Skip to content

Bump the minor-and-patch group with 3 updates#51

Merged
github-actions[bot] merged 1 commit into
masterfrom
dependabot/uv/minor-and-patch-e91c091650
Jul 6, 2026
Merged

Bump the minor-and-patch group with 3 updates#51
github-actions[bot] merged 1 commit into
masterfrom
dependabot/uv/minor-and-patch-e91c091650

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 6, 2026

Copy link
Copy Markdown
Contributor

Bumps the minor-and-patch group with 3 updates: pillow, tensorboard and coverage.

Updates pillow from 12.2.0 to 12.3.0

Release notes

Sourced from pillow's releases.

12.3.0

https://pillow.readthedocs.io/en/stable/releasenotes/12.3.0.html

Removals

Documentation

Dependencies

Testing

... (truncated)

Commits
  • bb1d8e8 12.3.0 version bump
  • e63fc48 Add release notes for SBOM and performance improvements (#9747)
  • 13b701b Add release notes for #9679
  • 5564ca7 List methods
  • a0920fd Speed up ImageChops operations (#9738)
  • 07e9a6c Speed up Image.filter() (#9736)
  • a94578c Speed up Image.getchannel(), Image.merge(), Image.putalpha() and `Image...
  • 53e02c4 Speed up Image.fill(), Image.linear_gradient() and `Image.radial_gradient...
  • af03747 Speed up Image.resample() (#9739)
  • 5c9ca56 Speed up alpha_composite, matrix, negative, quantize (#9740)
  • Additional commits viewable in compare view

Updates tensorboard from 2.20.0 to 2.21.0

Release notes

Sourced from tensorboard's releases.

TensorBoard 2.21.0

The 2.21 minor series tracks TensorFlow 2.21.

Features

  • Time Series Dashboard Optimization: Improved usability for time-series tooltips by limiting them to a maximum of 5 items and setting the default sorting to "Nearest Pixel" (prioritizing values closest to the cursor) (#7046, #7051, #7133, #7135).

Bug Fixes

  • Fix a Projector plugin vulnerability. (#7115)
  • Dependency Compatibility: Fixed runtime crashes caused by the missing pkg_resources library in newer environments (migrated to standard importlib.metadata) (#7057).

Breaking Changes

  • This version updates its runtime dependency requirements to align with the TensorFlow 2.21 dependency stack. In particular, protobuf now requires >=6.31.1, <8.0.0 and grpcio now requires >=1.74.0, <2.0.
Changelog

Sourced from tensorboard's changelog.

Release 2.21.0

The 2.21 minor series tracks TensorFlow 2.21.

Features

  • Time Series Dashboard Optimization: Improved usability for time-series tooltips by limiting them to a maximum of 5 items and setting the default sorting to "Nearest Pixel" (prioritizing values closest to the cursor) (#7046, #7051).

Bug Fixes

  • Fix a Projector plugin vulnerability. (#7115)
  • Dependency Compatibility: Fixed runtime crashes caused by the missing pkg_resources library in newer environments (migrated to standard importlib.metadata) (#7057).

Breaking Changes

  • This version updates its runtime dependency requirements to align with the TensorFlow 2.21 dependency stack. In particular, protobuf now requires >=6.31.1, <8.0.0 and grpcio now requires >=1.74.0, <2.0.
Commits

Updates coverage from 7.14.3 to 7.15.0

Changelog

Sourced from coverage's changelog.

Version 7.15.0 — 2026-07-02

  • Since 7.14.0, reporting commands implicitly combine parallel data files. Now those commands have a new option --keep-combined to retain the data files after combining them instead of the default, which is to delete them. Finishes issue 2198_.

  • Fix: the LCOV report would incorrectly count excluded functions as uncovered, as described in issue 2205. This is now fixed thanks to Martin Kuntz Jacobsen <pull 2206_>.

  • When running your program, coverage now correctly sets yourmodule.__spec__.loader as strongly recommended <--loader--_>, avoiding the deprecation warning described in issue 2208. Thanks, A5rocks <pull 2209_>_.

  • Fix: with Python 3.10, running with the -I (isolated mode) option didn't correctly omit the current directory from the module search path, as described in issue 2103. That is now fixed thanks to Ilia Sorokin <pull 2211_>.

.. --loader--: https://docs.python.org/3/reference/datamodel.html#module.__loader_ .. _issue 2103: coveragepy/coveragepy#2103 .. _issue 2198: coveragepy/coveragepy#2198 .. _issue 2205: coveragepy/coveragepy#2205 .. _pull 2206: coveragepy/coveragepy#2206 .. _issue 2208: coveragepy/coveragepy#2208 .. _pull 2209: coveragepy/coveragepy#2209 .. _pull 2211: coveragepy/coveragepy#2211

.. _changes_7-14-3:

Commits
  • c8c8020 docs: sample HTML for 7.15.0
  • ae19db1 docs: prep for 7.15.0
  • 17b45a1 docs: --keep-combined in the man page
  • 6f9fa1e fix: preserve isolated sys.path on Python 3.10 (#2211)
  • 787af5f chore: bump actions/checkout in the action-dependencies group (#2210)
  • 1ed3998 fix: start attaching the loader on __spec__ #2208 (#2209)
  • 1ab1122 docs: remove stray comma
  • f24a91f feat: --keep-combined for reporting commands. #2198
  • 5e70751 test: canonicalize mock calls in test_cmdline to reduce diff noise
  • 65979cc fix: skip excluded functions in LCOV function totals (#2206)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the minor-and-patch group with 3 updates: [pillow](https://github.com/python-pillow/Pillow), [tensorboard](https://github.com/tensorflow/tensorboard) and [coverage](https://github.com/coveragepy/coveragepy).


Updates `pillow` from 12.2.0 to 12.3.0
- [Release notes](https://github.com/python-pillow/Pillow/releases)
- [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst)
- [Commits](python-pillow/Pillow@12.2.0...12.3.0)

Updates `tensorboard` from 2.20.0 to 2.21.0
- [Release notes](https://github.com/tensorflow/tensorboard/releases)
- [Changelog](https://github.com/tensorflow/tensorboard/blob/master/RELEASE.md)
- [Commits](tensorflow/tensorboard@2.20.0...2.21.0)

Updates `coverage` from 7.14.3 to 7.15.0
- [Release notes](https://github.com/coveragepy/coveragepy/releases)
- [Changelog](https://github.com/coveragepy/coveragepy/blob/main/CHANGES.rst)
- [Commits](coveragepy/coveragepy@7.14.3...7.15.0)

---
updated-dependencies:
- dependency-name: pillow
  dependency-version: 12.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: tensorboard
  dependency-version: 2.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: coverage
  dependency-version: 7.15.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jul 6, 2026
@github-actions
github-actions Bot enabled auto-merge (squash) July 6, 2026 18:26
@github-actions
github-actions Bot merged commit a186733 into master Jul 6, 2026
3 checks passed
@dependabot
dependabot Bot deleted the dependabot/uv/minor-and-patch-e91c091650 branch July 6, 2026 18:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants