Skip to content

Bump the pip group across 5 directories with 5 updates#2081

Closed
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/pip/mpcontribs-api/requirements/pip-ed9f6ba542
Closed

Bump the pip group across 5 directories with 5 updates#2081
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/pip/mpcontribs-api/requirements/pip-ed9f6ba542

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 23, 2026

Copy link
Copy Markdown
Contributor

Bumps the pip group with 4 updates in the /mpcontribs-api/requirements directory: bleach, cryptography, jupyter-server and tornado.
Bumps the pip group with 1 update in the /mpcontribs-client/requirements directory: ujson.
Bumps the pip group with 4 updates in the /mpcontribs-kernel-gateway/requirements directory: bleach, jupyter-server, tornado and ujson.
Bumps the pip group with 3 updates in the /mpcontribs-portal/requirements directory: bleach, tornado and ujson.
Bumps the pip group with 1 update in the /mpcontribs-serverless/dependencies directory: ujson.

Updates bleach from 6.3.0 to 6.4.0

Changelog

Sourced from bleach's changelog.

Version 6.4.0 (June 5th, 2026)

NOTE: 2026-06-05: Bleach is no longer maintained. There will be no future releases including for security issues. See issue: <https://github.com/mozilla/bleach/issues/698>__

Backwards incompatible changes

  • Dropped support for pypy 3.10. (#764)

Security fixes

  • Fix bug 2023812 / GHSA-8rfp-98v4-mmr6.

    Fix XSS issue with sanitize_uri_value where disallowed schemes with Unicode invisible characters wouldn't be rejected.

    For example::

    import bleach payload1 = 'Click' result1 = bleach.clean(payload1) print(repr(result1))

    outputs::

    'Click'

    See the advisory for details.

  • Fix GHSA-gj48-438w-jh9v.

    Fix issue where URI sanitization wasn't happening in formaction attributes.

    See the advisory for details.

Bug fixes

  • Add support for pypy 3.11. (#764)

  • Drop version max in tinycss2 pin. (#772)

    This removes one of the things we had to keep checking and updating. Users now own the responsibility for correctness with the version of tinycss2 they're using.

Commits
  • f0355a7 fix: fix last release date in CHANGES
  • ae4e8a2 chore: bleach 6.4.0 and final release
  • 970df58 fix: uri-sanitization in formaction attributes
  • 7c4867c fix: xss bypass in allowed protocol test using unicode invisible characters
  • 913ab75 fix: reduce redundancy in workflow jobs
  • 218c15a fix: rework pip caching
  • 4f0b097 fix: fix tox platform restrictions
  • e95a79d chore: update pytest
  • 91539d4 Bump actions/cache from 5.0.3 to 5.0.4
  • cd47b4c fix: handle left-angle-bracket that's not a tag (#733)
  • Additional commits viewable in compare view

Updates cryptography from 48.0.0 to 48.0.1

Changelog

Sourced from cryptography's changelog.

48.0.1 - 2026-06-09


* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 4.0.1.

.. _v48-0-0:

Commits

Updates jupyter-server from 2.18.2 to 2.20.0

Release notes

Sourced from jupyter-server's releases.

v2.20.0

2.20.0

(Full Changelog)

Security fixes

Enhancements made

Bugs fixed

Maintenance and upkeep improvements

Documentation improvements

Contributors to this release

The following people contributed discussions, new ideas, code and documentation contributions, and review. See our definition of contributors.

(GitHub contributors page for this release)

@​Carreau (activity) | @​choldgraf (activity) | @​Copilot (activity) | @​ianthomas23 (activity) | @​krassowski (activity) | @​minrk (activity) | @​Yann-P (activity)

v2.19.0

2.19.0

(Full Changelog)

Enhancements made

... (truncated)

Changelog

Sourced from jupyter-server's changelog.

2.20.0

(Full Changelog)

Enhancements made

Bugs fixed

Maintenance and upkeep improvements

Documentation improvements

Contributors to this release

The following people contributed discussions, new ideas, code and documentation contributions, and review. See our definition of contributors.

(GitHub contributors page for this release)

@​Carreau (activity) | @​choldgraf (activity) | @​Copilot (activity) | @​ianthomas23 (activity) | @​krassowski (activity) | @​minrk (activity) | @​Yann-P (activity)

2.19.0

(Full Changelog)

Enhancements made

Bugs fixed

Maintenance and upkeep improvements

... (truncated)

Commits
  • 05a78ad Publish 2.20.0
  • 6cbee8d Merge commit from fork
  • 333e700 Fix test_authorizer having a spurious comma in params (#1664)
  • cccd543 Fix CI: explicitly pass base-setup inputs to avoid strict validation failures
  • cd16d71 Align docs for curve encryption with latest JEP version (#1660)
  • e458061 Add a toggle to enable curve encryption for all kernels that support it (#1638)
  • 0ceeb4f Add note in RELEASE.md
  • b13f8a2 Markdown does not work.
  • e885b10 Add GHSA reminder in prep-release
  • 0e28c90 Exclude problematic pywinpty 3.0.4 version (#1658)
  • Additional commits viewable in compare view

Updates tornado from 6.5.5 to 6.5.7

Changelog

Sourced from tornado's changelog.

Release notes

.. toctree:: :maxdepth: 2

releases/v6.5.7 releases/v6.5.6 releases/v6.5.5 releases/v6.5.4 releases/v6.5.3 releases/v6.5.2 releases/v6.5.1 releases/v6.5.0 releases/v6.4.2 releases/v6.4.1 releases/v6.4.0 releases/v6.3.3 releases/v6.3.2 releases/v6.3.1 releases/v6.3.0 releases/v6.2.0 releases/v6.1.0 releases/v6.0.4 releases/v6.0.3 releases/v6.0.2 releases/v6.0.1 releases/v6.0.0 releases/v5.1.1 releases/v5.1.0 releases/v5.0.2 releases/v5.0.1 releases/v5.0.0 releases/v4.5.3 releases/v4.5.2 releases/v4.5.1 releases/v4.5.0 releases/v4.4.3 releases/v4.4.2 releases/v4.4.1 releases/v4.4.0 releases/v4.3.0 releases/v4.2.1 releases/v4.2.0 releases/v4.1.0 releases/v4.0.2 releases/v4.0.1 releases/v4.0.0 releases/v3.2.2 releases/v3.2.1

... (truncated)

Commits
  • 48fc2d4 Merge pull request #3633 from bdarnell/curl-reset-65
  • 4ae1ddd Release notes and version bump for 6.5.7
  • 3154caa curl_httpclient: Reset the curl object before putting it on the freelist
  • 7d869c0 Merge pull request #3631 from bdarnell/cve-links
  • 288241f docs: Use the correct link syntax
  • 8da981c docs: Add CVE links to 6.5.6 release notes
  • aba2569 Merge pull request #3626 from bdarnell/fixes-656
  • a24b260 httpclient_test: Accept an additional error message variant
  • a74240a Release notes and version bump for 6.5.6.
  • e8fc7ed simple_httpclient: Strip auth headers on cross-origin redirects
  • Additional commits viewable in compare view

Updates ujson from 5.12.1 to 5.13.0

Release notes

Sourced from ujson's releases.

5.13.0

Added

Changed

Fixed

  • Tighten UTF-8 validation for ujson.dumps(b"...", reject_bytes=False) (169eaf36b1116fece5034ee79a7a0ef3f6deedcf) @​bwoodsend
  • Replace generated version.h with macro (#735) @​hugovk
Commits
  • 1a23a68 Create manylinux2014 wheels (#745)
  • bd943e8 Build separate manylinux2014 + modern wheels
  • 87ae2df Create manylinux2014 wheels
  • 209371e Verify expected number of dists (#743)
  • 6392258 Also check SHA of wheels in case manylinux version changes
  • a00edea Verify expected number of dists
  • e24aeb7 Fix utf-8 test for graalpy
  • 9122ebe Replace pre-commit with prek to fix deprecation warning (#744)
  • 0bbf9a3 Add support for Python 3.15 (#742)
  • 90ddea2 Replace pre-commit with prek to fix deprecation warning
  • Additional commits viewable in compare view

Updates bleach from 6.3.0 to 6.4.0

Changelog

Sourced from bleach's changelog.

Version 6.4.0 (June 5th, 2026)

NOTE: 2026-06-05: Bleach is no longer maintained. There will be no future releases including for security issues. See issue: <https://github.com/mozilla/bleach/issues/698>__

Backwards incompatible changes

  • Dropped support for pypy 3.10. (#764)

Security fixes

  • Fix bug 2023812 / GHSA-8rfp-98v4-mmr6.

    Fix XSS issue with sanitize_uri_value where disallowed schemes with Unicode invisible characters wouldn't be rejected.

    For example::

    import bleach payload1 = 'Click' result1 = bleach.clean(payload1) print(repr(result1))

    outputs::

    'Click'

    See the advisory for details.

  • Fix GHSA-gj48-438w-jh9v.

    Fix issue where URI sanitization wasn't happening in formaction attributes.

    See the advisory for details.

Bug fixes

  • Add support for pypy 3.11. (#764)

  • Drop version max in tinycss2 pin. (#772)

    This removes one of the things we had to keep checking and updating. Users now own the responsibility for correctness with the version of tinycss2 they're using.

Commits
  • f0355a7 fix: fix last release date in CHANGES
  • ae4e8a2 chore: bleach 6.4.0 and final release
  • 970df58 fix: uri-sanitization in formaction attributes
  • 7c4867c fix: xss bypass in allowed protocol test using unicode invisible characters
  • 913ab75 fix: reduce redundancy in workflow jobs
  • 218c15a fix: rework pip caching
  • 4f0b097 fix: fix tox platform restrictions
  • e95a79d chore: update pytest
  • 91539d4 Bump actions/cache from 5.0.3 to 5.0.4
  • cd47b4c fix: handle left-angle-bracket that's not a tag (#733)
  • Additional commits viewable in compare view

Updates jupyter-server from 2.18.2 to 2.20.0

Release notes

Sourced from jupyter-server's releases.

v2.20.0

2.20.0

(Full Changelog)

Security fixes

Enhancements made

Bugs fixed

Maintenance and upkeep improvements

Documentation improvements

Contributors to this release

The following people contributed discussions, new ideas, code and documentation contributions, and review. See our definition of contributors.

(GitHub contributors page for this release)

@​Carreau (activity) | @​choldgraf (activity) | @​Copilot (activity) | @​ianthomas23 (activity) | @​krassowski (activity) | @​minrk (activity) | @​Yann-P (activity)

v2.19.0

2.19.0

(Full Changelog)

Enhancements made

... (truncated)

Changelog

Sourced from jupyter-server's changelog.

2.20.0

(Full Changelog)

Enhancements made

Bugs fixed

Maintenance and upkeep improvements

Documentation improvements

Contributors to this release

The following people contributed discussions, new ideas, code and documentation contributions, and review. See our definition of contributors.

(GitHub contributors page for this release)

@​Carreau (activity) | @​choldgraf (activity) | @​Copilot (activity) | @​ianthomas23 (activity) | @​krassowski (activity) | @​minrk (activity) | @​Yann-P (activity)

2.19.0

(Full Changelog)

Enhancements made

Bugs fixed

Maintenance and upkeep improvements

... (truncated)

Commits
  • 05a78ad Publish 2.20.0
  • 6cbee8d Merge commit from fork
  • 333e700 Fix test_authorizer having a spurious comma in params (#1664)
  • cccd543 Fix CI: explicitly pass base-setup inputs to avoid strict validation failures
  • cd16d71 Align docs for curve encryption with latest JEP version (#1660)
  • e458061 Add a toggle to enable curve encryption for all kernels that support it (#1638)
  • 0ceeb4f Add note in RELEASE.md
  • b13f8a2 Markdown does not work.
  • e885b10 Add GHSA reminder in prep-release
  • 0e28c90 Exclude problematic pywinpty 3.0.4 version (#1658)
  • Additional commits viewable in compare view

Updates tornado from 6.5.5 to 6.5.7

Changelog

Sourced from tornado's changelog.

Release notes

.. toctree:: :maxdepth: 2

releases/v6.5.7 releases/v6.5.6 releases/v6.5.5 releases/v6.5.4 releases/v6.5.3 releases/v6.5.2 releases/v6.5.1 releases/v6.5.0 releases/v6.4.2 releases/v6.4.1 releases/v6.4.0 releases/v6.3.3 releases/v6.3.2 releases/v6.3.1 releases/v6.3.0 releases/v6.2.0 releases/v6.1.0 releases/v6.0.4 releases/v6.0.3 releases/v6.0.2 releases/v6.0.1 releases/v6.0.0 releases/v5.1.1 releases/v5.1.0 releases/v5.0.2 releases/v5.0.1 releases/v5.0.0 releases/v4.5.3 releases/v4.5.2 releases/v4.5.1 releases/v4.5.0 releases/v4.4.3 releases/v4.4.2 releases/v4.4.1 releases/v4.4.0 releases/v4.3.0 releases/v4.2.1 releases/v4.2.0 releases/v4.1.0 releases/v4.0.2 releases/v4.0.1 releases/v4.0.0 releases/v3.2.2 releases/v3.2.1

... (truncated)

Commits
  • 48fc2d4 Merge pull request #3633 from bdarnell/curl-reset-65
  • 4ae1ddd Release notes and version bump for 6.5.7
  • 3154caa curl_httpclient: Reset the curl object before putting it on the freelist
  • 7d869c0 Merge pull request #3631 from bdarnell/cve-links
  • 288241f docs: Use the correct link syntax
  • 8da981c docs: Add CVE links to 6.5.6 release notes
  • aba2569 Merge pull request #3626 from bdarnell/fixes-656
  • a24b260 httpclient_test: Accept an additional error message variant
  • a74240a Release notes and version bump for 6.5.6.
  • e8fc7ed simple_httpclient: Strip auth headers on cross-origin redirects
  • Additional commits viewable in compare view

Updates ujson from 5.12.1 to 5.13.0

Release notes

Sourced from ujson's releases.

5.13.0

Added

Changed

Fixed

  • Tighten UTF-8 validation for ujson.dumps(b"...", reject_bytes=False) (169eaf36b1116fece5034ee79a7a0ef3f6deedcf) @​bwoodsend
  • Replace generated version.h with macro (#735) @​hugovk
Commits
  • 1a23a68 Create manylinux2014 wheels (#745)
  • bd943e8 Build separate manylinux2014 + modern wheels
  • 87ae2df Create manylinux2014 wheels
  • 209371e Verify expected number of dists (#743)
  • 6392258 Also check SHA of wheels in case manylinux version changes
  • a00edea Verify expected number of dists
  • e24aeb7 Fix utf-8 test for graalpy
  • 9122ebe Replace pre-commit with prek to fix deprecation warning (#744)
  • 0bbf9a3 Add support for Python 3.15 (#742)
  • 90ddea2 Replace pre-commit with prek to fix deprecation warning
  • Additional commits viewable in compare view

Updates bleach from 6.3.0 to 6.4.0

Changelog

Sourced from bleach's changelog.

Version 6.4.0 (June 5th, 2026)

NOTE: 2026-06-05: Bleach is no longer maintained. There will be no future releases including for security issues. See issue: <https://github.com/mozilla/bleach/issues/698>__

Backwards incompatible changes

  • Dropped support for pypy 3.10. (#764)

Security fixes

  • Fix bug 2023812 / GHSA-8rfp-98v4-mmr6.

    Fix XSS issue with sanitize_uri_value where disallowed schemes with Unicode invisible characters wouldn't be rejected.

    For example::

    import bleach payload1 = 'Click' result1 = bleach.clean(payload1) print(repr(result1))

    outputs::

    'Click'

    See the advisory for details.

  • Fix GHSA-gj48-438w-jh9v.

    Fix issue where URI sanitization wasn't happening in formaction attributes.

    See the advisory for details.

Bug fixes

  • Add support for pypy 3.11. (#764)

  • Drop version max in tinycss2 pin. (#772)

    This removes one of the things we had to keep checking and updating. Users now own the responsibility for correctness with the version of tinycss2 they're using.

Commits
  • f0355a7 fix: fix last release date in CHANGES
  • ae4e8a2 chore: bleach 6.4.0 and final release
  • 970df58 fix: uri-sanitization in formaction attributes
  • 7c4867c fix: xss bypass in allowed protocol test using unicode invisible characters
  • 913ab75 fix: reduce redundancy in workflow jobs
  • 218c15a fix: rework pip caching
  • 4f0b097 fix: fix tox platform restrictions
  • e95a79d chore: update pytest
  • 91539d4 Bump actions/cache from 5.0.3 to 5.0.4
  • cd47b4c fix: handle left-angle-bracket that's not a tag (#733)
  • Additional commits viewable in compare view

Updates tornado from 6.5.5 to 6.5.7

Changelog

Sourced from tornado's changelog.

Release notes

.. toctree:: :maxdepth: 2

releases/v6.5.7 releases/v6.5.6 releases/v6.5.5 releases/v6.5.4 releases/v6.5.3 releases/v6.5.2 releases/v6.5.1 releases/v6.5.0 releases/v6.4.2 releases/v6.4.1 releases/v6.4.0 releases/v6.3.3 releases/v6.3.2 releases/v6.3.1 releases/v6.3.0 releases/v6.2.0 releases/v6.1.0 releases/v6.0.4 releases/v6.0.3 releases/v6.0.2 releases/v6.0.1 releases/v6.0.0 releases/v5.1.1 releases/v5.1.0 releases/v5.0.2 releases/v5.0.1 releases/v5.0.0 releases/v4.5.3 releases/v4.5.2 releases/v4.5.1 releases/v4.5.0 releases/v4.4.3 releases/v4.4.2 releases/v4.4.1 releases/v4.4.0 releases/v4.3.0 releases/v4.2.1 releases/v4.2.0 releases/v4.1.0 releases/v4.0.2 releases/v4.0.1 releases/v4.0.0 releases/v3.2.2 releases/v3.2.1

... (truncated)

Commits
  • 48fc2d4 Merge pull request #3633 from bdarnell/curl-reset-65
  • 4ae1ddd Release notes and version bump for 6.5.7
  • 3154caa curl_httpclient: Reset the curl object before putting it on the freelist
  • 7d869c0 Merge pull request #3631 from bdarnell/cve-links
  • 288241f docs: Use the correct link syntax
  • 8da981c docs: Add CVE links to 6.5.6 release notes
  • aba2569 Merge pull request #3626 from bdarnell/fixes-656
  • a24b260 httpclient_test: Accept an additional error message variant
  • a74240a Release notes and version bump for 6.5.6.
  • e8fc7ed simple_httpclient: Strip auth headers on cross-origin redirects
  • Additional commits viewable in compare view

Updates ujson from 5.12.1 to 5.13.0

Release notes

Sourced from ujson's releases.

5.13.0

Added

Changed

Fixed

  • Tighten UTF-8 validation for ujson.dumps(b"...", reject_bytes=False) (169eaf36b1116fece5034ee79a7a0ef3f6deedcf) @​bwoodsend
  • Replace generated version.h with macro (#735) @​hugovk
Commits
  • 1a23a68 Create manylinux2014 wheels (#745)
  • bd943e8 Build separate manylinux2014 + modern wheels
  • 87ae2df Create manylinux2014 wheels
  • 209371e Verify expected number of dists (#743)
  • 6392258 Also check SHA of wheels in case manylinux version changes
  • a00edea Verify expected number of dists
  • e24aeb7 Fix utf-8 test for graalpy
  • 9122ebe Replace pre-commit with prek to fix deprecation warning (#744)
  • 0bbf9a3 Add support for Python 3.15 (#742)
  • 90ddea2 Replace pre-commit with prek to fix deprecation warning
  • Additional commits viewable in compare view

Updates ujson from 5.5.0 to 5.13.0

Release notes

Sourced from ujson's releases.

5.13.0

Added

Changed

Fixed

  • Tighten UTF-8 validation for ujson.dumps(b"...", reject_bytes=False) (169eaf36b1116fece5034ee79a7a0ef3f6deedcf) @​bwoodsend
  • Replace generated version.h with macro (

@dependabot
Bump the pip group across 5 directories with 5 updates
7e6cdbf 
Bumps the pip group with 4 updates in the /mpcontribs-api/requirements directory: [bleach](https://github.com/mozilla/bleach), [cryptography](https://github.com/pyca/cryptography), [jupyter-server](https://github.com/jupyter-server/jupyter_server) and [tornado](https://github.com/tornadoweb/tornado).
Bumps the pip group with 1 update in the /mpcontribs-client/requirements directory: [ujson](https://github.com/ultrajson/ultrajson).
Bumps the pip group with 4 updates in the /mpcontribs-kernel-gateway/requirements directory: [bleach](https://github.com/mozilla/bleach), [jupyter-server](https://github.com/jupyter-server/jupyter_server), [tornado](https://github.com/tornadoweb/tornado) and [ujson](https://github.com/ultrajson/ultrajson).
Bumps the pip group with 3 updates in the /mpcontribs-portal/requirements directory: [bleach](https://github.com/mozilla/bleach), [tornado](https://github.com/tornadoweb/tornado) and [ujson](https://github.com/ultrajson/ultrajson).
Bumps the pip group with 1 update in the /mpcontribs-serverless/dependencies directory: [ujson](https://github.com/ultrajson/ultrajson).


Updates `bleach` from 6.3.0 to 6.4.0
- [Changelog](https://github.com/mozilla/bleach/blob/main/CHANGES)
- [Commits](mozilla/bleach@v6.3.0...v6.4.0)

Updates `cryptography` from 48.0.0 to 48.0.1
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](pyca/cryptography@48.0.0...48.0.1)

Updates `jupyter-server` from 2.18.2 to 2.20.0
- [Release notes](https://github.com/jupyter-server/jupyter_server/releases)
- [Changelog](https://github.com/jupyter-server/jupyter_server/blob/main/CHANGELOG.md)
- [Commits](jupyter-server/jupyter_server@v2.18.2...v2.20.0)

Updates `tornado` from 6.5.5 to 6.5.7
- [Changelog](https://github.com/tornadoweb/tornado/blob/master/docs/releases.rst)
- [Commits](tornadoweb/tornado@v6.5.5...v6.5.7)

Updates `ujson` from 5.12.1 to 5.13.0
- [Release notes](https://github.com/ultrajson/ultrajson/releases)
- [Commits](ultrajson/ultrajson@5.12.1...5.13.0)

Updates `bleach` from 6.3.0 to 6.4.0
- [Changelog](https://github.com/mozilla/bleach/blob/main/CHANGES)
- [Commits](mozilla/bleach@v6.3.0...v6.4.0)

Updates `jupyter-server` from 2.18.2 to 2.20.0
- [Release notes](https://github.com/jupyter-server/jupyter_server/releases)
- [Changelog](https://github.com/jupyter-server/jupyter_server/blob/main/CHANGELOG.md)
- [Commits](jupyter-server/jupyter_server@v2.18.2...v2.20.0)

Updates `tornado` from 6.5.5 to 6.5.7
- [Changelog](https://github.com/tornadoweb/tornado/blob/master/docs/releases.rst)
- [Commits](tornadoweb/tornado@v6.5.5...v6.5.7)

Updates `ujson` from 5.12.1 to 5.13.0
- [Release notes](https://github.com/ultrajson/ultrajson/releases)
- [Commits](ultrajson/ultrajson@5.12.1...5.13.0)

Updates `bleach` from 6.3.0 to 6.4.0
- [Changelog](https://github.com/mozilla/bleach/blob/main/CHANGES)
- [Commits](mozilla/bleach@v6.3.0...v6.4.0)

Updates `tornado` from 6.5.5 to 6.5.7
- [Changelog](https://github.com/tornadoweb/tornado/blob/master/docs/releases.rst)
- [Commits](tornadoweb/tornado@v6.5.5...v6.5.7)

Updates `ujson` from 5.12.1 to 5.13.0
- [Release notes](https://github.com/ultrajson/ultrajson/releases)
- [Commits](ultrajson/ultrajson@5.12.1...5.13.0)

Updates `ujson` from 5.5.0 to 5.13.0
- [Release notes](https://github.com/ultrajson/ultrajson/releases)
- [Commits](ultrajson/ultrajson@5.12.1...5.13.0)

---
updated-dependencies:
- dependency-name: bleach
  dependency-version: 6.4.0
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: cryptography
  dependency-version: 48.0.1
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: jupyter-server
  dependency-version: 2.20.0
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: tornado
  dependency-version: 6.5.7
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: ujson
  dependency-version: 5.13.0
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: bleach
  dependency-version: 6.4.0
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: jupyter-server
  dependency-version: 2.20.0
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: tornado
  dependency-version: 6.5.7
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: ujson
  dependency-version: 5.13.0
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: bleach
  dependency-version: 6.4.0
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: tornado
  dependency-version: 6.5.7
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: ujson
  dependency-version: 5.13.0
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: ujson
  dependency-version: 5.13.0
  dependency-type: indirect
  dependency-group: pip
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Jun 23, 2026
@dependabot dependabot Bot mentioned this pull request Jun 23, 2026
Closed
@dependabot @github

dependabot Bot commented on behalf of github Jun 23, 2026

Copy link
Copy Markdown
Contributor Author

Superseded by #2082.

@dependabot dependabot Bot closed this Jun 23, 2026
@dependabot dependabot Bot deleted the dependabot/pip/mpcontribs-api/requirements/pip-ed9f6ba542 branch June 23, 2026 16:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants