Skip to content

Bump the pip-deps group with 6 updates#3064

Closed
dependabot[bot] wants to merge 3 commits intodevelopfrom
dependabot/pip/pip-deps-24a74287c4
Closed

Bump the pip-deps group with 6 updates#3064
dependabot[bot] wants to merge 3 commits intodevelopfrom
dependabot/pip/pip-deps-24a74287c4

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 6, 2026
edited
Loading

Bumps the pip-deps group with 6 updates:

Package From To
boto3 1.42.79 1.42.84
jsonschema 4.24.0 4.26.0
openapi-core 0.23.0 0.23.1
ruff 0.15.8 0.15.9
mypy 1.19.1 1.20.0
cfn-lint 1.44.0 1.48.1

Updates boto3 from 1.42.79 to 1.42.84

Commits
  • d0fa3ae Merge branch 'release-1.42.84'
  • a4e4154 Bumping version to 1.42.84
  • 7fe1990 Add changelog entries from botocore
  • 5eac849 Add zizmor workflow and apply initial fixes (#4755)
  • 319798f Merge branch 'release-1.42.83'
  • 5a0933e Merge branch 'release-1.42.83' into develop
  • afa955e Bumping version to 1.42.83
  • 969066d Add changelog entries from botocore
  • f4c3140 Merge branch 'release-1.42.82'
  • 8237e0e Merge branch 'release-1.42.82' into develop
  • Additional commits viewable in compare view

Updates jsonschema from 4.24.0 to 4.26.0

Release notes

Sourced from jsonschema's releases.

v4.26.0

What's Changed

New Contributors

Full Changelog: python-jsonschema/jsonschema@v4.25.1...v4.26.0

v4.25.1

What's Changed

... (truncated)

Changelog

Sourced from jsonschema's changelog.

v4.26.0

  • Decrease import time by delaying importing of urllib.request (#1416).

v4.25.1

  • Fix an incorrect required argument in the Validator protocol's type annotations (#1396).

v4.25.0

  • Add support for the iri and iri-reference formats to the format-nongpl extra via the MIT-licensed rfc3987-syntax. They were alread supported by the format extra. (#1388).

v4.24.1

  • Properly escape segments in ValidationError.json_path (#139).
Commits
  • a727743 Add a changelog entry for 4.26.
  • 6d28c13 Update the lockfile.
  • 739499e Update pre-commit hooks.
  • cb2d779 Merge pull request #1443 from python-jsonschema/pre-commit-ci-update-config
  • e6bbbb7 [pre-commit.ci] pre-commit autoupdate
  • d56037a Merge pull request #1442 from python-jsonschema/dependabot/github_actions/ast...
  • e54ce13 Bump astral-sh/setup-uv from 7.1.4 to 7.1.6
  • 1f7c9fb Partially update docs requirements.
  • 241aec9 Merge pull request #1441 from python-jsonschema/pre-commit-ci-update-config
  • 2818efb Apache-2.0 -> nongpl
  • Additional commits viewable in compare view

Updates openapi-core from 0.23.0 to 0.23.1

Release notes

Sourced from openapi-core's releases.

0.23.1

Features

  • Add Starlette 1.x support #1151

Fixes

  • Array parameter default regression with SchemaPath #1158
  • Fix unstable error message for additional properties #1159
Commits
  • 21f62ce Version 0.23.1
  • 0948a04 Merge pull request #1151 from python-openapi/dependabot/pip/starlette-1.0.0
  • 703b1b7 Add Starlette 1.x support
  • e650512 Merge pull request #1159 from python-openapi/fix/stable-error-messages-additi...
  • d394926 Fix unstable error message for additional properties
  • 8028f14 Merge pull request #1156 from python-openapi/dependabot/pip/aiohttp-3.13.4
  • 988c6b8 Merge pull request #1155 from python-openapi/dependabot/github_actions/codeco...
  • 18fc9f7 Merge pull request #1153 from python-openapi/dependabot/pip/requests-2.33.0
  • cd43c6f Merge pull request #1149 from python-openapi/dependabot/pip/mkdocs-material-9...
  • 7230104 Merge pull request #1158 from python-openapi/fix/array-default-schemapath
  • Additional commits viewable in compare view

Updates ruff from 0.15.8 to 0.15.9

Release notes

Sourced from ruff's releases.

0.15.9

Release Notes

Released on 2026-04-02.

Preview features

  • [pyflakes] Flag annotated variable redeclarations as F811 in preview mode (#24244)
  • [ruff] Allow dunder-named assignments in non-strict mode for RUF067 (#24089)

Bug fixes

  • [flake8-errmsg] Avoid shadowing existing msg in fix for EM101 (#24363)
  • [flake8-simplify] Ignore pre-initialization references in SIM113 (#24235)
  • [pycodestyle] Fix W391 fixes for consecutive empty notebook cells (#24236)
  • [pyupgrade] Fix UP008 nested class matching (#24273)
  • [pyupgrade] Ignore strings with string-only escapes (UP012) (#16058)
  • [ruff] RUF072: skip formfeeds on dedent (#24308)
  • [ruff] Avoid re-using symbol in RUF024 fix (#24316)
  • [ruff] Parenthesize expression in RUF050 fix (#24234)
  • Disallow starred expressions as values of starred expressions (#24280)

Rule changes

  • [flake8-simplify] Suppress SIM105 for except* before Python 3.12 (#23869)
  • [pyflakes] Extend F507 to flag %-format strings with zero placeholders (#24215)
  • [pyupgrade] UP018 should detect more unnecessarily wrapped literals (UP018) (#24093)
  • [pyupgrade] Fix UP008 callable scope handling to support lambdas (#24274)
  • [ruff] RUF010: Mark fix as unsafe when it deletes a comment (#24270)

Formatter

  • Add nested-string-quote-style formatting option (#24312)

Documentation

  • [flake8-bugbear] Clarify RUF071 fix safety for non-path string comparisons (#24149)
  • [flake8-type-checking] Clarify import cycle wording for TC001/TC002/TC003 (#24322)

Other changes

  • Avoid rendering fix lines with trailing whitespace after | (#24343)

Contributors

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.9

Released on 2026-04-02.

Preview features

  • [pyflakes] Flag annotated variable redeclarations as F811 in preview mode (#24244)
  • [ruff] Allow dunder-named assignments in non-strict mode for RUF067 (#24089)

Bug fixes

  • [flake8-errmsg] Avoid shadowing existing msg in fix for EM101 (#24363)
  • [flake8-simplify] Ignore pre-initialization references in SIM113 (#24235)
  • [pycodestyle] Fix W391 fixes for consecutive empty notebook cells (#24236)
  • [pyupgrade] Fix UP008 nested class matching (#24273)
  • [pyupgrade] Ignore strings with string-only escapes (UP012) (#16058)
  • [ruff] RUF072: skip formfeeds on dedent (#24308)
  • [ruff] Avoid re-using symbol in RUF024 fix (#24316)
  • [ruff] Parenthesize expression in RUF050 fix (#24234)
  • Disallow starred expressions as values of starred expressions (#24280)

Rule changes

  • [flake8-simplify] Suppress SIM105 for except* before Python 3.12 (#23869)
  • [pyflakes] Extend F507 to flag %-format strings with zero placeholders (#24215)
  • [pyupgrade] UP018 should detect more unnecessarily wrapped literals (UP018) (#24093)
  • [pyupgrade] Fix UP008 callable scope handling to support lambdas (#24274)
  • [ruff] RUF010: Mark fix as unsafe when it deletes a comment (#24270)

Formatter

  • Add nested-string-quote-style formatting option (#24312)

Documentation

  • [flake8-bugbear] Clarify RUF071 fix safety for non-path string comparisons (#24149)
  • [flake8-type-checking] Clarify import cycle wording for TC001/TC002/TC003 (#24322)

Other changes

  • Avoid rendering fix lines with trailing whitespace after | (#24343)

Contributors

... (truncated)

Commits
  • 724ccc1 Bump 0.15.9 (#24369)
  • 96d9e09 [ty] Move the deferred submodule inside infer/builder (#24368)
  • 130da28 [ty] Infer the extra_items keyword argument to class-based TypedDicts as an...
  • a617c54 [ty] Validate type qualifiers in functional TypedDict fields and the `extra_i...
  • d851708 [ty] Improve robustness of various type-qualifier-related checks (#24251)
  • aecb587 Only run the release-gate on workflow dispatch (#24366)
  • b889571 [ty] Use infer_type_expression for parsing parameter annotations and return...
  • 3286a62 Add a "release-gate" step to the release workflow (#24365)
  • 5f88756 Disallow starred expressions as values of starred expressions (#24280)
  • 5c59f8a [pyupgrade] Ignore strings with string-only escapes (UP012) (#16058)
  • Additional commits viewable in compare view

Updates mypy from 1.19.1 to 1.20.0

Changelog

Sourced from mypy's changelog.

Mypy Release Notes

Next Release

Mypy 1.20

We’ve just uploaded mypy 1.20.0 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features, performance improvements and bug fixes. You can install it as follows:

python3 -m pip install -U mypy

You can read the full documentation for this release on Read the Docs.

Planned Changes to Defaults and Flags in Mypy 2.0

As a reminder, we are planning to enable --local-partial-types by default in mypy 2.0, which will likely be the next feature release. This will often require at least minor code changes. This option is implicitly enabled by mypy daemon, so this makes the behavior of daemon and non-daemon modes consistent.

Note that this release improves the compatibility of --local-partial-types significantly to make the switch easier (see below for more).

This can also be configured in a mypy configuration file (use False to disable):

local_partial_types = True

For more information, refer to the documentation.

We will also enable --strict-bytes by default in mypy 2.0. This usually requires at most minor code changes to adopt. For more information, refer to the documentation.

Finally, --allow-redefinition-new will be renamed to --allow-redefinition. If you want to continue using the older --allow-redefinition semantics which are less flexible (e.g. limited support for conditional redefinitions), you can switch to --allow-redefinition-old, which is currently supported as an alias to the legacy --allow-redefinition behavior. To use --allow-redefinition in the upcoming mypy 2.0, you can't use --no-local-partial-types. For more information, refer to the documentation.

Better Type Narrowing

Mypy's implementation of narrowing has been substantially reworked. Mypy will now narrow more aggressively, more consistently, and more correctly. In particular, you are likely to notice new narrowing behavior in equality expressions (==), containment expressions (in),

... (truncated)

Commits
  • 770d3ca Remove +dev from version
  • 4738ffa Changelog updates for 1.20 (#21109)
  • b4f07a7 Use 'native-parser' instead of 'native-parse' for optional dependency (#21115)
  • 7bec7b7 [mypyc] Document librt and librt.base64 (#21114)
  • c482596 --allow-redefinition-new is no longer experimental (#21110)
  • c916ca3 sdist: include misc/{diff-cache,apply-cache-diff}.py for `mypy/test/test_di...
  • b137e4e [mypyc] Speed up native-to-native imports within the same group (#21101)
  • 978b711 [mypyc] Fix range loop variable off-by-one after loop exit (#21098)
  • 67ada30 [stubtest] Check runtime availability of private types not marked `@type_chec...
  • bdef6ef librt cache tests: build respecting MYPY_TEST_PREFIX (#21097)
  • Additional commits viewable in compare view

Updates cfn-lint from 1.44.0 to 1.48.1

Release notes

Sourced from cfn-lint's releases.

Release v1.48.1

What's Changed

Full Changelog: aws-cloudformation/cfn-lint@v1.48.0...v1.48.1

Release v1.48.0

What's Changed

... (truncated)

Changelog

Sourced from cfn-lint's changelog.

v1.48.1

What's Changed

Full Changelog: aws-cloudformation/cfn-lint@v1.48.0...v1.48.1

v1.48.0

What's Changed

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the pip-deps group with 6 updates
e0215aa 
Bumps the pip-deps group with 6 updates:

| Package | From | To |
| --- | --- | --- |
| [boto3](https://github.com/boto/boto3) | `1.42.79` | `1.42.84` |
| [jsonschema](https://github.com/python-jsonschema/jsonschema) | `4.24.0` | `4.26.0` |
| [openapi-core](https://github.com/python-openapi/openapi-core) | `0.23.0` | `0.23.1` |
| [ruff](https://github.com/astral-sh/ruff) | `0.15.8` | `0.15.9` |
| [mypy](https://github.com/python/mypy) | `1.19.1` | `1.20.0` |
| [cfn-lint](https://github.com/aws-cloudformation/cfn-lint) | `1.44.0` | `1.48.1` |


Updates `boto3` from 1.42.79 to 1.42.84
- [Release notes](https://github.com/boto/boto3/releases)
- [Commits](boto/boto3@1.42.79...1.42.84)

Updates `jsonschema` from 4.24.0 to 4.26.0
- [Release notes](https://github.com/python-jsonschema/jsonschema/releases)
- [Changelog](https://github.com/python-jsonschema/jsonschema/blob/main/CHANGELOG.rst)
- [Commits](python-jsonschema/jsonschema@v4.24.0...v4.26.0)

Updates `openapi-core` from 0.23.0 to 0.23.1
- [Release notes](https://github.com/python-openapi/openapi-core/releases)
- [Commits](python-openapi/openapi-core@0.23.0...0.23.1)

Updates `ruff` from 0.15.8 to 0.15.9
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.8...0.15.9)

Updates `mypy` from 1.19.1 to 1.20.0
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](python/mypy@v1.19.1...v1.20.0)

Updates `cfn-lint` from 1.44.0 to 1.48.1
- [Release notes](https://github.com/aws-cloudformation/cfn-lint/releases)
- [Changelog](https://github.com/aws-cloudformation/cfn-lint/blob/main/CHANGELOG.md)
- [Commits](aws-cloudformation/cfn-lint@v1.44.0...v1.48.1)

---
updated-dependencies:
- dependency-name: boto3
  dependency-version: 1.42.84
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-deps
- dependency-name: jsonschema
  dependency-version: 4.26.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-deps
- dependency-name: openapi-core
  dependency-version: 0.23.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-deps
- dependency-name: ruff
  dependency-version: 0.15.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-deps
- dependency-name: mypy
  dependency-version: 1.20.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-deps
- dependency-name: cfn-lint
  dependency-version: 1.48.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added bumpless Changes to documentation, CI/CD pipelines, etc that don't affect the project's version minor Bump the minor version number of this project labels Apr 6, 2026
@dependabot dependabot bot requested review from a team as code owners April 6, 2026 19:43
@dependabot dependabot bot added minor Bump the minor version number of this project bumpless Changes to documentation, CI/CD pipelines, etc that don't affect the project's version labels Apr 6, 2026
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot bot commented on behalf of github Apr 13, 2026

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Apr 13, 2026
@dependabot dependabot bot deleted the dependabot/pip/pip-deps-24a74287c4 branch April 13, 2026 20:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

bumpless Changes to documentation, CI/CD pipelines, etc that don't affect the project's version minor Bump the minor version number of this project

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@asjohnston-asf