Skip to content

chore: bump the uv-backend-minor-patch group across 1 directory with 7 updates#275

Open
dependabot[bot] wants to merge 1 commit into
devfrom
dependabot/uv/backend/dev/uv-backend-minor-patch-26d7cbeccb
Open

chore: bump the uv-backend-minor-patch group across 1 directory with 7 updates#275
dependabot[bot] wants to merge 1 commit into
devfrom
dependabot/uv/backend/dev/uv-backend-minor-patch-26d7cbeccb

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 28, 2026

Copy link
Copy Markdown
Contributor

Bumps the uv-backend-minor-patch group with 7 updates in the /backend directory:

Package From To
alembic 1.18.4 1.18.5
google-genai 2.8.0 2.10.0
greenlet 3.5.1 3.5.3
pydantic-settings 2.14.1 2.14.2
sqlmodel 0.0.38 0.0.39
pytest 9.0.3 9.1.1
ruff 0.15.16 0.15.20

Updates alembic from 1.18.4 to 1.18.5

Release notes

Sourced from alembic's releases.

1.18.5

Released: June 25, 2026

usecase

  • [usecase] [commands] Added --splice support to the merge() command. Previously, the merge command would suggest using --splice when attempting to merge non-head revisions, but the flag was not actually accepted by the command. The splice parameter is now available in both the command-line interface and the command.merge() function, matching the existing support in command.revision(). Pull request courtesy Kadir Can Ozden.

    References: #1712

  • [usecase] [environment] Added ScriptDirectory.get_heads.consider_depends_on parameter to ScriptDirectory.get_heads(). When set to True, head revisions that are also a dependency of another revision via depends_on are excluded from the result, matching the effective heads that would be present in the alembic_version table after running all upgrades.

    References: #1806

bug

  • [bug] [autogenerate] Fixed rendering of dialect keyword arguments containing ~sqlalchemy.schema.Column objects within sequences, such as postgresql_include. These were previously rendered using repr(), producing invalid Python in the generated migration scripts. Column objects within list or tuple values are now correctly rendered as their string column names. Pull request courtesy Ajay Singh.

    References: #1258

  • [bug] [mysql] Implemented type comparison for ENUM datatypes on MySQL, which checks that the individual enum values are equivalent. If additional entries are on either side, this generates a diff. Changes of order do not generate a diff. Pull request courtesy Furkan Köykıran.

    References: #1745, #779

  • [bug] [operations] Fixed bug where the inline_references parameter of Operations.add_column() did not include foreign key referential actions such as ON DELETE, ON UPDATE, DEFERRABLE, INITIALLY, and MATCH when rendering the inline REFERENCES clause.

... (truncated)

Commits

Updates google-genai from 2.8.0 to 2.10.0

Release notes

Sourced from google-genai's releases.

v2.10.0

2.10.0 (2026-06-24)

Features

  • Add Agent Platform MCP support to async generate_content_stream (a4772cc)
  • [Interactions] Add ComputerUse.disabled_safety_policies (732368f)
  • [Models] Add ComputerUse.disabled_safety_policies (a359406)
  • Add usage fields for steps (7bb6c72)
  • Add video generation and response format parameters. (ec8f22b)

Documentation

  • Fix typos across docstrings (63ec5bb)

v2.9.0

2.9.0 (2026-06-19)

Major updates

  • The interactions implementation has been completely replaced. The public api surface is unchanged. (d830f16)

Features

  • Add audioOffset to VoiceActivity (fb785e4)
  • Add gemini-3-flash-preview (gemini-3.1, gemini-3.5, gemini-4 are already mapped) to the local tokenizer map. (749f8a1), closes #1972
  • Add interimInputTranscription to LiveServerContent (fb785e4)
  • Add LanguageAuto, LanguageHints, and adaptationPhrases to AudioTranscriptionConfig (fb785e4)
  • Broaden publisher model path check to support all publishers (5d282e6)
  • Add ServiceTier to UsageMetadata (45b4963)
  • Expose Computer Use API fields (420b5a7)
  • Gemma 4 local tokenizer support (ca97c58)
  • interaction-api: Add presence_penalty, frequency_penalty, and cached_content to models.proto (05f16fe)
  • interaction-api: Rename usage to total_usage in StreamMetadata. (7c331c6)

Bug Fixes

  • Add fallback for aiohttp.readline without max_line_length for backward compatibility because we still want to keep aiohttp as optional dependency (e99ab99), closes #2487
  • Fix header (f8f9749)
  • Keep live music API keys out of websocket urls (#2564) (c754ebf)
  • Make transformers an optional dependency for local tokenizers, also add other dependencies to local-tokenizer-extras. (528926b)
  • Use .model_copy() instead of deprecated .copy() (216369f)

v2.9.0-rc1

2.9.0-rc1 (2026-06-17)

Features

... (truncated)

Changelog

Sourced from google-genai's changelog.

2.10.0 (2026-06-24)

Features

  • Add Agent Platform MCP support to async generate_content_stream (a4772cc)
  • [Interactions] Add ComputerUse.disabled_safety_policies (732368f)
  • [Models] Add ComputerUse.disabled_safety_policies (a359406)
  • Add usage fields for steps (7bb6c72)
  • Add video generation and response format parameters. (ec8f22b)

Documentation

  • Fix typos across docstrings (63ec5bb)

2.9.0 (2026-06-19)

Major updates

  • The interactions implementation has been completely replaced. The public api surface is unchanged. (d830f16)

Features

  • Add audioOffset to VoiceActivity (fb785e4)
  • Add gemini-3-flash-preview (gemini-3.1, gemini-3.5, gemini-4 are already mapped) to the local tokenizer map. (749f8a1), closes #1972
  • Add interimInputTranscription to LiveServerContent (fb785e4)
  • Add LanguageAuto, LanguageHints, and adaptationPhrases to AudioTranscriptionConfig (fb785e4)
  • Broaden publisher model path check to support all publishers (5d282e6)
  • Add ServiceTier to UsageMetadata (45b4963)
  • Expose Computer Use API fields (420b5a7)
  • Gemma 4 local tokenizer support (ca97c58)
  • interaction-api: Add presence_penalty, frequency_penalty, and cached_content to models.proto (05f16fe)
  • interaction-api: Rename usage to total_usage in StreamMetadata. (7c331c6)

Bug Fixes

  • Add fallback for aiohttp.readline without max_line_length for backward compatibility because we still want to keep aiohttp as optional dependency (e99ab99), closes #2487
  • Fix header (f8f9749)
  • Keep live music API keys out of websocket urls (#2564) (c754ebf)
  • Make transformers an optional dependency for local tokenizers, also add other dependencies to local-tokenizer-extras. (528926b)
  • Use .model_copy() instead of deprecated .copy() (216369f)

2.9.0-rc1 (2026-06-17)

Features

... (truncated)

Commits
  • e41801c chore(main): release 2.10.0 (#2636)
  • ab37930 chore: Disable ComputerUse.disabled_safety_policies in Gemini Enterprise API
  • ec8f22b feat: add video generation and response format parameters.
  • 7bb6c72 feat: add usage fields for steps
  • 732368f feat: Add ComputerUse.disabled_safety_policies
  • a359406 feat: Add ComputerUse.disabled_safety_policies
  • a4772cc feat: Add Agent Platform MCP support to async generate_content_stream
  • 67703bf chore: Fix comment.
  • 63ec5bb docs: fix typos across docstrings
  • 3260c6f chore: Upgrade stalebot action to use v10 (due to Node20 deprecation)
  • Additional commits viewable in compare view

Updates greenlet from 3.5.1 to 3.5.3

Changelog

Sourced from greenlet's changelog.

3.5.3 (2026-06-26)

  • Fix a crash on free-threaded builds when multiple greenlets were holding a critical section on an object and the GIL for the thread was dropped. See issue 513 <https://github.com/python-greenlet/greenlet/issues/513>_. Thanks to ddorian.

3.5.2 (2026-06-17)

  • The minimum supported version of Python 3.15 is now 3.15b2.
  • Fix some garbage-collection related crashes on free-threaded Python 3.15. Thanks to Kumar Aditya in PR [#511](https://github.com/python-greenlet/greenlet/issues/511) <https://github.com/python-greenlet/greenlet/pull/511>_.
  • Improve garbage collection of greenlets. This mostly applies to Python 3.15. Thanks to Kumar Aditya in PR [#512](https://github.com/python-greenlet/greenlet/issues/512) <https://github.com/python-greenlet/greenlet/pull/512>_.
Commits
  • 6ee8c2c Preparing release 3.5.3
  • 6ec0bbb Merge pull request #514 from python-greenlet/issue513-preserve-crit-section
  • c03a7e6 Py3.13+: Preserve thread state critical_section to prevent crash on free-thre...
  • bc10829 Speed up manylinux test runs by only running the core checks; only start many...
  • c2db75d Back to development: 3.5.3
  • 0b64e9c Preparing release 3.5.2
  • 3e28d27 Add change note for #512 [skip ci]
  • 6563c5e Merge pull request #512 from kumaraditya303/ft-mem
  • ab6eff6 add ignore for win 3.10
  • 41f5349 revert back to fails_leakcheck_on_py314_or_less
  • Additional commits viewable in compare view

Updates pydantic-settings from 2.14.1 to 2.14.2

Release notes

Sourced from pydantic-settings's releases.

v2.14.2

What's Changed

This is a security patch release.

Security

Fixes GHSA-4xgf-cpjx-pc3j: NestedSecretsSettingsSource with secrets_nested_subdir=True could follow a symbolic link inside secrets_dir pointing outside it, reading out-of-tree files into settings values and bypassing the secrets_dir_max_size cap. Affected versions: >= 2.12.0, < 2.14.2.

Full Changelog: pydantic/pydantic-settings@v2.14.1...v2.14.2

Commits

Updates sqlmodel from 0.0.38 to 0.0.39

Changelog

Sourced from sqlmodel's changelog.

0.0.39 (2026-06-25)

Features

  • ✨ Add SQLModel Agent Library Skill, install with uvx library-skills. PR #2017 by @​tiangolo.

Fixes

Docs

Internal

... (truncated)

Commits

Updates pytest from 9.0.3 to 9.1.1

Release notes

Sourced from pytest's releases.

9.1.1

pytest 9.1.1 (2026-06-19)

Bug fixes

  • #14220: Fixed a logic bug in pytest.RaisesGroup which would might cause it to display incorrect "It matches FooError() which was paired with BarError" messages.
  • #14591: Fixed a regression in pytest 9.1.0 which caused overriding a parametrized fixture with an indirect @​pytest.mark.parametrize to fail with "duplicate parametrization of '<fixture name>'".
  • #14606: Fixed list-item typing errors from mypy in @pytest.mark.parametrize <pytest.mark.parametrize ref> argvalues parameter.
  • #14608: Fixed a regression in pytest 9.1.0 where conftest.py files located in <invocation dir>/test* were no longer loaded as initial conftests when invoked without arguments. This could cause certain hooks (like pytest_addoption) in these files to not fire.

9.1.0

pytest 9.1.0 (2026-06-13)

Removals and backward incompatible breaking changes

  • #14533: When using --doctest-modules, autouse fixtures with module, package or session scope that are defined inline in Python test modules (not plugins or conftests) will now possibly execute twice.

    If this is undesirable, move the fixture definition to a conftest.py file if possible.

    Technical explanation for those interested: When using --doctest-modules, pytest possibly collects Python modules twice, once as pytest.Module and once as a DoctestModule (depending on the configuration). Due to improvements in pytest's fixture implementation, if e.g. the DoctestModule collects a fixture, it is now visible to it only, and not to the Module. This means that both need to register the fixtures independently.

Deprecations (removal in next major release)

  • #10819: Added a deprecation warning for class-scoped fixtures defined as instance methods (without @classmethod). Such fixtures set attributes on a different instance than the test methods use, leading to unexpected behavior. Use @classmethod decorator instead -- by yastcher.

    See 10819 and 14011.

  • #12882: Calling request.getfixturevalue() <pytest.FixtureRequest.getfixturevalue> during teardown to request a fixture that was not already requested is now deprecated and will become an error in pytest 10.

    See dynamic-fixture-request-during-teardown for details.

  • #13409: Using non-~collections.abc.Collection iterables (such as generators, iterators, or custom iterable objects) for the argvalues parameter in @pytest.mark.parametrize <pytest.mark.parametrize ref> and metafunc.parametrize <pytest.Metafunc.parametrize> is now deprecated.

    These iterables get exhausted after the first iteration, leading to tests getting unexpectedly skipped in cases such as running pytest.main() multiple times, using class-level parametrize decorators, or collecting tests multiple times.

    See parametrize-iterators for details and suggestions.

  • #13946: The private config.inicfg attribute is now deprecated. Use config.getini() <pytest.Config.getini> to access configuration values instead.

    See config-inicfg for more details.

  • #14004: Passing baseid to ~pytest.FixtureDef or nodeid strings to fixture registration APIs is now deprecated. These are internal pytest APIs that are used by some plugins.

... (truncated)

Commits
  • cf470ec Prepare release version 9.1.1
  • e0c8ce6 Merge pull request #14625 from pytest-dev/patchback/backports/9.1.x/a07c31a97...
  • 1b82d16 Merge pull request #14624 from pytest-dev/patchback/backports/9.1.x/b375b79ec...
  • 501c4bc Merge pull request #14596 from bluetech/doc-classmethod
  • b61f588 Merge pull request #14622 from chrisburr/fix-14608-initial-conftest-test-subdir
  • 9a567e0 [automated] Update plugin list (#14617) (#14618)
  • ef8b299 Merge pull request #14620 from pytest-dev/patchback/backports/9.1.x/680f9f3ed...
  • 66abd07 Merge pull request #14220 from bysiber/fix-stale-iexp-raisesgroup
  • 79fbf93 Merge pull request #14612 from pytest-dev/patchback/backports/9.1.x/974ed48b6...
  • 0d312eb Merge pull request #14611 from bluetech/parametrize-argvalues-typing
  • Additional commits viewable in compare view

Updates ruff from 0.15.16 to 0.15.20

Release notes

Sourced from ruff's releases.

0.15.20

Release Notes

Released on 2026-06-25.

Preview features

  • Allow human-readable names in rule selectors (#25887)
  • Emit a warning instead of an error for unknown rule selectors (#26113)
  • Match noqa shebang handling in ruff:ignore comments (#26286)
  • [ruff] Remove pytest-fixture-autouse (RUF076) (#26240, #26371)

Documentation

  • Add versioning sections to custom crate READMEs (#26317)
  • Update ruff_python_parser README for crates.io (#26315)
  • [perflint] Clarify that PERF402 applies to any iterable (#26242)

Contributors

Install ruff 0.15.20

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/ruff/releases/download/0.15.20/ruff-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/ruff/releases/download/0.15.20/ruff-installer.ps1 | iex"

Download ruff 0.15.20

File Platform Checksum
ruff-aarch64-apple-darwin.tar.gz Apple Silicon macOS checksum
ruff-x86_64-apple-darwin.tar.gz Intel macOS checksum
ruff-aarch64-pc-windows-msvc.zip ARM64 Windows checksum
ruff-i686-pc-windows-msvc.zip x86 Windows checksum
ruff-x86_64-pc-windows-msvc.zip x64 Windows checksum
ruff-aarch64-unknown-linux-gnu.tar.gz ARM64 Linux checksum
ruff-i686-unknown-linux-gnu.tar.gz x86 Linux checksum

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.20

Released on 2026-06-25.

Preview features

  • Allow human-readable names in rule selectors (#25887)
  • Emit a warning instead of an error for unknown rule selectors (#26113)
  • Match noqa shebang handling in ruff:ignore comments (#26286)
  • [ruff] Remove pytest-fixture-autouse (RUF076) (#26240, #26371)

Documentation

  • Add versioning sections to custom crate READMEs (#26317)
  • Update ruff_python_parser README for crates.io (#26315)
  • [perflint] Clarify that PERF402 applies to any iterable (#26242)

Contributors

0.15.19

Released on 2026-06-23.

Preview features

  • Support human-readable names when hovering suppression comments and in code actions (#26114)

Bug fixes

  • Fall back to default settings when editor-only settings are invalid (#26244)
  • Fix panic when inserting text at a notebook cell boundary (#26111)

Rule changes

  • [pylint] Update fix suggestions for __floor__, __trunc__, __length_hint__, and __matmul__ variants (PLC2801) (#26239)

Performance

  • Avoid allocating when parsing single string literals (#26200)
  • Avoid reallocating singleton call arguments (#26223)
  • Lazily create source files for lint diagnostics (#26226)
  • Optimize formatter text width and indentation (#26236)
  • Reserve capacity for builtin bindings (#26229)
  • Skip repeated-key checks for singleton dictionaries (#26228)
  • Use ArrayVec for qualified name segments (#26224)

... (truncated)

Commits
  • f82a36b Bump 0.15.20 (#26376)
  • af32943 Improve the summarise-ecosystem-results skill (#26378)
  • 485ebab Remove RUF076 name from schema (#26371)
  • ef81835 [ty] Implement rust-analyzer's "Click for full compiler diagnostic" feature (...
  • 572b31e [ruff] Remove pytest-fixture-autouse (RUF076) (#26240)
  • f703f21 Allow human-readable names in rule selectors (#25887)
  • 0d726b2 [ty] Reuse equality semantics for membership compatibility (#25955)
  • dbe6e98 [ty] Infer definite equality comparison results (#26337)
  • e700ea3 [ty] Prove TypedDict structural patterns exhaustive (#26285)
  • 6a0d2ec [ty] Widen inferred class-valued instance attributes (#26338)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

…7 updates

Bumps the uv-backend-minor-patch group with 7 updates in the /backend directory:

| Package | From | To |
| --- | --- | --- |
| [alembic](https://github.com/sqlalchemy/alembic) | `1.18.4` | `1.18.5` |
| [google-genai](https://github.com/googleapis/python-genai) | `2.8.0` | `2.10.0` |
| [greenlet](https://github.com/python-greenlet/greenlet) | `3.5.1` | `3.5.3` |
| [pydantic-settings](https://github.com/pydantic/pydantic-settings) | `2.14.1` | `2.14.2` |
| [sqlmodel](https://github.com/fastapi/sqlmodel) | `0.0.38` | `0.0.39` |
| [pytest](https://github.com/pytest-dev/pytest) | `9.0.3` | `9.1.1` |
| [ruff](https://github.com/astral-sh/ruff) | `0.15.16` | `0.15.20` |



Updates `alembic` from 1.18.4 to 1.18.5
- [Release notes](https://github.com/sqlalchemy/alembic/releases)
- [Changelog](https://github.com/sqlalchemy/alembic/blob/main/CHANGES)
- [Commits](https://github.com/sqlalchemy/alembic/commits)

Updates `google-genai` from 2.8.0 to 2.10.0
- [Release notes](https://github.com/googleapis/python-genai/releases)
- [Changelog](https://github.com/googleapis/python-genai/blob/main/CHANGELOG.md)
- [Commits](googleapis/python-genai@v2.8.0...v2.10.0)

Updates `greenlet` from 3.5.1 to 3.5.3
- [Changelog](https://github.com/python-greenlet/greenlet/blob/master/CHANGES.rst)
- [Commits](python-greenlet/greenlet@3.5.1...3.5.3)

Updates `pydantic-settings` from 2.14.1 to 2.14.2
- [Release notes](https://github.com/pydantic/pydantic-settings/releases)
- [Commits](pydantic/pydantic-settings@v2.14.1...v2.14.2)

Updates `sqlmodel` from 0.0.38 to 0.0.39
- [Release notes](https://github.com/fastapi/sqlmodel/releases)
- [Changelog](https://github.com/fastapi/sqlmodel/blob/main/docs/release-notes.md)
- [Commits](fastapi/sqlmodel@0.0.38...0.0.39)

Updates `pytest` from 9.0.3 to 9.1.1
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](pytest-dev/pytest@9.0.3...9.1.1)

Updates `ruff` from 0.15.16 to 0.15.20
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.16...0.15.20)

---
updated-dependencies:
- dependency-name: alembic
  dependency-version: 1.18.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: uv-backend-minor-patch
- dependency-name: google-genai
  dependency-version: 2.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: uv-backend-minor-patch
- dependency-name: greenlet
  dependency-version: 3.5.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: uv-backend-minor-patch
- dependency-name: pydantic-settings
  dependency-version: 2.14.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: uv-backend-minor-patch
- dependency-name: sqlmodel
  dependency-version: 0.0.39
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: uv-backend-minor-patch
- dependency-name: pytest
  dependency-version: 9.1.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: uv-backend-minor-patch
- dependency-name: ruff
  dependency-version: 0.15.20
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: uv-backend-minor-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Jun 28, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants