Skip to content

build: bump the minor-and-patch group in /back with 9 updates#878

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/back/minor-and-patch-d3eab2d981
Open

build: bump the minor-and-patch group in /back with 9 updates#878
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/back/minor-and-patch-d3eab2d981

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 17, 2026

Bumps the minor-and-patch group in /back with 9 updates:

Package From To
boto3 1.42.64 1.42.69
botocore 1.42.64 1.42.69
charset-normalizer 3.4.5 3.4.6
hiredis 3.3.0 3.3.1
pyjwt 2.11.0 2.12.1
ruff 0.15.5 0.15.6
filelock 3.25.1 3.25.2
identify 2.6.17 2.6.18
python-discovery 1.1.2 1.1.3

Updates boto3 from 1.42.64 to 1.42.69

Commits
  • 3f60ae5 Merge branch 'release-1.42.69'
  • e1a1595 Bumping version to 1.42.69
  • 1eb051c Add changelog entries from botocore
  • fbfa858 Bump github/codeql-action from 4.32.1 to 4.33.0 (#4735)
  • 6b10acd Merge branch 'release-1.42.68'
  • 4b02b3c Merge branch 'release-1.42.68' into develop
  • 0b7dcef Bumping version to 1.42.68
  • 5754b6f Add changelog entries from botocore
  • b1ff6b0 Merge branch 'release-1.42.67'
  • d62e89b Merge branch 'release-1.42.67' into develop
  • Additional commits viewable in compare view

Updates botocore from 1.42.64 to 1.42.69

Commits
  • dac0d1b Merge branch 'release-1.42.69'
  • 2194dd4 Bumping version to 1.42.69
  • 4297aa3 Update endpoints model
  • 0f9a20d Update to latest models
  • 7a0027d Merge branch 'release-1.42.68'
  • e8346e2 Merge branch 'release-1.42.68' into develop
  • e735b45 Bumping version to 1.42.68
  • 8db5e18 Update endpoints model
  • 32ca194 Update to latest models
  • d45e39f Raise TypeError on bare test decorator usage and add regression tests (#3649)
  • Additional commits viewable in compare view

Updates charset-normalizer from 3.4.5 to 3.4.6

Release notes

Sourced from charset-normalizer's releases.

Version 3.4.6

3.4.6 (2026-03-15)

Changed

  • Flattened the logic in charset_normalizer.md for higher performance. Removed eligible(..) and feed(...) in favor of feed_info(...).
  • Raised upper bound for mypy[c] to 1.20, for our optimized version.
  • Updated UNICODE_RANGES_COMBINED using Unicode blocks v17.

Fixed

  • Edge case where noise difference between two candidates can be almost insignificant. (#672)
  • CLI --normalize writing to wrong path when passing multiple files in. (#702)

Misc

  • Freethreaded pre-built wheels now shipped in PyPI starting with 3.14t. (#616)
Changelog

Sourced from charset-normalizer's changelog.

3.4.6 (2026-03-15)

Changed

  • Flattened the logic in charset_normalizer.md for higher performance. Removed eligible(..) and feed(...) in favor of feed_info(...).
  • Raised upper bound for mypy[c] to 1.20, for our optimized version.
  • Updated UNICODE_RANGES_COMBINED using Unicode blocks v17.

Fixed

  • Edge case where noise difference between two candidates can be almost insignificant. (#672)
  • CLI --normalize writing to wrong path when passing multiple files in. (#702)

Misc

  • Freethreaded pre-built wheels now shipped in PyPI starting with 3.14t. (#616)
Commits
  • 5478b84 Merge pull request #715 from jawah/release-3.4.6
  • 5c0a09e ✔️ add confidence for threading usage, mostly due to lru_cach...
  • ef826b2 📝 update changelog
  • 5564f1a 📝 update docs accordingly
  • 0f2cf7d 📝 update changelog
  • 54a1894 🐛 fix --normalize writing to wrong path with multiple files
  • 2177e28 📝 update changelog
  • b2497a5 🐛 edge case where noise difference between two candidates can be almost i...
  • 13a5d0b 🔧 upgrade ci requirements
  • b9ffbd4 🔧 enable 3.14t nox mypyc session
  • Additional commits viewable in compare view

Updates hiredis from 3.3.0 to 3.3.1

Release notes

Sourced from hiredis's releases.

3.3.1

Changes

This release fixes a compatibility issue with Python 3.15:

Contributors

We'd like to thank all the contributors who worked on this release!

@​tacaswell

Commits

Updates pyjwt from 2.11.0 to 2.12.1

Release notes

Sourced from pyjwt's releases.

2.12.1

What's Changed

Full Changelog: jpadilla/pyjwt@2.12.0...2.12.1

2.12.0

Security

What's Changed

New Contributors

Full Changelog: jpadilla/pyjwt@2.11.0...2.12.0

Changelog

Sourced from pyjwt's changelog.

v2.12.1 <https://github.com/jpadilla/pyjwt/compare/2.12.0...2.12.1>__

Fixed


- Add missing ``typing_extensions`` dependency for Python < 3.11 in `[#1150](https://github.com/jpadilla/pyjwt/issues/1150) <https://github.com/jpadilla/pyjwt/issues/1150>`__

v2.12.0 &lt;https://github.com/jpadilla/pyjwt/compare/2.11.0...2.12.0&gt;__


Fixed

  • Annotate PyJWKSet.keys for pyright by @​tamird in [#1134](https://github.com/jpadilla/pyjwt/issues/1134) <https://github.com/jpadilla/pyjwt/pull/1134>__
  • Close HTTPError response to prevent ResourceWarning on Python 3.14 by @​veeceey in [#1133](https://github.com/jpadilla/pyjwt/issues/1133) <https://github.com/jpadilla/pyjwt/pull/1133>__
  • Do not keep algorithms dict in PyJWK instances by @​akx in [#1143](https://github.com/jpadilla/pyjwt/issues/1143) <https://github.com/jpadilla/pyjwt/pull/1143>__
  • Validate the crit (Critical) Header Parameter defined in RFC 7515 §4.1.11. by @​dmbs335 in GHSA-752w-5fwx-jx9f <https://github.com/jpadilla/pyjwt/security/advisories/GHSA-752w-5fwx-jx9f>__
  • Use PyJWK algorithm when encoding without explicit algorithm in [#1148](https://github.com/jpadilla/pyjwt/issues/1148) <https://github.com/jpadilla/pyjwt/pull/1148>__

Added


- Docs: Add ``PyJWKClient`` API reference and document the two-tier caching system (JWK Set cache and signing key LRU cache).
Commits

Updates ruff from 0.15.5 to 0.15.6

Release notes

Sourced from ruff's releases.

0.15.6

Release Notes

Released on 2026-03-12.

Preview features

  • Add support for lazy import parsing (#23755)
  • Add support for star-unpacking of comprehensions (PEP 798) (#23788)
  • Reject semantic syntax errors for lazy imports (#23757)
  • Drop a few rules from the preview default set (#23879)
  • [airflow] Flag Variable.get() calls outside of task execution context (AIR003) (#23584)
  • [airflow] Flag runtime-varying values in DAG/task constructor arguments (AIR304) (#23631)
  • [flake8-bugbear] Implement delattr-with-constant (B043) (#23737)
  • [flake8-tidy-imports] Add TID254 to enforce lazy imports (#23777)
  • [flake8-tidy-imports] Allow users to ban lazy imports with TID254 (#23847)
  • [isort] Retain lazy keyword when sorting imports (#23762)
  • [pyupgrade] Add from __future__ import annotations automatically (UP006) (#23260)
  • [refurb] Support newline parameter in FURB101 for Python 3.13+ (#23754)
  • [ruff] Add os-path-commonprefix (RUF071) (#23814)
  • [ruff] Add unsafe fix for os-path-commonprefix (RUF071) (#23852)
  • [ruff] Limit RUF036 to typing contexts; make it unsafe for non-typing-only (#23765)
  • [ruff] Use starred unpacking for RUF017 in Python 3.15+ (#23789)

Bug fixes

  • Fix --add-noqa creating unwanted leading whitespace (#23773)
  • Fix --add-noqa breaking shebangs (#23577)
  • [formatter] Fix lambda body formatting for multiline calls and subscripts (#23866)
  • [formatter] Preserve required annotation parentheses in annotated assignments (#23865)
  • [formatter] Preserve type-expression parentheses in the formatter (#23867)
  • [flake8-annotations] Fix stack overflow in ANN401 on quoted annotations with escape sequences (#23912)
  • [pep8-naming] Check naming conventions in match pattern bindings (N806, N815, N816) (#23899)
  • [perflint] Fix comment duplication in fixes (PERF401, PERF403) (#23729)
  • [pyupgrade] Properly trigger super change in nested class (UP008) (#22677)
  • [ruff] Avoid syntax errors in RUF036 fixes (#23764)

Rule changes

  • [flake8-bandit] Flag S501 with requests.request (#23873)
  • [flake8-executable] Fix WSL detection in non-Docker containers (#22879)
  • [flake8-print] Ignore pprint calls with stream= (#23787)

Documentation

  • Update docs for Markdown code block formatting (#23871)
  • [flake8-bugbear] Fix misleading description for B904 (#23731)

Contributors

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.6

Released on 2026-03-12.

Preview features

  • Add support for lazy import parsing (#23755)
  • Add support for star-unpacking of comprehensions (PEP 798) (#23788)
  • Reject semantic syntax errors for lazy imports (#23757)
  • Drop a few rules from the preview default set (#23879)
  • [airflow] Flag Variable.get() calls outside of task execution context (AIR003) (#23584)
  • [airflow] Flag runtime-varying values in DAG/task constructor arguments (AIR304) (#23631)
  • [flake8-bugbear] Implement delattr-with-constant (B043) (#23737)
  • [flake8-tidy-imports] Add TID254 to enforce lazy imports (#23777)
  • [flake8-tidy-imports] Allow users to ban lazy imports with TID254 (#23847)
  • [isort] Retain lazy keyword when sorting imports (#23762)
  • [pyupgrade] Add from __future__ import annotations automatically (UP006) (#23260)
  • [refurb] Support newline parameter in FURB101 for Python 3.13+ (#23754)
  • [ruff] Add os-path-commonprefix (RUF071) (#23814)
  • [ruff] Add unsafe fix for os-path-commonprefix (RUF071) (#23852)
  • [ruff] Limit RUF036 to typing contexts; make it unsafe for non-typing-only (#23765)
  • [ruff] Use starred unpacking for RUF017 in Python 3.15+ (#23789)

Bug fixes

  • Fix --add-noqa creating unwanted leading whitespace (#23773)
  • Fix --add-noqa breaking shebangs (#23577)
  • [formatter] Fix lambda body formatting for multiline calls and subscripts (#23866)
  • [formatter] Preserve required annotation parentheses in annotated assignments (#23865)
  • [formatter] Preserve type-expression parentheses in the formatter (#23867)
  • [flake8-annotations] Fix stack overflow in ANN401 on quoted annotations with escape sequences (#23912)
  • [pep8-naming] Check naming conventions in match pattern bindings (N806, N815, N816) (#23899)
  • [perflint] Fix comment duplication in fixes (PERF401, PERF403) (#23729)
  • [pyupgrade] Properly trigger super change in nested class (UP008) (#22677)
  • [ruff] Avoid syntax errors in RUF036 fixes (#23764)

Rule changes

  • [flake8-bandit] Flag S501 with requests.request (#23873)
  • [flake8-executable] Fix WSL detection in non-Docker containers (#22879)
  • [flake8-print] Ignore pprint calls with stream= (#23787)

Documentation

  • Update docs for Markdown code block formatting (#23871)
  • [flake8-bugbear] Fix misleading description for B904 (#23731)

Contributors

... (truncated)

Commits
  • e4c7f35 Bump 0.15.6 (#23919)
  • edfe6c1 [ty] Narrow type context during collection literal inference (#23844)
  • dd16d68 Exclude broken symlink in ecosystem check (#23921)
  • 3f94c6a Fix stack overflow in ANN401 on quoted annotations with escape sequences (#23...
  • 91fc7bd [ty] Fix false-positive diagnostics for PEP-604 union annotations on attribut...
  • 04229cf [ty] Initial test suite for PEP-728 TypedDict features (#23832)
  • 728b9d6 [pep8-naming] Check naming conventions in match pattern bindings (N806,...
  • 88d1eec [ty] Ensure a type[] type T is always considered assignable to a union th...
  • 37cdd61 Fix lambda body formatting for multiline calls and subscripts (#23866)
  • a25a4df [ty] Disambiguate duplicate-looking overloaded callables in union display (#2...
  • Additional commits viewable in compare view

Updates filelock from 3.25.1 to 3.25.2

Release notes

Sourced from filelock's releases.

3.25.2

What's Changed

Full Changelog: tox-dev/filelock@3.25.1...3.25.2

Changelog

Sourced from filelock's changelog.

########### Changelog ###########

3.25.2 (2026-03-11)

  • 🐛 fix(unix): suppress EIO on close in Docker bind mounts :pr:513

3.25.1 (2026-03-09)

  • [pre-commit.ci] pre-commit autoupdate :pr:510 - by :user:pre-commit-ci[bot]
  • 🐛 fix(win): restore best-effort lock file cleanup on release :pr:511
  • [pre-commit.ci] pre-commit autoupdate :pr:508 - by :user:pre-commit-ci[bot]
  • 📝 docs(logo): add branded project logo :pr:507

3.25.0 (2026-03-01)

  • ✨ feat(async): add AsyncReadWriteLock :pr:506
  • Standardize .github files to .yaml suffix
  • build(deps): bump actions/download-artifact from 7 to 8 :pr:503 - by :user:dependabot[bot]
  • build(deps): bump actions/upload-artifact from 6 to 7 :pr:502 - by :user:dependabot[bot]
  • Move SECURITY.md to .github/SECURITY.md
  • Add security policy
  • Add permissions to check workflow :pr:500
  • [pre-commit.ci] pre-commit autoupdate :pr:499 - by :user:pre-commit-ci[bot]

3.24.3 (2026-02-19)

  • 🐛 fix(unix): handle ENOENT race on FUSE/NFS during acquire :pr:495
  • 🐛 fix(ci): add trailing blank line after changelog entries :pr:492

3.24.2 (2026-02-16)

  • 🐛 fix(rw): close sqlite3 cursors and skip SoftFileLock Windows race :pr:491
  • 🐛 fix(test): resolve flaky write non-starvation test :pr:490
  • 📝 docs: restructure using Diataxis framework :pr:489

3.24.1 (2026-02-15)

... (truncated)

Commits

Updates identify from 2.6.17 to 2.6.18

Commits

Updates python-discovery from 1.1.2 to 1.1.3

Release notes

Sourced from python-discovery's releases.

1.1.3

What's Changed

New Contributors

Full Changelog: tox-dev/python-discovery@1.1.2...1.1.3

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build: bump the minor-and-patch group in /back with 9 updates
4f575b8 
Bumps the minor-and-patch group in /back with 9 updates:

| Package | From | To |
| --- | --- | --- |
| [boto3](https://github.com/boto/boto3) | `1.42.64` | `1.42.69` |
| [botocore](https://github.com/boto/botocore) | `1.42.64` | `1.42.69` |
| [charset-normalizer](https://github.com/jawah/charset_normalizer) | `3.4.5` | `3.4.6` |
| [hiredis](https://github.com/redis/hiredis-py) | `3.3.0` | `3.3.1` |
| [pyjwt](https://github.com/jpadilla/pyjwt) | `2.11.0` | `2.12.1` |
| [ruff](https://github.com/astral-sh/ruff) | `0.15.5` | `0.15.6` |
| [filelock](https://github.com/tox-dev/py-filelock) | `3.25.1` | `3.25.2` |
| [identify](https://github.com/pre-commit/identify) | `2.6.17` | `2.6.18` |
| [python-discovery](https://github.com/tox-dev/python-discovery) | `1.1.2` | `1.1.3` |


Updates `boto3` from 1.42.64 to 1.42.69
- [Release notes](https://github.com/boto/boto3/releases)
- [Commits](boto/boto3@1.42.64...1.42.69)

Updates `botocore` from 1.42.64 to 1.42.69
- [Commits](boto/botocore@1.42.64...1.42.69)

Updates `charset-normalizer` from 3.4.5 to 3.4.6
- [Release notes](https://github.com/jawah/charset_normalizer/releases)
- [Changelog](https://github.com/jawah/charset_normalizer/blob/master/CHANGELOG.md)
- [Commits](jawah/charset_normalizer@3.4.5...3.4.6)

Updates `hiredis` from 3.3.0 to 3.3.1
- [Release notes](https://github.com/redis/hiredis-py/releases)
- [Changelog](https://github.com/redis/hiredis-py/blob/master/CHANGELOG.md)
- [Commits](redis/hiredis-py@v3.3.0...v3.3.1)

Updates `pyjwt` from 2.11.0 to 2.12.1
- [Release notes](https://github.com/jpadilla/pyjwt/releases)
- [Changelog](https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst)
- [Commits](jpadilla/pyjwt@2.11.0...2.12.1)

Updates `ruff` from 0.15.5 to 0.15.6
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.5...0.15.6)

Updates `filelock` from 3.25.1 to 3.25.2
- [Release notes](https://github.com/tox-dev/py-filelock/releases)
- [Changelog](https://github.com/tox-dev/filelock/blob/main/docs/changelog.rst)
- [Commits](tox-dev/filelock@3.25.1...3.25.2)

Updates `identify` from 2.6.17 to 2.6.18
- [Commits](pre-commit/identify@v2.6.17...v2.6.18)

Updates `python-discovery` from 1.1.2 to 1.1.3
- [Release notes](https://github.com/tox-dev/python-discovery/releases)
- [Commits](tox-dev/python-discovery@1.1.2...1.1.3)

---
updated-dependencies:
- dependency-name: boto3
  dependency-version: 1.42.69
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: botocore
  dependency-version: 1.42.69
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: charset-normalizer
  dependency-version: 3.4.6
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: hiredis
  dependency-version: 3.3.1
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: pyjwt
  dependency-version: 2.12.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: ruff
  dependency-version: 0.15.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: filelock
  dependency-version: 3.25.2
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: identify
  dependency-version: 2.6.18
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: python-discovery
  dependency-version: 1.1.3
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Mar 17, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants