Skip to content

chore(deps): bump the package-updates group across 1 directory with 9 updates#3784

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/uv/package-updates-1d07bbb2b2
Open

chore(deps): bump the package-updates group across 1 directory with 9 updates#3784
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/uv/package-updates-1d07bbb2b2

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 20, 2026

Updates the requirements on django-health-check, django-storages[s3], django, environs[django], sentry-sdk, bandit[toml], django-stubs, pyrefly and ruff to permit the latest version.
Updates django-health-check from 4.2.2 to 4.4.0

Release notes

Sourced from django-health-check's releases.

4.4.0

What's Changed

New Contributors

Full Changelog: codingjoe/django-health-check@4.3.1...4.4.0

4.3.1

What's Changed

New Contributors

Full Changelog: codingjoe/django-health-check@4.3.0...4.3.1

4.3.0

What's Changed

Full Changelog: codingjoe/django-health-check@4.2.2...4.3.0

Commits
  • e480bc0 Resolve #724 -- Add public dataclass field as OpenMetric label (#725)
  • e56c871 Clean up storage probe files when validation fails (#717)
  • 3421a3c Update copilot review instructions
  • c674d2f Revert "Update celery requirement from >=5.0.0 to >=5.6.3"
  • 04a22e5 Revert "Update flit-core requirement from >=3.2 to >=3.12.0"
  • 4d47e8a Revert "Update aio-pika requirement from >=9.0.0 to >=9.6.2"
  • e0d4479 Revert "Update django requirement from >=5.2 to >=5.2.13"
  • 8994dcc Revert "Update confluent-kafka requirement from >=2.0.0 to >=2.14.0"
  • 1f31638 Ref #701 -- Add support for a custom executor for synchronous checks (#716)
  • b79e960 Bump actions/upload-pages-artifact from 4 to 5
  • Additional commits viewable in compare view

Updates django-storages[s3] to 1.14.6

Changelog

Sourced from django-storages[s3]'s changelog.

1.14.6 (2025-04-01)

Google Cloud

  • Add option to sign URLs via IAM Blob API ([#1427](https://github.com/jschneier/django-storages/issues/1427)_)

S3

  • Fix exists calls when using SSE-C ([#1451](https://github.com/jschneier/django-storages/issues/1451)_)
  • Default url_protocol to https: if set to None ([#1483](https://github.com/jschneier/django-storages/issues/1483)_)

.. _#1427: jschneier/django-storages#1427 .. _#1451: jschneier/django-storages#1451 .. _#1483: jschneier/django-storages#1483

1.14.5 (2025-02-15)

General

  • Revert exists() behavior to pre-1.14.4 semantics with additional hardening for Django versions < 4.2 to fix CVE-2024-39330. This change matches the eventual behavior Django itself shipped with. ([#1484](https://github.com/jschneier/django-storages/issues/1484), [#1486](https://github.com/jschneier/django-storages/issues/1486))
  • Add support for Django 5.1 ([#1444](https://github.com/jschneier/django-storages/issues/1444)_)

Azure

  • Deprecated: The setting AZURE_API_VERSION/api_version setting is deprecated in favor of the new AZURE_CLIENT_OPTIONS setting. A future version will remove support for this setting.
  • Add AZURE_CLIENT_OPTIONS settings to enable customization of all BlobServiceClient parameters such as api_version and all retry* options. ([#1432](https://github.com/jschneier/django-storages/issues/1432)_)

Dropbox

  • As part of the above hardening fix a bug was uncovered whereby a root_path setting would be applied multiple times during save() ([#1484](https://github.com/jschneier/django-storages/issues/1484)_)
  • Fix setting OAuth2 access token via env var ([#1452](https://github.com/jschneier/django-storages/issues/1452)_)

FTP

  • Fix incorrect exists() results due to an errant appended slash ([#1438](https://github.com/jschneier/django-storages/issues/1438)_)

Google Cloud

... (truncated)

Commits

Updates django from 5.2.13 to 6.0.4

Commits

Updates environs[django] to 15.0.1

Changelog

Sourced from environs[django]'s changelog.

15.0.1 (2026-04-06)

Bug fixes:

  • Exported environment variables take precedence over .env files (regression from 15.0.0) (#464). Thanks DougEdey-Slice for reporting.

15.0.0 (2026-03-31)

Features:

  • Env.read_env no longer mutates os.environ (#393). Values from .env files are loaded into the Env instance only. This comes with two breaking changes:
    • Env.read_env is now an instance method rather than a @staticmethod. Env.read_env() -> env.read_env()
    • The verbose parameter of read_env is been removed.

Other changes:

  • Drop support for marshmallow 3, which is EOL. marshmallow>=4.0.0 is supported.
  • Minor typing improvements (#463).

14.6.0 (2026-02-19)

Bug fixes:

  • Fix variable expansion with other characters (#359). Thanks flymanzhao for reporting and veeceey for the PR.

Other changes:

  • Update lowest supported marshmallow version to 3.26.2 (#448). Thanks whyscream for the PR.

14.5.0 (2025-11-02)

Features:

  • Add strip_whitespace param to FileAwareEnv (#431). Thanks eandersons for the suggestion and PR.

Other changes:

  • Drop support for Python 3.9, which is EOL.

14.4.0 (2025-10-29)

Features:

  • Add support for ISO 8601 durations to env.timedelta. (#434). Thanks lucas-bremond for the suggestion and PR.

... (truncated)

Commits

Updates sentry-sdk from 2.57.0 to 2.58.0

Release notes

Sourced from sentry-sdk's releases.

2.58.0

New Features ✨

Bug Fixes 🐛

Anthropic

Pydantic Ai

Other

Internal Changes 🔧

Litellm

Other

Other

Changelog

Sourced from sentry-sdk's changelog.

2.58.0

New Features ✨

Bug Fixes 🐛

Anthropic

Pydantic Ai

Other

Internal Changes 🔧

Litellm

Other

Other

Commits
  • ce445d9 release: 2.58.0
  • c0c0e9c feat(litellm): Add async callbacks (#5969)
  • ea74b63 test(litellm): Replace mocks with httpx types in rate-limit test (#5975)
  • 06ed1bc test(litellm): Replace mocks with httpx types in embedding tests (#5970)
  • 66ef2e6 test(litellm): Replace mocks with httpx types in nonstreaming `completion()...
  • 96ebbf6 fix(litellm): Avoid double span exits when streaming (#5933)
  • 7e22b5d build(deps): bump actions/github-script from 8.0.0 to 9.0.0 (#5979)
  • 35151a9 build(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 (#5980)
  • d1c5b53 build(deps): bump actions/create-github-app-token from 3.0.0 to 3.1.1 (#5981)
  • e255aaf build(deps): bump getsentry/testing-ai-sdk-integrations from 6b1f51ec8af03e19...
  • Additional commits viewable in compare view

Updates bandit[toml] to 1.9.4

Release notes

Sourced from bandit[toml]'s releases.

1.9.4

What's Changed

New Contributors

Full Changelog: PyCQA/bandit@1.9.3...1.9.4

Commits
  • 92ae8b8 Fix B106 reporting wrong line number on multiline function calls (#1360)
  • c8c8a55 Lower version guard in check_ast_node to Python 3.12 (#1355)
  • 8f2f928 Fix B615 false positive when revision is set via variable (#1358)
  • e27493f Include filename in nosec 'no failed test' warning (#1363)
  • b69b336 Fix B613 crash when reading from stdin (#1361)
  • e418b79 Bump docker/build-push-action from 6.18.0 to 6.19.2 (#1357)
  • ff646fd Bump docker/login-action from 3.6.0 to 3.7.0 (#1353)
  • c0def6c chore: fixed some typos in comments (#1351)
  • 765f00d Limit B614 to torch.load deserializers (#1348)
  • 06fbbab Bump docker/setup-buildx-action from 3.11.1 to 3.12.0 (#1347)
  • Additional commits viewable in compare view

Updates django-stubs from 5.2.9 to 6.0.3

Commits

Updates pyrefly from 0.60.2 to 0.61.1

Release notes

Sourced from pyrefly's releases.

Pyrefly v0.61.1

Full Changelog: facebook/pyrefly@0.61.0...0.61.1

Pyrefly v0.61.0

Full Changelog: facebook/pyrefly@0.60.2...0.61.0

Commits
  • 582ad83 Bump Pyrefly version to 0.61.1
  • b71ef04 Bump icu_decimal 2.1.1 -> 2.2.0
  • 526415a Update vendored wasm-bindgen to 0.2.118
  • 2335601 Keep specialization errors arising from hints to overloaded calls
  • 73b8f63 Use with_snapshot for is_subset_eq on unions
  • ce37688 Take instantiation errors into account in Subset::with_snapshot
  • e2e3874 Add Solver::has_new_instantiation_errors
  • 251ccae Check for key in instantiation_errors before removing it
  • 2d69b92 Reduce code repetition in is_subset_eq union case
  • 2f6fa7a Restore var state after failed Quantified checks in is_subset_eq
  • Additional commits viewable in compare view

Updates ruff from 0.15.10 to 0.15.11

Release notes

Sourced from ruff's releases.

0.15.11

Release Notes

Released on 2026-04-16.

Preview features

  • [ruff] Ignore RUF029 when function is decorated with asynccontextmanager (#24642)
  • [airflow] Implement airflow-xcom-pull-in-template-string (AIR201) (#23583)
  • [flake8-bandit] Fix S103 false positives and negatives in mask analysis (#24424)

Bug fixes

  • [flake8-async] Omit overridden methods for ASYNC109 (#24648)

Documentation

  • [flake8-async] Add override mention to ASYNC109 docs (#24666)
  • Update Neovim config examples to use vim.lsp.config (#24577)

Contributors

Install ruff 0.15.11

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/ruff/releases/download/0.15.11/ruff-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/ruff/releases/download/0.15.11/ruff-installer.ps1 | iex"

Download ruff 0.15.11

File Platform Checksum
ruff-aarch64-apple-darwin.tar.gz Apple Silicon macOS checksum
ruff-x86_64-apple-darwin.tar.gz Intel macOS checksum
ruff-aarch64-pc-windows-msvc.zip ARM64 Windows checksum
ruff-i686-pc-windows-msvc.zip x86 Windows checksum

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.11

Released on 2026-04-16.

Preview features

  • [ruff] Ignore RUF029 when function is decorated with asynccontextmanager (#24642)
  • [airflow] Implement airflow-xcom-pull-in-template-string (AIR201) (#23583)
  • [flake8-bandit] Fix S103 false positives and negatives in mask analysis (#24424)

Bug fixes

  • [flake8-async] Omit overridden methods for ASYNC109 (#24648)

Documentation

  • [flake8-async] Add override mention to ASYNC109 docs (#24666)
  • Update Neovim config examples to use vim.lsp.config (#24577)

Contributors

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the package-updates group across 1 directory with 9…
c5c72a3 
… updates

Updates the requirements on [django-health-check](https://github.com/codingjoe/django-health-check), [django-storages[s3]](https://github.com/jschneier/django-storages), [django](https://github.com/django/django), [environs[django]](https://github.com/sloria/environs), [sentry-sdk](https://github.com/getsentry/sentry-python), [bandit[toml]](https://github.com/PyCQA/bandit), [django-stubs](https://github.com/typeddjango/django-stubs), [pyrefly](https://github.com/facebook/pyrefly) and [ruff](https://github.com/astral-sh/ruff) to permit the latest version.

Updates `django-health-check` from 4.2.2 to 4.4.0
- [Release notes](https://github.com/codingjoe/django-health-check/releases)
- [Commits](codingjoe/django-health-check@4.2.2...4.4.0)

Updates `django-storages[s3]` to 1.14.6
- [Changelog](https://github.com/jschneier/django-storages/blob/master/CHANGELOG.rst)
- [Commits](jschneier/django-storages@1.14.4...1.14.6)

Updates `django` from 5.2.13 to 6.0.4
- [Commits](django/django@5.2.13...6.0.4)

Updates `environs[django]` to 15.0.1
- [Changelog](https://github.com/sloria/environs/blob/main/CHANGELOG.md)
- [Commits](sloria/environs@11.0.0...15.0.1)

Updates `sentry-sdk` from 2.57.0 to 2.58.0
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](getsentry/sentry-python@2.57.0...2.58.0)

Updates `bandit[toml]` to 1.9.4
- [Release notes](https://github.com/PyCQA/bandit/releases)
- [Commits](PyCQA/bandit@1.7.9...1.9.4)

Updates `django-stubs` from 5.2.9 to 6.0.3
- [Release notes](https://github.com/typeddjango/django-stubs/releases)
- [Commits](typeddjango/django-stubs@5.2.9...6.0.3)

Updates `pyrefly` from 0.60.2 to 0.61.1
- [Release notes](https://github.com/facebook/pyrefly/releases)
- [Commits](facebook/pyrefly@0.60.2...0.61.1)

Updates `ruff` from 0.15.10 to 0.15.11
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.10...0.15.11)

---
updated-dependencies:
- dependency-name: django-health-check
  dependency-version: 4.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: package-updates
- dependency-name: django-storages[s3]
  dependency-version: 1.14.6
  dependency-type: direct:production
  dependency-group: package-updates
- dependency-name: django
  dependency-version: 6.0.4
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: package-updates
- dependency-name: environs[django]
  dependency-version: 15.0.1
  dependency-type: direct:production
  dependency-group: package-updates
- dependency-name: sentry-sdk
  dependency-version: 2.58.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: package-updates
- dependency-name: bandit[toml]
  dependency-version: 1.9.4
  dependency-type: direct:development
  dependency-group: package-updates
- dependency-name: django-stubs
  dependency-version: 6.0.3
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: package-updates
- dependency-name: pyrefly
  dependency-version: 0.61.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: package-updates
- dependency-name: ruff
  dependency-version: 0.15.11
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: package-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update Python:uv code labels Apr 20, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@derkweijers derkweijers

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update Python:uv code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@derkweijers