Skip to content

Bump the pip group with 6 updates #158

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Oct 2, 2025
Merged

Bump the pip group with 6 updates #158

merged 2 commits into from
Oct 2, 2025

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 1, 2025

Bumps the pip group with 6 updates:

Package From To
anyio 4.10.0 4.11.0
faker 37.6.0 37.8.0
hypothesis 6.138.15 6.140.2
mypy 1.17.1 1.18.2
pytest-cov 6.3.0 7.0.0
ruff 0.12.12 0.13.2

Updates anyio from 4.10.0 to 4.11.0

Release notes

Sourced from anyio's releases.

4.11.0

  • Added support for cancellation reasons (the reason parameter to CancelScope.cancel()) (#975)
  • Bumped the minimum version of Trio to v0.31.0
  • Added the ability to enter the event loop from foreign (non-worker) threads by passing the return value of anyio.lowlevel.current_token() to anyio.from_thread.run() and anyio.from_thread.run_sync() as the token keyword argument (#256)
  • Added pytest option (anyio_mode = "auto") to make the pytest plugin automatically handle all async tests (#971)
  • Added the anyio.Condition.wait_for() method for feature parity with asyncio (#974)
  • Changed the default type argument of anyio.abc.TaskStatus from Any to None (#964)
  • Fixed TCP listener behavior to guarantee the same ephemeral port is used for all socket listeners when local_port=0 (#857; PR by @​11kkw and @​agronholm)
  • Fixed inconsistency between Trio and asyncio where a TCP stream that previously raised a BrokenResourceError on send() would still raise BrokenResourceError after the stream was closed on asyncio, but ClosedResourceError on Trio. They now both raise a ClosedResourceError in this scenario. (#671)
Changelog

Sourced from anyio's changelog.

Version history

This library adheres to Semantic Versioning 2.0 <http://semver.org/>_.

4.11.0

  • Added support for cancellation reasons (the reason parameter to CancelScope.cancel()) ([#975](https://github.com/agronholm/anyio/issues/975) <https://github.com/agronholm/anyio/pull/975>_)
  • Bumped the minimum version of Trio to v0.31.0
  • Added the ability to enter the event loop from foreign (non-worker) threads by passing the return value of anyio.lowlevel.current_token() to anyio.from_thread.run() and anyio.from_thread.run_sync() as the token keyword argument ([#256](https://github.com/agronholm/anyio/issues/256) <https://github.com/agronholm/anyio/issues/256>_)
  • Added pytest option (anyio_mode = "auto") to make the pytest plugin automatically handle all async tests ([#971](https://github.com/agronholm/anyio/issues/971) <https://github.com/agronholm/anyio/pull/971>_)
  • Added the anyio.Condition.wait_for() method for feature parity with asyncio ([#974](https://github.com/agronholm/anyio/issues/974) <https://github.com/agronholm/anyio/pull/974>_)
  • Changed the default type argument of anyio.abc.TaskStatus from Any to None ([#964](https://github.com/agronholm/anyio/issues/964) <https://github.com/agronholm/anyio/pull/964>_)
  • Fixed TCP listener behavior to guarantee the same ephemeral port is used for all socket listeners when local_port=0 ([#857](https://github.com/agronholm/anyio/issues/857) <https://github.com/agronholm/anyio/issues/857>_; PR by @​11kkw and @​agronholm)
  • Fixed inconsistency between Trio and asyncio where a TCP stream that previously raised a BrokenResourceError on send() would still raise BrokenResourceError after the stream was closed on asyncio, but ClosedResourceError on Trio. They now both raise a ClosedResourceError in this scenario. ([#671](https://github.com/agronholm/anyio/issues/671) <https://github.com/agronholm/anyio/issues/671>_)

4.10.0

  • Added the feed_data() method to the BufferedByteReceiveStream class, allowing users to inject data directly into the buffer

  • Added various class methods to wrap existing sockets as listeners or socket streams:

    • SocketListener.from_socket()
    • SocketStream.from_socket()
    • UNIXSocketStream.from_socket()
    • UDPSocket.from_socket()
    • ConnectedUDPSocket.from_socket()
    • UNIXDatagramSocket.from_socket()
    • ConnectedUNIXDatagramSocket.from_socket()

  • Added a hierarchy of connectable stream classes for transparently connecting to various remote or local endpoints for exchanging bytes or objects

  • Added context manager mix-in classes (anyio.ContextManagerMixin and anyio.AsyncContextManagerMixin) to help write classes that embed other context managers, particularly cancel scopes or task groups ([#905](https://github.com/agronholm/anyio/issues/905) <https://github.com/agronholm/anyio/pull/905>_; PR by @​agronholm and

... (truncated)

Commits
  • 08737af Bumped up the version
  • 8bb9fe0 Fixed the inconsistent exception on sending to a closed TCP stream (#980)
  • 9637093 [pre-commit.ci] pre-commit autoupdate (#981)
  • f1bc6ee Fixed changelog entry formatting
  • 0b58964 Mentioned the sub-interpreter support in the README
  • 1ed112c Ensure same port is used for IPv4/IPv6 when creating TCP listener with local_...
  • aceeee0 Re-enabled coverage reporting on macOS
  • 6b890dc Reworded a changelog entry and added PR links to others
  • 944257d Updated pre-commit modules
  • 087975f Fixed a documentation style (#976)
  • Additional commits viewable in compare view

Updates faker from 37.6.0 to 37.8.0

Release notes

Sourced from faker's releases.

Release v37.8.0

See CHANGELOG.md.

Release v37.7.0

See CHANGELOG.md.

Changelog

Sourced from faker's changelog.

v37.8.0 - 2025-09-15

v37.7.0 - 2025-09-15

Commits

Updates hypothesis from 6.138.15 to 6.140.2

Release notes

Sourced from hypothesis's releases.

Hypothesis for Python - version 6.140.2

The automatic switch to the CI "settings profile" now works under tox (for "tox >= 4.30.0").

The canonical version of these notes (with links) is on readthedocs.

Hypothesis for Python - version 6.140.1

This patch re-enables the warning for incompatible "shared()" strategies that was first enabled in v6.133.0 but disabled in v6.135.15.

The canonical version of these notes (with links) is on readthedocs.

Hypothesis for Python - version 6.140.0

"characters()" now validates that the elements of the "exclude_characters" and "include_characters" arguments are single characters, which was always assumed internally. For example, "exclude_characters=["a", "b"]" is valid while "exclude_characters=["ab"]" will now raise an error up-front.

The canonical version of these notes (with links) is on readthedocs.

Hypothesis for Python - version 6.139.3

Add "phase" to the hypothesis-specific metadata in observability.

The canonical version of these notes (with links) is on readthedocs.

Hypothesis for Python - version 6.139.2

Internal refactoring for new lint rules.

The canonical version of these notes (with links) is on readthedocs.

Hypothesis for Python - version 6.139.1

Fixed another typo in error message around function-scoped fixtures.

The canonical version of these notes (with links) is on readthedocs.

Hypothesis for Python - version 6.139.0

Add "get_current_profile_name()", which returns the name of the current settings profile.

The canonical version of these notes (with links) is on readthedocs.

Hypothesis for Python - version 6.138.17

Fixed typo in error message around function-scoped fixtures.

The canonical version of these notes (with links) is on readthedocs.

Hypothesis for Python - version 6.138.16

Improved error message for "DeadlineExceeded".

... (truncated)

Commits
  • 275d496 Bump hypothesis-python version to 6.140.2 and update changelog
  • 3b95a47 Merge pull request #4553 from Liam-DeVoe/tox-ci
  • 549d8cd Bump hypothesis-python version to 6.140.1 and update changelog
  • b3146b0 Merge pull request #4509 from jobh/fix_shared_strategy_warnings
  • af304d9 Remove a redundant hash in calc_label
  • 43a65dc Revert changes to integers/floats label calculation
  • f1e78f7 Add test for coverage
  • c5fa0d4 formatting, lint
  • b5dc8ff Update a test
  • 7cb9389 lint and flatmap
  • Additional commits viewable in compare view

Updates mypy from 1.17.1 to 1.18.2

Changelog

Sourced from mypy's changelog.

Mypy 1.18.2

  • Fix crash on recursive alias (Ivan Levkivskyi, PR 19845)
  • Add additional guidance for stubtest errors when runtime is object.__init__ (Stephen Morton, PR 19733)
  • Fix handling of None values in f-string expressions in mypyc (BobTheBuidler, PR 19846)

Acknowledgements

Thanks to all mypy contributors who contributed to this release:

  • Ali Hamdan
  • Anthony Sottile
  • BobTheBuidler
  • Brian Schubert
  • Chainfire
  • Charlie Denton
  • Christoph Tyralla
  • CoolCat467
  • Daniel Hnyk
  • Emily
  • Emma Smith
  • Ethan Sarp
  • Ivan Levkivskyi
  • Jahongir Qurbonov
  • Jelle Zijlstra
  • Joren Hammudoglu
  • Jukka Lehtosalo
  • Marc Mueller
  • Omer Hadari
  • Piotr Sawicki
  • PrinceNaroliya
  • Randolf Scholz
  • Robsdedude
  • Saul Shanabrook
  • Shantanu
  • Stanislav Terliakov
  • Stephen Morton
  • wyattscarpenter

I’d also like to thank my employer, Dropbox, for supporting mypy development.

Mypy 1.17

We’ve just uploaded mypy 1.17 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features and bug fixes. You can install it as follows:

python3 -m pip install -U mypy

You can read the full documentation for this release on Read the Docs.

... (truncated)

Commits
  • df05f05 remove +dev from version
  • 01a7a12 Update changelog for 1.18.2 (#19873)
  • ca5abf0 Typeshed cherry-pick: Make type of unitest.mock.Any a subclass of Any (#1...
  • 9d794b5 [mypyc] fix: inappropriate Nones in f-strings (#19846)
  • 2c0510c stubtest: additional guidance on errors when runtime is object.init (#19733)
  • 2f3f03c Bump version to 1.18.2+dev for point release
  • 7669841 Fix crash on recursive alias in indirection.py (#19845)
  • 03fbaa9 bump version to 1.18.1 due to wheels failure
  • b44a1fb removed +dev from version
  • 7197a99 Removed Unreleased in the Changelog for Release 1.18 (#19827)
  • Additional commits viewable in compare view

Updates pytest-cov from 6.3.0 to 7.0.0

Changelog

Sourced from pytest-cov's changelog.

7.0.0 (2025-09-09)

  • Dropped support for subprocesses measurement.

    It was a feature added long time ago when coverage lacked a nice way to measure subprocesses created in tests. It relied on a .pth file, there was no way to opt-out and it created bad interations with coverage's new patch system <https://coverage.readthedocs.io/en/latest/config.html#run-patch>_ added in 7.10 <https://coverage.readthedocs.io/en/7.10.6/changes.html#version-7-10-0-2025-07-24>_.

    To migrate to this release you might need to enable the suprocess patch, example for .coveragerc:

    .. code-block:: ini

    [run] patch = subprocess

    This release also requires at least coverage 7.10.6.

  • Switched packaging to have metadata completely in pyproject.toml and use hatchling <https://pypi.org/project/hatchling/>_ for building. Contributed by Ofek Lev in [#551](https://github.com/pytest-dev/pytest-cov/issues/551) <https://github.com/pytest-dev/pytest-cov/pull/551>_ with some extras in [#716](https://github.com/pytest-dev/pytest-cov/issues/716) <https://github.com/pytest-dev/pytest-cov/pull/716>_.

  • Removed some not really necessary testing deps like six.

Commits
  • 224d896 Bump version: 6.3.0 → 7.0.0
  • 73424e3 Cleanup the docs a bit.
  • 36f1cc2 Bump pins in template.
  • f299c59 Bump the github-actions group with 2 updates
  • 25f0b2e Update docs/config.rst
  • bb23eac Improve configuration docs
  • a19531e Switch from build/pre-commit to uv/prek - this should make this faster.
  • 82f9993 Update changelog.
  • 211b5cd Fix links.
  • 97aadd7 Update some ci config, reformat and apply some lint fixes.
  • Additional commits viewable in compare view

Updates ruff from 0.12.12 to 0.13.2

Release notes

Sourced from ruff's releases.

0.13.2

Release Notes

Released on 2025-09-25.

Preview features

  • [flake8-async] Implement blocking-path-method (ASYNC240) (#20264)
  • [flake8-bugbear] Implement map-without-explicit-strict (B912) (#20429)
  • [flake8-bultins] Detect class-scope builtin shadowing in decorators, default args, and attribute initializers (A003) (#20178)
  • [ruff] Implement logging-eager-conversion (RUF065) (#19942)
  • Include .pyw files by default when linting and formatting (#20458)

Bug fixes

  • Deduplicate input paths (#20105)
  • [flake8-comprehensions] Preserve trailing commas for single-element lists (C409) (#19571)
  • [flake8-pyi] Avoid syntax error from conflict with PIE790 (PYI021) (#20010)
  • [flake8-simplify] Correct fix for positive maxsplit without separator (SIM905) (#20056)
  • [pyupgrade] Fix UP008 not to apply when __class__ is a local variable (#20497)
  • [ruff] Fix B004 to skip invalid hasattr/getattr calls (#20486)
  • [ruff] Replace -nan with nan when using the value to construct a Decimal (FURB164 ) (#20391)

Documentation

  • Add 'Finding ways to help' to CONTRIBUTING.md (#20567)
  • Update import path to ruff-wasm-web (#20539)
  • [flake8-bandit] Clarify the supported hashing functions (S324) (#20534)

Other changes

  • [playground] Allow hover quick fixes to appear for overlapping diagnostics (#20527)
  • [playground] Fix non‑BMP code point handling in quick fixes and markers (#20526)

Contributors

Install ruff 0.13.2

... (truncated)

Changelog

Sourced from ruff's changelog.

0.13.2

Released on 2025-09-25.

Preview features

  • [flake8-async] Implement blocking-path-method (ASYNC240) (#20264)
  • [flake8-bugbear] Implement map-without-explicit-strict (B912) (#20429)
  • [flake8-bultins] Detect class-scope builtin shadowing in decorators, default args, and attribute initializers (A003) (#20178)
  • [ruff] Implement logging-eager-conversion (RUF065) (#19942)
  • Include .pyw files by default when linting and formatting (#20458)

Bug fixes

  • Deduplicate input paths (#20105)
  • [flake8-comprehensions] Preserve trailing commas for single-element lists (C409) (#19571)
  • [flake8-pyi] Avoid syntax error from conflict with PIE790 (PYI021) (#20010)
  • [flake8-simplify] Correct fix for positive maxsplit without separator (SIM905) (#20056)
  • [pyupgrade] Fix UP008 not to apply when __class__ is a local variable (#20497)
  • [ruff] Fix B004 to skip invalid hasattr/getattr calls (#20486)
  • [ruff] Replace -nan with nan when using the value to construct a Decimal (FURB164 ) (#20391)

Documentation

  • Add 'Finding ways to help' to CONTRIBUTING.md (#20567)
  • Update import path to ruff-wasm-web (#20539)
  • [flake8-bandit] Clarify the supported hashing functions (S324) (#20534)

Other changes

  • [playground] Allow hover quick fixes to appear for overlapping diagnostics (#20527)
  • [playground] Fix non‑BMP code point handling in quick fixes and markers (#20526)

Contributors

0.13.1

... (truncated)

Commits
  • b0bdf03 Bump 0.13.2 (#20576)
  • 7331d39 Update rooster to 0.1.0 (#20575)
  • 529e5fa [ty] Ecosystem analyzer: timing report (#20571)
  • efbb80f [ty] Remove hack in protocol satisfiability check (#20568)
  • 9f3cffc Add 'Finding ways to help' to CONTRIBUTING.md (#20567)
  • 21be94a [ty] Explicitly test assignability/subtyping between unions of nominal types ...
  • b7d5dc9 [ty] Add tests for interactions of @classmethod, @staticmethod, and proto...
  • e1bb74b [ty] Match variadic argument to variadic parameter (#20511)
  • edeb458 [ty] fallback to resolve_real_module in file_to_module (#20461)
  • bea92c8 [ty] More precise type inference for dictionary literals (#20523)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the pip group with 6 updates
e73bc17 
Bumps the pip group with 6 updates:

| Package | From | To |
| --- | --- | --- |
| [anyio](https://github.com/agronholm/anyio) | `4.10.0` | `4.11.0` |
| [faker](https://github.com/joke2k/faker) | `37.6.0` | `37.8.0` |
| [hypothesis](https://github.com/HypothesisWorks/hypothesis) | `6.138.15` | `6.140.2` |
| [mypy](https://github.com/python/mypy) | `1.17.1` | `1.18.2` |
| [pytest-cov](https://github.com/pytest-dev/pytest-cov) | `6.3.0` | `7.0.0` |
| [ruff](https://github.com/astral-sh/ruff) | `0.12.12` | `0.13.2` |


Updates `anyio` from 4.10.0 to 4.11.0
- [Release notes](https://github.com/agronholm/anyio/releases)
- [Changelog](https://github.com/agronholm/anyio/blob/master/docs/versionhistory.rst)
- [Commits](agronholm/anyio@4.10.0...4.11.0)

Updates `faker` from 37.6.0 to 37.8.0
- [Release notes](https://github.com/joke2k/faker/releases)
- [Changelog](https://github.com/joke2k/faker/blob/master/CHANGELOG.md)
- [Commits](joke2k/faker@v37.6.0...v37.8.0)

Updates `hypothesis` from 6.138.15 to 6.140.2
- [Release notes](https://github.com/HypothesisWorks/hypothesis/releases)
- [Commits](HypothesisWorks/hypothesis@hypothesis-python-6.138.15...hypothesis-python-6.140.2)

Updates `mypy` from 1.17.1 to 1.18.2
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](python/mypy@v1.17.1...v1.18.2)

Updates `pytest-cov` from 6.3.0 to 7.0.0
- [Changelog](https://github.com/pytest-dev/pytest-cov/blob/master/CHANGELOG.rst)
- [Commits](pytest-dev/pytest-cov@v6.3.0...v7.0.0)

Updates `ruff` from 0.12.12 to 0.13.2
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.12.12...0.13.2)

---
updated-dependencies:
- dependency-name: anyio
  dependency-version: 4.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip
- dependency-name: faker
  dependency-version: 37.8.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip
- dependency-name: hypothesis
  dependency-version: 6.140.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip
- dependency-name: mypy
  dependency-version: 1.18.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip
- dependency-name: pytest-cov
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: pip
- dependency-name: ruff
  dependency-version: 0.13.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Oct 1, 2025
@vrslev vrslev merged commit 7b588b4 into main Oct 2, 2025
5 checks passed
@vrslev vrslev deleted the dependabot/pip/pip-e8825f2b61 branch October 2, 2025 21:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@vrslev