Skip to content

chore(deps): bump the python-minor group across 1 directory with 5 updates#441

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/uv/python-minor-9e316033f9
Open

chore(deps): bump the python-minor group across 1 directory with 5 updates#441
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/uv/python-minor-9e316033f9

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Mar 30, 2026

Bumps the python-minor group with 5 updates in the / directory:

Package From To
podman 5.7.0 5.8.0
pyspark-connect 4.0.1 4.1.1
ruff 0.15.7 0.15.8
pygithub 2.8.1 2.9.0
ty 0.0.24 0.0.26

Updates podman from 5.7.0 to 5.8.0

Release notes

Sourced from podman's releases.

v5.8.0

What's Changed

New Contributors

Full Changelog: containers/podman-py@v5.7.0...v5.8.0

Commits
  • 58de2c6 Merge pull request #639 from inknos/5.8.0
  • 77bf780 Bump release to 5.8.0
  • 882adc8 TMT: update version donwstream to match release
  • dbbaee4 Merge pull request #627 from inknos/automate-releases
  • c0159aa Add release PR workflow
  • 4ae67dd Merge pull request #633 from inknos/post-quadlets
  • aa11e67 tests: Fix test_manifest_crud on arm64
  • 56e316e tests/integration: Skip test on non-x86_64 arches
  • 15b91cd Implement client.quadlets.install
  • a71d8dd add network_dns_servers as supported parameter to network.create
  • Additional commits viewable in compare view

Updates pyspark-connect from 4.0.1 to 4.1.1

Commits
  • c0690c7 Preparing Spark release v4.1.1-rc2
  • be0aa70 Removing test jars and class files
  • 31ecc10 Preparing development version 4.1.2-SNAPSHOT
  • e7001a0 Revert "Removing test jars and class files"
  • f85e407 Preparing Spark release v4.1.1-rc2
  • 3ba5a6a Removing test jars and class files
  • 6d1113b [SPARK-54753][SQL][4.1] Fix memory leak of ArtifactManager
  • bfc94ab Preparing development version 4.1.2-SNAPSHOT
  • 4a628d8 Revert "Removing test jars and class files"
  • 6392161 Preparing Spark release v4.1.1-rc1
  • Additional commits viewable in compare view

Updates ruff from 0.15.7 to 0.15.8

Release notes

Sourced from ruff's releases.

0.15.8

Release Notes

Released on 2026-03-26.

Preview features

  • [ruff] New rule unnecessary-if (RUF050) (#24114)
  • [ruff] New rule useless-finally (RUF072) (#24165)
  • [ruff] New rule f-string-percent-format (RUF073): warn when using % operator on an f-string (#24162)
  • [pyflakes] Recognize frozendict as a builtin for Python 3.15+ (#24100)

Bug fixes

  • [flake8-async] Use fully-qualified anyio.lowlevel import in autofix (ASYNC115) (#24166)
  • [flake8-bandit] Check tuple arguments for partial paths in S607 (#24080)
  • [pyflakes] Skip undefined-name (F821) for conditionally deleted variables (#24088)
  • E501/W505/formatter: Exclude nested pragma comments from line width calculation (#24071)
  • Fix %foo? parsing in IPython assignment expressions (#24152)
  • analyze graph: resolve string imports that reference attributes, not just modules (#24058)

Rule changes

  • [eradicate] ignore ty: ignore comments in ERA001 (#24192)
  • [flake8-bandit] Treat sys.executable as trusted input in S603 (#24106)
  • [flake8-self] Recognize Self annotation and self assignment in SLF001 (#24144)
  • [pyflakes] F507: Fix false negative for non-tuple RHS in %-formatting (#24142)
  • [refurb] Parenthesize generator arguments in FURB142 fixer (#24200)

Performance

  • Speed up diagnostic rendering (#24146)

Server

  • Warn when Markdown files are skipped due to preview being disabled (#24150)

Documentation

  • Clarify extend-ignore and extend-select settings documentation (#24064)
  • Mention AI policy in PR template (#24198)

Other changes

  • Use trusted publishing for NPM packages (#24171)

Contributors

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.8

Released on 2026-03-26.

Preview features

  • [ruff] New rule unnecessary-if (RUF050) (#24114)
  • [ruff] New rule useless-finally (RUF072) (#24165)
  • [ruff] New rule f-string-percent-format (RUF073): warn when using % operator on an f-string (#24162)
  • [pyflakes] Recognize frozendict as a builtin for Python 3.15+ (#24100)

Bug fixes

  • [flake8-async] Use fully-qualified anyio.lowlevel import in autofix (ASYNC115) (#24166)
  • [flake8-bandit] Check tuple arguments for partial paths in S607 (#24080)
  • [pyflakes] Skip undefined-name (F821) for conditionally deleted variables (#24088)
  • E501/W505/formatter: Exclude nested pragma comments from line width calculation (#24071)
  • Fix %foo? parsing in IPython assignment expressions (#24152)
  • analyze graph: resolve string imports that reference attributes, not just modules (#24058)

Rule changes

  • [eradicate] ignore ty: ignore comments in ERA001 (#24192)
  • [flake8-bandit] Treat sys.executable as trusted input in S603 (#24106)
  • [flake8-self] Recognize Self annotation and self assignment in SLF001 (#24144)
  • [pyflakes] F507: Fix false negative for non-tuple RHS in %-formatting (#24142)
  • [refurb] Parenthesize generator arguments in FURB142 fixer (#24200)

Performance

  • Speed up diagnostic rendering (#24146)

Server

  • Warn when Markdown files are skipped due to preview being disabled (#24150)

Documentation

  • Clarify extend-ignore and extend-select settings documentation (#24064)
  • Mention AI policy in PR template (#24198)

Other changes

  • Use trusted publishing for NPM packages (#24171)

Contributors

... (truncated)

Commits
  • c2a8815 Release 0.15.8 (#24217)
  • d444d52 [ty] Infer lambda expressions with Callable type context (#22633)
  • 9622285 [ty] Autocomplete arguments if in arguments node (#24167)
  • d812662 Use the release environment in publish-docs (#24214)
  • eda2355 [ty] Show Final source in final assignment diagnostic (#24194)
  • 929eb52 [ty] Enforce Final attribute assignment rules for annotated and augmented wri...
  • 34998be [ty] Fix typo in comment (#24211)
  • 560aca0 [ty] Minor simplifications to some benchmark code (#24209)
  • 683bae5 [ty] Track non-terminal-call constraints in global scope (#23245)
  • 4704c2a [ty] Remove unnecessary intermediate collection in `StaticClassLiteral::field...
  • Additional commits viewable in compare view

Updates pygithub from 2.8.1 to 2.9.0

Release notes

Sourced from pygithub's releases.

v2.9.0

Notable changes

Lazy PyGithub objects

The notion of lazy objects has been added to some PyGithub classes in version 2.6.0. This release now makes all CompletableGithubObjects optionally lazy (if useful). See PyGithub/PyGithub#3403 for a complete list.

In lazy mode, getting a PyGithub object does not send a request to the GitHub API. Only accessing methods and properties sends the necessary requests to the GitHub API:

# Use lazy mode
g = Github(auth=auth, lazy=True)
these method calls do not send requests to the GitHub API
user = g.get_user("PyGithub")    # get the user
repo = user.get_repo("PyGithub") # get the user's repo
pull = repo.get_pull(3403)       # get a known pull request
issue = pull.as_issue()          # turn the pull request into an issue
these method and property calls send requests to Github API
issue.create_reaction("rocket")  # create a reaction
created = repo.created_at        # get property of lazy object repo
once a lazy object has been fetched, all properties are available (no more requests)
licence = repo.license

All PyGithub classes that implement CompletableGithubObject support lazy mode (if useful). This is only useful for classes that have methods creating, changing, or getting objects.

By default, PyGithub objects are not lazy.

PyGithub objects with a paginated property

The GitHub API has the "feature" of paginated properties. Some objects returned by the API have a property that allows for pagination. Fetching subsequent pages of that property means fetching the entire object (with all other properties) and the specified page of the paginated property. Iterating over the paginated property means fetching all other properties multiple times. Fortunately, the allowed size of each page (per_page is usually 300, in contrast to the "usual" per_page maximum of 100).

Objects with paginated properties:

  • Commit.files
  • Comparison.commits
  • EnterpriseConsumedLicenses.users

This PR makes iterating those paginated properties use the configured per_page setting.

It further allows to specify an individual per_page when either retrieving such objects, or fetching paginated properties.

See Classes with paginated properties for details.

Drop Python 3.8 support due to End-of-Life

Python 3.8 reached its end-of-life September 6, 2024. Support has been removed with this release.

... (truncated)

Changelog

Sourced from pygithub's changelog.

Version 2.9.0 (March 22, 2026)

Notable changes ^^^^^^^^^^^^^^^

Lazy PyGithub objects """""""""""""""""""""

The notion of lazy objects has been added to some PyGithub classes in version 2.6.0. This release now makes all CompletableGithubObject\s optionally lazy (if useful). See [#3403](https://github.com/pygithub/pygithub/issues/3403) <https://github.com/PyGithub/PyGithub/pull/3403>_ for a complete list.

In lazy mode, getting a PyGithub object does not send a request to the GitHub API. Only accessing methods and properties sends the necessary requests to the GitHub API:

.. code-block:: python

# Use lazy mode
g = Github(auth=auth, lazy=True)

these method calls do not send requests to the GitHub API


user = g.get_user("PyGithub")    # get the user
repo = user.get_repo("PyGithub") # get the user's repo
pull = repo.get_pull(3403)       # get a known pull request
issue = pull.as_issue()          # turn the pull request into an issue


these method and property calls send requests to Github API


issue.create_reaction("rocket")  # create a reaction
created = repo.created_at        # get property of lazy object repo


once a lazy object has been fetched, all properties are available (no more requests)


licence = repo.license

All PyGithub classes that implement CompletableGithubObject support lazy mode (if useful). This is only useful for classes that have methods creating, changing, or getting objects.

By default, PyGithub objects are not lazy.

PyGithub objects with a paginated property """"""""""""""""""""""""""""""""""""""""""

The GitHub API has the "feature" of paginated properties. Some objects returned by the API have a property that allows for pagination. Fetching subsequent pages of that property means fetching the entire object (with all other properties) and the specified page of the paginated property. Iterating over the paginated property means fetching all other properties multiple times. Fortunately, the allowed size of each page (per_page is usually 300, in contrast to the "usual" per_page maximum of 100).

Objects with paginated properties:

... (truncated)

Commits

Updates ty from 0.0.24 to 0.0.26

Release notes

Sourced from ty's releases.

0.0.26

Release Notes

Released on 2026-03-26.

Bug fixes

  • Prevent "too many cycle iteration" panics in more situations (#24061)
  • Fix false positives and false negatives when unpacking a union of tuples into a function call (#23298)

Core type checking

  • Add support for typing.Concatenate (#23689)
  • Validate the return type of generator functions (#24026)
  • Support dataclass field converters (#23088)
  • Disallow Self in metaclass and static methods (#23231)
  • Improve call inference for keyword-only dict() (#24103)
  • Respect non-explicitly defined dataclass_transform params (#24170)
  • Unconditionally silence diagnostics in unreachable code (#24179)
  • Respect terminal-function-call narrowing in global scope (#23245)

Performance

  • Fix performance regression for narrowing on a larger Literal type(#24185)

Contributors

Install ty 0.0.26

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/ty/releases/download/0.0.26/ty-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/ty/releases/download/0.0.26/ty-installer.ps1 | iex"

Download ty 0.0.26

... (truncated)

Changelog

Sourced from ty's changelog.

0.0.26

Released on 2026-03-26.

Bug fixes

  • Prevent "too many cycle iteration" panics in more situations (#24061)
  • Fix false positives and false negatives when unpacking a union of tuples into a function call (#23298)

Core type checking

  • Add support for typing.Concatenate (#23689)
  • Validate the return type of generator functions (#24026)
  • Support dataclass field converters (#23088)
  • Disallow Self in metaclass and static methods (#23231)
  • Improve call inference for keyword-only dict() (#24103)
  • Respect non-explicitly defined dataclass_transform params (#24170)
  • Unconditionally silence diagnostics in unreachable code (#24179)
  • Respect terminal-function-call narrowing in global scope (#23245)

Performance

  • Fix performance regression for narrowing on a larger Literal type(#24185)

Contributors

0.0.25

Released on 2026-03-24.

Breaking changes

  • Support type:ignore[ty:code] suppressions (#24096)

Bug fixes

  • Avoid eager TypedDict diagnostics in TypedDict | dict unions (#24151)
  • Fix Salsa panic propagation (#24141)
  • Fix folding ranges of comments separated by statements (#24132)
  • Fix loop-header reachability cycles in conditional unpacking (#24006)
  • Fix subtyping of intersections containing NewTypes of unions vs. unions (#24087)
  • Fix untracked reads in Salsa queries that can lead to backdating panics (#24051)

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the python-minor group across 1 directory with 5 up…
ce9f1e7 
…dates

Bumps the python-minor group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [podman](https://github.com/containers/podman-py) | `5.7.0` | `5.8.0` |
| [pyspark-connect](https://github.com/apache/spark) | `4.0.1` | `4.1.1` |
| [ruff](https://github.com/astral-sh/ruff) | `0.15.7` | `0.15.8` |
| [pygithub](https://github.com/pygithub/pygithub) | `2.8.1` | `2.9.0` |
| [ty](https://github.com/astral-sh/ty) | `0.0.24` | `0.0.26` |



Updates `podman` from 5.7.0 to 5.8.0
- [Release notes](https://github.com/containers/podman-py/releases)
- [Commits](containers/podman-py@v5.7.0...v5.8.0)

Updates `pyspark-connect` from 4.0.1 to 4.1.1
- [Commits](apache/spark@v4.0.1...v4.1.1)

Updates `ruff` from 0.15.7 to 0.15.8
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.7...0.15.8)

Updates `pygithub` from 2.8.1 to 2.9.0
- [Release notes](https://github.com/pygithub/pygithub/releases)
- [Changelog](https://github.com/PyGithub/PyGithub/blob/main/doc/changes.rst)
- [Commits](PyGithub/PyGithub@v2.8.1...v2.9.0)

Updates `ty` from 0.0.24 to 0.0.26
- [Release notes](https://github.com/astral-sh/ty/releases)
- [Changelog](https://github.com/astral-sh/ty/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ty@0.0.24...0.0.26)

---
updated-dependencies:
- dependency-name: podman
  dependency-version: 5.8.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-minor
- dependency-name: pyspark-connect
  dependency-version: 4.1.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-minor
- dependency-name: ruff
  dependency-version: 0.15.8
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: python-minor
- dependency-name: pygithub
  dependency-version: 2.9.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: python-minor
- dependency-name: ty
  dependency-version: 0.0.26
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: python-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot bot commented on behalf of github Mar 30, 2026

Labels

The following labels could not be found: dependencies, python. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot bot requested review from Copilot and removed request for Copilot March 30, 2026 23:24
@google-oss-prow
Copy link
Copy Markdown
Contributor

google-oss-prow bot commented Mar 30, 2026

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign electronic-waste for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Mar 30, 2026

🎉 Welcome to the Kubeflow SDK! 🎉

Thanks for opening your first PR! We're happy to have you as part of our community 🚀

Here's what happens next:

  • If you haven't already, please check out our Contributing Guide for repo-specific guidelines and the Kubeflow Contributor Guide for general community standards
  • Our team will review your PR soon! cc @kubeflow/kubeflow-sdk-team

Join the community:

Feel free to ask questions in the comments if you need any help or clarification!
Thanks again for contributing to Kubeflow! 🙏

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@astefanutti astefanutti Awaiting requested review from astefanutti

@kramaranya kramaranya Awaiting requested review from kramaranya

@szaher szaher Awaiting requested review from szaher

Assignees

No one assigned

Labels

size/L

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants