Skip to content

deps(pip): bump the python-dependencies group with 3 updates#817

Closed
dependabot[bot] wants to merge 2 commits into
mainfrom
dependabot/pip/python-dependencies-a6a7d29c12
Closed

deps(pip): bump the python-dependencies group with 3 updates#817
dependabot[bot] wants to merge 2 commits into
mainfrom
dependabot/pip/python-dependencies-a6a7d29c12

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 8, 2026

Copy link
Copy Markdown
Contributor

Updates the requirements on mypy, gradio and tqdm to permit the latest version.
Updates mypy to 2.2.0

Changelog

Sourced from mypy's changelog.

Mypy Release Notes

Next Release

Mypy 2.2

We've just uploaded mypy 2.2.0 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features, performance improvements and bug fixes. You can install it as follows:

python3 -m pip install -U mypy

You can read the full documentation for this release on Read the Docs.

Support for Closed TypedDicts (PEP 728)

Mypy now supports closed TypedDicts as specified in PEP 728. A closed TypedDict cannot have extra keys beyond those explicitly defined. This allows the type checker to determine that certain operations are safe when they otherwise wouldn't be due to the potential presence of unknown keys.

You can use the closed keyword argument with TypedDict:

HasName = TypedDict("HasName", {"name": str})
HasOnlyName = TypedDict("HasOnlyName", {"name": str}, closed=True)
Movie = TypedDict("Movie", {"name": str, "year": int})
movie: Movie = {"name": "Nimona", "year": 2023}
has_name: HasName = movie  # OK: HasName is open (default)
has_only_name: HasOnlyName = movie  # Error: HasOnlyName is closed and Movie has extra "year" key

Closed TypedDicts enable more precise type checking because the type checker knows exactly which keys are present. This is particularly useful when working with TypedDict unions or when you want to ensure that a TypedDict conforms to an exact shape.

The closed keyword also enables safe type narrowing with in checks:

Book = TypedDict('Book', {'book': str}, closed=True)
DVD = TypedDict('DVD', {'dvd': str}, closed=True)
type Inventory = Book | DVD
def print_type(inventory: Inventory) -> None:
if "book" in inventory:
# Type is narrowed to Book here - safe because DVD is closed
print(inventory["book"])
else:
# Type is narrowed to DVD here
print(inventory["dvd"])
</tr></table>

... (truncated)

Commits

Updates gradio from 6.19.0 to 6.20.0

Release notes

Sourced from gradio's releases.

gradio@6.20.0

Features

Fixes

Changelog

Sourced from gradio's changelog.

6.20.0

Features

Fixes

Commits
  • 601769e chore: update versions (#13550)
  • 7a595cb Fix ImageEditor brush texture resets (#13597)
  • 876d333 Fix JSONDecodeError when loading cached examples with negative number outpu...
  • 2e80558 Fire state.change() for streaming (.stream()) events (#13588)
  • 4e72cd1 workflow: forward _token to bound fn when no request session (#13595)
  • 1c5c538 fix: serve /gradio_api/file=<url> via an SSRF-safe proxy (#13596)
  • 46d391b Fix embedded apps growing infinitely tall on Spaces (#13563)
  • 75c5d1e workflow: inject token into fn functions (#13574)
  • 27d4999 Revert "Fix ImageEditor brush texture resets"
  • 753e916 Fix ImageEditor brush texture resets
  • Additional commits viewable in compare view

Updates tqdm to 4.68.4

Release notes

Sourced from tqdm's releases.

tqdm v4.68.4 stable

  • trim to ncols even when '{bar}' not in bar_format (#1717, #1767 <- #1658)
  • fix tqdm.write when stdout=None (#1768)
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Updates the requirements on [mypy](https://github.com/python/mypy), [gradio](https://github.com/gradio-app/gradio) and [tqdm](https://github.com/tqdm/tqdm) to permit the latest version.

Updates `mypy` to 2.2.0
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](python/mypy@v2.1.0...v2.2.0)

Updates `gradio` from 6.19.0 to 6.20.0
- [Release notes](https://github.com/gradio-app/gradio/releases)
- [Changelog](https://github.com/gradio-app/gradio/blob/main/CHANGELOG.md)
- [Commits](https://github.com/gradio-app/gradio/compare/gradio@6.19.0...gradio@6.20.0)

Updates `tqdm` to 4.68.4
- [Release notes](https://github.com/tqdm/tqdm/releases)
- [Commits](tqdm/tqdm@v4.68.3...v4.68.4)

---
updated-dependencies:
- dependency-name: mypy
  dependency-version: 2.2.0
  dependency-type: direct:development
  dependency-group: python-dependencies
- dependency-name: gradio
  dependency-version: 6.20.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-dependencies
- dependency-name: tqdm
  dependency-version: 4.68.4
  dependency-type: direct:production
  dependency-group: python-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@chatgpt-codex-connector

Copy link
Copy Markdown

Codex usage limits have been reached for code reviews. Please check with the admins of this repo to increase the limits by adding credits.
Credits must be used to enable repository wide code reviews.

@sourcery-ai sourcery-ai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry @dependabot[bot], you have reached your weekly rate limit of 500000 diff characters.

Please try again later or upgrade to continue using Sourcery

@github-actions github-actions Bot added the documentation Improvements or additions to documentation label Jul 9, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jul 9, 2026

Copy link
Copy Markdown
Contributor Author

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this Jul 9, 2026
@dependabot dependabot Bot deleted the dependabot/pip/python-dependencies-a6a7d29c12 branch July 9, 2026 04:13
@github-actions

github-actions Bot commented Jul 9, 2026

Copy link
Copy Markdown
Contributor

🔐 CodeQL — Open Alerts on this PR

Severity Count
error 107
high 97
note 732
medium 57
warning 83
critical 1

Copilot Autofix suggestions (if enabled) appear as inline review comments on the affected lines.
See the full list in the Security tab.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

autofix dependencies documentation Improvements or additions to documentation

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant