no headers remaining for the web server to send. This has now been fixed.
Commits
  • ac9682c Merge pull request #1601 from newrelic/sgoel/fixed_tool_type_bug
  • ac6eb5f Merge branch 'main' into sgoel/fixed_tool_type_bug
  • c31c334 Merge pull request #1600 from newrelic/develop-strands
  • 6cedff1 Merge branch 'main' into develop-strands
  • 661efd8 Merge branch 'main' into sgoel/fixed_tool_type_bug
  • 6860fc1 Add safeguarding to converse attr extraction. (#1603)
  • 7853b9e Merge branch 'main' into develop-strands
  • ea07f00 Merge branch 'main' into sgoel/fixed_tool_type_bug
  • 7bea863 Pin langchain & langchain_core (#1604)
  • 12b8ba1 Merge branch 'main' into sgoel/fixed_tool_type_bug
  • Additional commits viewable in compare view

Updates ruff from 0.14.6 to 0.14.9

Release notes

Sourced from ruff's releases.

0.14.9

Release Notes

Released on 2025-12-11.

Preview features

  • [ruff] New RUF100 diagnostics for unused range suppressions (#21783)
  • [pylint] Detect subclasses of builtin exceptions (PLW0133) (#21382)

Bug fixes

  • Fix comment placement in lambda parameters (#21868)
  • Skip over trivia tokens after re-lexing (#21895)
  • [flake8-bandit] Fix false positive when using non-standard CSafeLoader path (S506). (#21830)
  • [flake8-bugbear] Accept immutable slice default arguments (B008) (#21823)

Rule changes

  • [pydocstyle] Suppress D417 for parameters with Unpack annotations (#21816)

Performance

  • Use memchr for computing line indexes (#21838)

Documentation

  • Document *.pyw is included by default in preview (#21885)
  • Document range suppressions, reorganize suppression docs (#21884)
  • Update mkdocs-material to 9.7.0 (Insiders now free) (#21797)

Contributors

Install ruff 0.14.9

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/ruff/releases/download/0.14.9/ruff-installer.sh | sh

... (truncated)

Changelog

Sourced from ruff's changelog.

0.14.9

Released on 2025-12-11.

Preview features

  • [ruff] New RUF100 diagnostics for unused range suppressions (#21783)
  • [pylint] Detect subclasses of builtin exceptions (PLW0133) (#21382)

Bug fixes

  • Fix comment placement in lambda parameters (#21868)
  • Skip over trivia tokens after re-lexing (#21895)
  • [flake8-bandit] Fix false positive when using non-standard CSafeLoader path (S506). (#21830)
  • [flake8-bugbear] Accept immutable slice default arguments (B008) (#21823)

Rule changes

  • [pydocstyle] Suppress D417 for parameters with Unpack annotations (#21816)

Performance

  • Use memchr for computing line indexes (#21838)

Documentation

  • Document *.pyw is included by default in preview (#21885)
  • Document range suppressions, reorganize suppression docs (#21884)
  • Update mkdocs-material to 9.7.0 (Insiders now free) (#21797)

Contributors

0.14.8

Released on 2025-12-04.

Preview features

  • [flake8-bugbear] Catch yield expressions within other statements (B901) (#21200)
  • [flake8-use-pathlib] Mark fixes unsafe for return type changes (PTH104, PTH105, PTH109, PTH115) (#21440)

... (truncated)

Commits
  • 3f63ea4 Prepare 0.14.9 release (#21927)
  • c8851ec [ty] Defer all parameter and return type annotations (#21906)
  • d442433 [ty] Fix workspace symbols to return members too (#21926)
  • c055d66 Document range suppressions, reorganize suppression docs (#21884)
  • 7a578ce Ignore ruff:isort like ruff:noqa in new suppressions (#21922)
  • 34f7a04 [ty] Handle Definitions in SemanticModel::scope (#21919)
  • c9fe4e2 [ty] Attach salsa db when running ide tests for easier debugging (#21917)
  • fbeeb05 [ty] Don't show hover for expressions with no inferred type (#21924)
  • 4fdb4e8 [ty] avoid unions of generic aliases of the same class in fixpoint (#21909)
  • c548ef2 [ty] Squash false positive logs for failing to find builtins as a real module
  • Additional commits viewable in compare view

Updates pytest from 9.0.1 to 9.0.2

Release notes

Sourced from pytest's releases.

9.0.2

pytest 9.0.2 (2025-12-06)

Bug fixes

  • #13896: The terminal progress feature added in pytest 9.0.0 has been disabled by default, except on Windows, due to compatibility issues with some terminal emulators.

    You may enable it again by passing -p terminalprogress. We may enable it by default again once compatibility improves in the future.

    Additionally, when the environment variable TERM is dumb, the escape codes are no longer emitted, even if the plugin is enabled.

  • #13904: Fixed the TOML type of the tmp_path_retention_count settings in the API reference from number to string.

  • #13946: The private config.inicfg attribute was changed in a breaking manner in pytest 9.0.0. Due to its usage in the ecosystem, it is now restored to working order using a compatibility shim. It will be deprecated in pytest 9.1 and removed in pytest 10.

  • #13965: Fixed quadratic-time behavior when handling unittest subtests in Python 3.10.

Improved documentation

  • #4492: The API Reference now contains cross-reference-able documentation of pytest's command-line flags <command-line-flags>.
Commits
  • 3d10b51 Prepare release version 9.0.2
  • 188750b Merge pull request #14030 from pytest-dev/patchback/backports/9.0.x/1e4b01d1f...
  • b7d7bef Merge pull request #14014 from bluetech/compat-note
  • bd08e85 Merge pull request #14013 from pytest-dev/patchback/backports/9.0.x/922b60377...
  • bc78386 Add CLI options reference documentation (#13930)
  • 5a4e398 Fix docs typo (#14005) (#14008)
  • d7ae6df Merge pull request #14006 from pytest-dev/maintenance/update-plugin-list-tmpl...
  • 556f6a2 pre-commit: fix rst-lint after new release (#13999) (#14001)
  • c60fbe6 Fix quadratic-time behavior when handling unittest subtests in Python 3.10 ...
  • 73d9b01 Merge pull request #13995 from nicoddemus/patchback/backports/9.0.x/1b5200c0f...
  • Additional commits viewable in compare view

Updates mypy from 1.18.2 to 1.19.1

Changelog

Sourced from mypy's changelog.

Mypy 1.19.1

  • Fix noncommutative joins with bounded TypeVars (Shantanu, PR 20345)
  • Respect output format for cached runs by serializing raw errors in cache metas (Ivan Levkivskyi, PR 20372)
  • Allow types.NoneType in match cases (A5rocks, PR 20383)
  • Fix mypyc generator regression with empty tuple (BobTheBuidler, PR 20371)
  • Fix crash involving Unpack-ed TypeVarTuple (Shantanu, PR 20323)
  • Fix crash on star import of redefinition (Ivan Levkivskyi, PR 20333)
  • Fix crash on typevar with forward ref used in other module (Ivan Levkivskyi, PR 20334)
  • Fail with an explicit error on PyPy (Ivan Levkivskyi, PR 20389)

Acknowledgements

Thanks to all mypy contributors who contributed to this release:

  • A5rocks
  • BobTheBuidler
  • bzoracler
  • Chainfire
  • Christoph Tyralla
  • David Foster
  • Frank Dana
  • Guo Ci
  • iap
  • Ivan Levkivskyi
  • James Hilton-Balfe
  • jhance
  • Joren Hammudoglu
  • Jukka Lehtosalo
  • KarelKenens
  • Kevin Kannammalil
  • Marc Mueller
  • Michael Carlstrom
  • Michael J. Sullivan
  • Piotr Sawicki
  • Randolf Scholz
  • Shantanu
  • Sigve Sebastian Farstad
  • sobolevn
  • Stanislav Terliakov
  • Stephen Morton
  • Theodore Ando
  • Thiago J. Barbalho
  • wyattscarpenter

I’d also like to thank my employer, Dropbox, for supporting mypy development.

Mypy 1.18

We’ve just uploaded mypy 1.18.1 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features, performance

... (truncated)

Commits

Updates pre-commit from 4.5.0 to 4.5.1

Release notes

Sourced from pre-commit's releases.

pre-commit v4.5.1

Fixes

  • Fix language: python with repo: local without additional_dependencies.
Changelog

Sourced from pre-commit's changelog.

4.5.1 - 2025-12-16

Fixes

  • Fix language: python with repo: local without additional_dependencies.
Commits
  • 8a0630c v4.5.1
  • fcbc745 Merge pull request #3597 from pre-commit/empty-setup-py
  • 51592ee fix python local template when artifact dirs are present
  • 67e8faf Merge pull request #3596 from pre-commit/pre-commit-ci-update-config
  • c251e6b [pre-commit.ci] pre-commit autoupdate
  • 98ccafa Merge pull request #3593 from pre-commit/pre-commit-ci-update-config
  • 4895355 [pre-commit.ci] pre-commit autoupdate
  • 2cedd58 Merge pull request #3588 from pre-commit/pre-commit-ci-update-config
  • 465192d [pre-commit.ci] pre-commit autoupdate
  • fd42f96 Merge pull request #3586 from pre-commit/zipapp-sha256-file-not-needed
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the python-dependencies group across 1 directory wi…
74f0fbc 
…th 6 updates

Bumps the python-dependencies group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) | `2.0.44` | `2.0.45` |
| [newrelic](https://github.com/newrelic/newrelic-python-agent) | `11.1.0` | `11.2.0` |
| [ruff](https://github.com/astral-sh/ruff) | `0.14.6` | `0.14.9` |
| [pytest](https://github.com/pytest-dev/pytest) | `9.0.1` | `9.0.2` |
| [mypy](https://github.com/python/mypy) | `1.18.2` | `1.19.1` |
| [pre-commit](https://github.com/pre-commit/pre-commit) | `4.5.0` | `4.5.1` |



Updates `sqlalchemy` from 2.0.44 to 2.0.45
- [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases)
- [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst)
- [Commits](https://github.com/sqlalchemy/sqlalchemy/commits)

Updates `newrelic` from 11.1.0 to 11.2.0
- [Release notes](https://github.com/newrelic/newrelic-python-agent/releases)
- [Commits](newrelic/newrelic-python-agent@v11.1.0...v11.2.0)

Updates `ruff` from 0.14.6 to 0.14.9
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.14.6...0.14.9)

Updates `pytest` from 9.0.1 to 9.0.2
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](pytest-dev/pytest@9.0.1...9.0.2)

Updates `mypy` from 1.18.2 to 1.19.1
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](python/mypy@v1.18.2...v1.19.1)

Updates `pre-commit` from 4.5.0 to 4.5.1
- [Release notes](https://github.com/pre-commit/pre-commit/releases)
- [Changelog](https://github.com/pre-commit/pre-commit/blob/main/CHANGELOG.md)
- [Commits](pre-commit/pre-commit@v4.5.0...v4.5.1)

---
updated-dependencies:
- dependency-name: sqlalchemy
  dependency-version: 2.0.45
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-dependencies
- dependency-name: newrelic
  dependency-version: 11.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-dependencies
- dependency-name: ruff
  dependency-version: 0.14.9
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: python-dependencies
- dependency-name: pytest
  dependency-version: 9.0.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: python-dependencies
- dependency-name: mypy
  dependency-version: 1.19.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: python-dependencies
- dependency-name: pre-commit
  dependency-version: 4.5.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: python-dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update dependencies label Dec 23, 2025
@dependabot dependabot bot requested a review from ukwhatn as a code owner December 23, 2025 22:19
@dependabot dependabot bot added the python:uv Pull requests that update python:uv code label Dec 23, 2025
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 29, 2025

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Dec 29, 2025
@dependabot dependabot bot deleted the dependabot/uv/develop/python-dependencies-d299bce6c9 branch December 29, 2025 22:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ukwhatn ukwhatn Awaiting requested review from ukwhatn ukwhatn is a code owner

Assignees

@ukwhatn ukwhatn

Labels

dependencies Pull requests that update dependencies python:uv Pull requests that update python:uv code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ukwhatn