Skip to content

chore(deps): Bump the python-minor-patch group with 6 updates#86

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/uv/python-minor-patch-fa483f80a7
Open

chore(deps): Bump the python-minor-patch group with 6 updates#86
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/uv/python-minor-patch-fa483f80a7

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 13, 2026

Copy link
Copy Markdown
Contributor

Bumps the python-minor-patch group with 6 updates:

Package From To
ruff 0.15.20 0.15.21
google-genai 2.10.0 2.11.0
openai 2.44.0 2.45.0
pgqueuer 1.1.0 1.1.1
plotly 6.8.0 6.9.0
fastmcp 3.4.3 3.4.4

Updates ruff from 0.15.20 to 0.15.21

Release notes

Sourced from ruff's releases.

0.15.21

Release Notes

Released on 2026-07-09.

Preview features

  • Add --add-ignore for adding ruff:ignore comments (#26346)
  • [flake8-comprehensions] Drop C409 tuple comprehension preview behavior (#25707)
  • Avoid whitespace normalization when formatting comments (#26455)
  • [pyupgrade] Lint and fix use of deprecated abc decorators (UP051) (#26417)

Bug fixes

  • Refine non-empty f-string detection (#26526)
  • Detect syntax errors in individual notebook cells (#26419)
  • [flake8-implicit-str-concat] Fix ISC003 autofix incorrectly stripping + from comments (#26554)

Rule changes

  • [flake8-executable] Mark EXE004 fix as unsafe (#26033)
  • [flake8-pyi] Mark PYI061 fixes as unsafe in Python files (#26533)
  • [pydocstyle] Skip overload-with-docstring in stub files (D418) (#26318)

Performance

  • Avoid per-token source index visitor calls (#26506)
  • Cache parenthesized expression boundaries in the formatter (#26344)
  • Improve performance of rendering edits in preview mode (#26565)
  • Inline fits_element in formatter (#26429)
  • Inline formatter printing hot paths (#26504)
  • Lazily create builtin bindings (#26510)
  • Skip empty trivia scans in the source indexer (#26507)
  • Use ICF for macOS release builds (#25780)

Formatter

  • Add --extend-exclude to ruff format (#26372)

Documentation

  • Add "How does Ruff's import sorting compare to isort?" link to README (#26530)
  • Fix Mozilla Firefox repository link in README (#26537)
  • [flake8-bandit] Fix misleading docstring for mako-templates (S702) (#26432)
  • [ruff] Fix non-triggering example for if-key-in-dict-del (RUF051) (#26433)

Contributors

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.21

Released on 2026-07-09.

Preview features

  • Add --add-ignore for adding ruff:ignore comments (#26346)
  • [flake8-comprehensions] Drop C409 tuple comprehension preview behavior (#25707)
  • Avoid whitespace normalization when formatting comments (#26455)
  • [pyupgrade] Lint and fix use of deprecated abc decorators (UP051) (#26417)

Bug fixes

  • Refine non-empty f-string detection (#26526)
  • Detect syntax errors in individual notebook cells (#26419)
  • [flake8-implicit-str-concat] Fix ISC003 autofix incorrectly stripping + from comments (#26554)

Rule changes

  • [flake8-executable] Mark EXE004 fix as unsafe (#26033)
  • [flake8-pyi] Mark PYI061 fixes as unsafe in Python files (#26533)
  • [pydocstyle] Skip overload-with-docstring in stub files (D418) (#26318)

Performance

  • Avoid per-token source index visitor calls (#26506)
  • Cache parenthesized expression boundaries in the formatter (#26344)
  • Improve performance of rendering edits in preview mode (#26565)
  • Inline fits_element in formatter (#26429)
  • Inline formatter printing hot paths (#26504)
  • Lazily create builtin bindings (#26510)
  • Skip empty trivia scans in the source indexer (#26507)
  • Use ICF for macOS release builds (#25780)

Formatter

  • Add --extend-exclude to ruff format (#26372)

Documentation

  • Add "How does Ruff's import sorting compare to isort?" link to README (#26530)
  • Fix Mozilla Firefox repository link in README (#26537)
  • [flake8-bandit] Fix misleading docstring for mako-templates (S702) (#26432)
  • [ruff] Fix non-triggering example for if-key-in-dict-del (RUF051) (#26433)

Contributors

... (truncated)

Commits

Updates google-genai from 2.10.0 to 2.11.0

Release notes

Sourced from google-genai's releases.

v2.11.0

2.11.0 (2026-07-09)

Features

  • Add environment_id in network config (df5f13a)
  • Add response_format and Translation_config in GenerationConfig (8928da3)
  • Add retrieval result step and new fields to maps and search results (d2b19f6)
  • Add Tool.exa_ai_search for Gemini Enterprise API (8928da3)
  • Support Function declarations during Agent Creation (bbeb934)

Bug Fixes

  • Avoid shadowing of built-in list in Python 3.14 (5a14046)
  • Event loop mismatch in GenAI SDK (10df4b1)
  • interactions: Accept both dict and list[dict] for transform (8c7cee3)

Documentation

  • Add Agent Platform MCP example to readme (cb2a2a3)

Code Refactoring

  • interactions: Remove cached_content, presence_penalty, and frequency_penalty; expose safety_settings and labels (ba552f7)
Changelog

Sourced from google-genai's changelog.

2.11.0 (2026-07-09)

Features

  • Add environment_id in network config (df5f13a)
  • Add response_format and Translation_config in GenerationConfig (8928da3)
  • Add retrieval result step and new fields to maps and search results (d2b19f6)
  • Add Tool.exa_ai_search for Gemini Enterprise API (8928da3)
  • Support Function declarations during Agent Creation (bbeb934)

Bug Fixes

  • Avoid shadowing of built-in list in Python 3.14 (5a14046)
  • Event loop mismatch in GenAI SDK (10df4b1)
  • interactions: Accept both dict and list[dict] for transform (8c7cee3)

Documentation

  • Add Agent Platform MCP example to readme (cb2a2a3)

Code Refactoring

  • interactions: Remove cached_content, presence_penalty, and frequency_penalty; expose safety_settings and labels (ba552f7)
Commits
  • d6a08d9 chore(main): release 2.11.0 (#2664)
  • 511e9b9 chore: release 2.11.0
  • bbeb934 feat: support Function declarations during Agent Creation
  • ba552f7 refactor(interactions)!: remove cached_content, presence_penalty, and frequen...
  • 7afde7c chore: Add multiple approval check for major releases
  • 8c7cee3 fix(interactions): accept both dict and list[dict] for transform
  • eb73db2 chore: Rename TextResponseFormat.schema to TextResponseFormat.jsonSchema to a...
  • 1518af3 chore: Remove default api-revision header
  • cb2a2a3 docs: Add Agent Platform MCP example to readme
  • 7c44cdd chore: sort 'properties' keys in OpenAPI schemas
  • Additional commits viewable in compare view

Updates openai from 2.44.0 to 2.45.0

Release notes

Sourced from openai's releases.

v2.45.0

2.45.0 (2026-07-09)

Full Changelog: v2.44.0...v2.45.0

Features

  • api: gpt-5.6-sol updates (039d1fe)

Bug Fixes

  • api: restore beta resource accessors (2dfc130)

Chores

  • retrigger release automation (7b61351)
Changelog

Sourced from openai's changelog.

2.45.0 (2026-07-09)

Full Changelog: v2.44.0...v2.45.0

Features

  • api: gpt-5.6-sol updates (039d1fe)

Bug Fixes

  • api: restore beta resource accessors (2dfc130)

Chores

  • retrigger release automation (7b61351)
Commits

Updates pgqueuer from 1.1.0 to 1.1.1

Release notes

Sourced from pgqueuer's releases.

v1.1.1

PgQueuer v1.1.1

Widens the id primary keys on queue, statistics, and schedules from int4 to BIGINT (#676, closes #671).

Fixes

  • id columns widened to BIGINT: the queue, statistics, and schedules primary keys were int4 SERIAL, capped at ~2.1 billion. The sequence never reuses values, so a long-lived deployment could exhaust it and fail every enqueue. Fresh installs now use BIGSERIAL. pgq upgrade widens existing int4 columns and their sequences to BIGINT in place. The migration is idempotent (guarded on column/sequence type) and safe to re-run.

Upgrade notes

⚠️ This migration takes an ACCESS EXCLUSIVE lock. Widening int4 to BIGINT rewrites the table and rebuilds its indexes, blocking enqueues, dequeues, and SELECTs until it finishes. Time scales with row count; on a large or bloated queue this can stall the queue for seconds to minutes.

  • Run pgq upgrade during a maintenance window or low-traffic period, or
  • Run pgq upgrade --no-widen-id to apply the other migrations and skip the widen, then widen out-of-band.

For a zero-downtime widen on a large table, see #671 and the postgres.ai runbook How to redefine a PK without downtime.

Full Changelog: janbjorge/pgqueuer@v1.1.0...v1.1.1

Commits

Updates plotly from 6.8.0 to 6.9.0

Release notes

Sourced from plotly's releases.

v6.9.0

Fixed

  • Raise a clear ValueError when an unsupported marginal plot type is passed to Plotly Express, instead of failing later with a cryptic 'NoneType' object has no attribute 'constructor' message [#5625], with thanks to @​eugen-goebel for the contribution!

Updated

  • Update plotly.js from version 3.6.0 to version 3.7.0. See the plotly.js release notes for more information [#5639]. Notable changes include:
    • Rename sendDataToCloud modebar button to sendChartToCloud, and update to upload chart to Plotly Cloud [#7802, #7852, #7854]. NOTE: The Plotly Cloud endpoint for receiving charts is not yet functional, so this button won't complete the upload.
    • Fix stale scattergl error bars after toggling traces with mixed error bar visibility [#7773], with thanks to @​JulienIcon for the contribution!
    • Fix geo fitbounds to choose a compact longitude range when point data straddles the antimeridian [#7837], with thanks to @​SharadhNaidu for the contribution!

Full Changelog: plotly/plotly.py@v6.8.0...v6.9.0

Changelog

Sourced from plotly's changelog.

[6.9.0] - 2026-07-09

Fixed

  • Raise a clear ValueError when an unsupported marginal plot type is passed to Plotly Express, instead of failing later with a cryptic 'NoneType' object has no attribute 'constructor' message [#5625], with thanks to @​eugen-goebel for the contribution!

Updated

  • Update plotly.js from version 3.6.0 to version 3.7.0. See the plotly.js release notes for more information [#5639]. Notable changes include:
    • Rename sendDataToCloud modebar button to sendChartToCloud, and update to upload chart to Plotly Cloud [#7802, #7852, #7854]. NOTE: The Plotly Cloud endpoint for receiving charts is not yet functional, so this button won't complete the upload.
    • Fix stale scattergl error bars after toggling traces with mixed error bar visibility [#7773], with thanks to @​JulienIcon for the contribution!
    • Fix geo fitbounds to choose a compact longitude range when point data straddles the antimeridian [#7837], with thanks to @​SharadhNaidu for the contribution!
Commits
  • 495134a update date
  • 2e824d8 version changes for v6.9.0
  • c27c986 Merge pull request #5639 from plotly/update-plotlyjs-3.7.0
  • 3d63d05 typos
  • fd7e3f1 update commands.py and CONTRIBUTING.md to reflect the fact that JS build arti...
  • 9a753fe update changelog
  • 4ff6656 update built JS artifacts
  • b3facc7 update plotly.js to v3.7.0
  • 5cdb606 Merge pull request #5630 from eugen-goebel/fix-marginal-error-message-spacing
  • 8d47808 Add missing space in unsupported-marginal error message
  • Additional commits viewable in compare view

Updates fastmcp from 3.4.3 to 3.4.4

Release notes

Sourced from fastmcp's releases.

v3.4.4: Host in Translation

FastMCP 3.4.4 restores HTTP deployment compatibility after the 3.4.3 Host/Origin guard changed default behavior for existing ASGI, serverless, and reverse-proxy deployments. The guard implementation remains available for deployments that opt in with explicit trusted hosts and origins, while 3.x returns to accepting traffic that worked before the patch. This release also adds Hugging Face OAuth provider support, with docs and examples for public and private apps, PKCE, Dynamic Client Registration, and CIMD.

What's Changed

Enhancements ✨

Fixes 🐞

Docs 📚

New Contributors

Full Changelog: PrefectHQ/fastmcp@v3.4.3...v3.4.4

Changelog

Sourced from fastmcp's changelog.


title: "Changelog" icon: "list-check" rss: true tag: NEW

v3.4.4: Host in Translation

FastMCP 3.4.4 restores HTTP deployment compatibility after the 3.4.3 Host/Origin guard changed default behavior for existing ASGI, serverless, and reverse-proxy deployments. The guard implementation remains available for deployments that opt in with explicit trusted hosts and origins, while 3.x returns to accepting traffic that worked before the patch. This release also adds Hugging Face OAuth provider support, with docs and examples for public and private apps, PKCE, Dynamic Client Registration, and CIMD.

Enhancements ✨

Fixes 🐞

New Contributors

Full Changelog: v3.4.3...v3.4.4

v3.4.3: The Fast and the Secure-ious

FastMCP 3.4.3 closes out a month of SSRF and OAuth hardening: NAT64, 6to4, Teredo, and ISATAP transition addresses can no longer smuggle private IPv4 targets past the SSRF allow-list, Streamable HTTP now validates Host and Origin before session handling to block DNS rebinding against localhost-bound servers, and OAuth redirect validation rejects unsafe schemes and unregistered DCR redirect URIs. Alongside the security work, this release also fixes proxy session teardown races, discriminator-tag handling in JSON schema conversion, and several smaller reliability issues.

Enhancements ✨

  • Dedupe discriminator-required helper across schema converters by @​jlowin in #4362
  • Add real Monty sandbox e2e coverage for CodeMode call_tool by @​AlexlaGuardia in #4274
  • Switch prettier hook to rbubley/mirrors-prettier by @​jlowin in #4366
  • feat(remote): add --verify flag for TLS certificate verification by @​jlowin in #4369

Security 🔒

Fixes 🐞

  • fix: caching middleware TypeError on cache miss due to mismatched call_next parameter by @​gmenziesint in #4301
  • Fix: async rate limiting middleware get_client_id callbacks by @​Chotom in #4319

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the python-minor-patch group with 6 updates:

| Package | From | To |
| --- | --- | --- |
| [ruff](https://github.com/astral-sh/ruff) | `0.15.20` | `0.15.21` |
| [google-genai](https://github.com/googleapis/python-genai) | `2.10.0` | `2.11.0` |
| [openai](https://github.com/openai/openai-python) | `2.44.0` | `2.45.0` |
| [pgqueuer](https://github.com/janbjorge/pgqueuer) | `1.1.0` | `1.1.1` |
| [plotly](https://github.com/plotly/plotly.py) | `6.8.0` | `6.9.0` |
| [fastmcp](https://github.com/PrefectHQ/fastmcp) | `3.4.3` | `3.4.4` |


Updates `ruff` from 0.15.20 to 0.15.21
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.20...0.15.21)

Updates `google-genai` from 2.10.0 to 2.11.0
- [Release notes](https://github.com/googleapis/python-genai/releases)
- [Changelog](https://github.com/googleapis/python-genai/blob/main/CHANGELOG.md)
- [Commits](googleapis/python-genai@v2.10.0...v2.11.0)

Updates `openai` from 2.44.0 to 2.45.0
- [Release notes](https://github.com/openai/openai-python/releases)
- [Changelog](https://github.com/openai/openai-python/blob/main/CHANGELOG.md)
- [Commits](openai/openai-python@v2.44.0...v2.45.0)

Updates `pgqueuer` from 1.1.0 to 1.1.1
- [Release notes](https://github.com/janbjorge/pgqueuer/releases)
- [Changelog](https://github.com/janbjorge/pgqueuer/blob/main/RELEASE.md)
- [Commits](janbjorge/pgqueuer@v1.1.0...v1.1.1)

Updates `plotly` from 6.8.0 to 6.9.0
- [Release notes](https://github.com/plotly/plotly.py/releases)
- [Changelog](https://github.com/plotly/plotly.py/blob/main/CHANGELOG.md)
- [Commits](plotly/plotly.py@v6.8.0...v6.9.0)

Updates `fastmcp` from 3.4.3 to 3.4.4
- [Release notes](https://github.com/PrefectHQ/fastmcp/releases)
- [Changelog](https://github.com/PrefectHQ/fastmcp/blob/main/docs/changelog.mdx)
- [Commits](PrefectHQ/fastmcp@v3.4.3...v3.4.4)

---
updated-dependencies:
- dependency-name: ruff
  dependency-version: 0.15.21
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: python-minor-patch
- dependency-name: google-genai
  dependency-version: 2.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-minor-patch
- dependency-name: openai
  dependency-version: 2.45.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-minor-patch
- dependency-name: pgqueuer
  dependency-version: 1.1.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-minor-patch
- dependency-name: plotly
  dependency-version: 6.9.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-minor-patch
- dependency-name: fastmcp
  dependency-version: 3.4.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-minor-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github

dependabot Bot commented on behalf of github Jul 13, 2026

Copy link
Copy Markdown
Contributor Author

Assignees

The following users could not be added as assignees: dependabot. Either the username does not exist or it does not have the correct permissions to be added as an assignee.

Labels

The following labels could not be found: dependencies, uv. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants