Skip to content

⬆ Bump the python-packages group with 9 updates#807

Merged
yezz123 merged 1 commit intomainfrom
dependabot/uv/python-packages-2a542edc38
Feb 16, 2026
Merged

⬆ Bump the python-packages group with 9 updates#807
yezz123 merged 1 commit intomainfrom
dependabot/uv/python-packages-2a542edc38

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Feb 16, 2026

Bumps the python-packages group with 9 updates:

Package From To
fastapi 0.128.6 0.128.8
pydantic-settings 2.6.1 2.11.0
pytz 2024.2 2025.2
python-jose 3.4.0 3.5.0
sqlalchemy 2.0.45 2.0.46
ruff 0.14.10 0.15.1
types-python-dateutil 2.9.0.20251115 2.9.0.20260124
pymdown-extensions 10.20 10.21
typer 0.21.0 0.23.1

Updates fastapi from 0.128.6 to 0.128.8

Release notes

Sourced from fastapi's releases.

0.128.8

Docs

Internal

0.128.7

Features

Refactors

  • ♻️ Simplify reading files in memory, do it sequentially instead of (fake) parallel. PR #14884 by @​tiangolo.

Docs

Internal

Commits
  • bdd2005 🔖 Release version 0.128.8
  • 1ed9bd4 📝 Update release notes
  • aac30fd 🔨 Tweak PDM hook script (#14895)
  • 417f1ee 📝 Update release notes
  • ffb8965 ♻️ Update build setup for fastapi-slim, deprecate it, and make it only depe...
  • 93fa935 📝 Update release notes
  • f0f3e7a 📝 Fix grammar in docs/en/docs/tutorial/first-steps.md (#14708)
  • 8f82c94 🔖 Release version 0.128.7
  • 5bb3423 📝 Update release notes
  • 6ce5e3e ✅ Tweak comment in test to reference PR (#14885)
  • Additional commits viewable in compare view

Updates pydantic-settings from 2.6.1 to 2.11.0

Release notes

Sourced from pydantic-settings's releases.

v2.11.0

What's Changed

New Contributors

Full Changelog: pydantic/pydantic-settings@2.10.1...v2.11.0

v2.10.1

What's Changed

Full Changelog: pydantic/pydantic-settings@2.10.0...2.10.1

v2.10.0

What's Changed

... (truncated)

Commits

Updates pytz from 2024.2 to 2025.2

Commits
  • 82e0891 Bump version numbers to 2024.2 (2024b)
  • 277b33c IANA 2025b
  • 07d8e91 Squashed 'tz/' changes from a8e2fcd87b..a84610f010
  • 00ad7f1 Bump version numbers to 2025.1 / 2025a
  • 7abdc14 Squashed 'tz/' changes from 6903dde39e..5ad5cfba5b
  • f3a8f38 IANA 2025a
  • See full diff in compare view

Updates python-jose from 3.4.0 to 3.5.0

Release notes

Sourced from python-jose's releases.

3.5.0

  • Remove support for Python 3.8
  • Added support for Python 3.12 & 3.13
  • Upgrade to pyasn1 0.5.1+
  • Upgrade to pytest and other dependencies
  • Add RTD config file to silence emailed deprecation warnings

Bug fixes and Improvements

  • Remove get_random_bytes from cryptography backend
  • Do not use utc_now on module level
  • Remove key data (sensitive information) from JWKError exceptions
  • Added possibility to call jwk.construct() with a private RSA key

https://pypi.org/project/python-jose/3.5.0/

Changelog

Sourced from python-jose's changelog.

3.5.0 -- 2025-05-28

News

  • Remove support for Python 3.8
  • Added support for Python 3.12 & 3.13
  • Upgrade to pyasn1 0.5.1+
  • Upgrade to pytest and other dependencies
  • Add RTD config file to silence emailed deprecation warnings

Bug fixes and Improvements

  • Remove get_random_bytes from cryptography backend
  • Do not use utc_now on module level
  • Remove key data (sensitive information) from JWKError exceptions
  • Added possibility to call jwk.construct() with a private RSA key
Commits

Updates sqlalchemy from 2.0.45 to 2.0.46

Release notes

Sourced from sqlalchemy's releases.

2.0.46

Released: January 21, 2026

typing

  • [typing] [bug] Fixed typing issues where ORM mapped classes and aliased entities could not be used as keys in result row mappings or as join targets in select statements. Patterns such as row._mapping[User], row._mapping[aliased(User)], row._mapping[with_polymorphic(...)] (rejected by both mypy and Pylance), and .join(aliased(User)) (rejected by Pylance) are documented and fully supported at runtime but were previously rejected by type checkers. The type definitions for _KeyType and _FromClauseArgument have been updated to accept these ORM entity types.

    References: #13075

postgresql

  • [postgresql] [bug] Fixed issue where PostgreSQL JSONB operators _postgresql.JSONB.Comparator.path_match() and _postgresql.JSONB.Comparator.path_exists() were applying incorrect VARCHAR casts to the right-hand side operand when used with newer PostgreSQL drivers such as psycopg. The operators now indicate the right-hand type as JSONPATH, which currently results in no casting taking place, but is also compatible with explicit casts if the implementation were require it at a later point.

    References: #13059

  • [postgresql] [bug] Fixed regression in PostgreSQL dialect where JSONB subscription syntax would generate incorrect SQL for cast() expressions returning JSONB, causing syntax errors. The dialect now properly wraps cast expressions in parentheses when using the [] subscription syntax, generating (CAST(...))[index] instead of CAST(...)[index] to comply with PostgreSQL syntax requirements. This extends the fix from #12778 which addressed the same issue for function calls.

    References: #13067

  • [postgresql] [bug] Improved the foreign key reflection regular expression pattern used by the PostgreSQL dialect to be more permissive in matching identifier characters, allowing it to correctly handle unicode characters in table and column names. This change improves compatibility with PostgreSQL variants such as CockroachDB that may use different quoting patterns in combination with unicode characters in their identifiers. Pull request courtesy Gord Thompson.

... (truncated)

Commits

Updates ruff from 0.14.10 to 0.15.1

Release notes

Sourced from ruff's releases.

0.15.1

Release Notes

Released on 2026-02-12.

Preview features

  • [airflow] Add ruff rules to catch deprecated Airflow imports for Airflow 3.1 (AIR321) (#22376)
  • [airflow] Third positional parameter not named ti_key should be flagged for BaseOperatorLink.get_link (AIR303) (#22828)
  • [flake8-gettext] Fix false negatives for plural argument of ngettext (INT001, INT002, INT003) (#21078)
  • [pyflakes] Fix infinite loop in preview fix for unused-import (F401) (#23038)
  • [pygrep-hooks] Detect non-existent mock methods in standalone expressions (PGH005) (#22830)
  • [pylint] Allow dunder submodules and improve diagnostic range (PLC2701) (#22804)
  • [pyupgrade] Improve diagnostic range for tuples (UP024) (#23013)
  • [refurb] Check subscripts in tuple do not use lambda parameters in reimplemented-operator (FURB118) (#23079)
  • [ruff] Detect mutable defaults in field calls (RUF008) (#23046)
  • [ruff] Ignore std cmath.inf (RUF069) (#23120)
  • [ruff] New rule float-equality-comparison (RUF069) (#20585)
  • Don't format unlabeled Markdown code blocks (#23106)
  • Markdown formatting support in LSP (#23063)
  • Support Quarto Markdown language markers (#22947)
  • Support formatting pycon Markdown code blocks (#23112)
  • Use extension mapping to select Markdown code block language (#22934)

Bug fixes

  • Avoid false positive for undefined variables in FAST001 (#23224)
  • Avoid introducing syntax errors for FAST003 autofix (#23227)
  • Avoid suggesting InitVar for __post_init__ that references PEP 695 type parameters (#23226)
  • Deduplicate type variables in generic functions (#23225)
  • Fix exception handler parenthesis removal for Python 3.14+ (#23126)
  • Fix f-string middle panic when parsing t-strings (#23232)
  • Wrap RUF020 target for multiline fixes (#23210)
  • Wrap UP007 target for multiline fixes (#23208)
  • Fix missing diagnostics for last range suppression in file (#23242)
  • [pyupgrade] Fix syntax error on string with newline escape and comment (UP037) (#22968)

Rule changes

  • Use ruff instead of Ruff as the program name in GitHub output format (#23240)
  • [PT006] Fix syntax error when unpacking nested tuples in parametrize fixes (#22441) (#22464)
  • [airflow] Catch deprecated attribute access from context key for Airflow 3.0 (AIR301) (#22850)
  • [airflow] Capture deprecated arguments and a decorator (AIR301) (#23170)
  • [flake8-boolean-trap] Add multiprocessing.Value to excluded functions for FBT003 (#23010)
  • [flake8-bugbear] Add a secondary annotation showing the previous occurrence (B033) (#22634)
  • [flake8-type-checking] Add sub-diagnostic showing the runtime use of an annotation (TC004) (#23091)
  • [isort] Support configurable import section heading comments (#23151)
  • [ruff] Improve the diagnostic for RUF012 (#23202)

Formatter

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.1

Released on 2026-02-12.

Preview features

  • [airflow] Add ruff rules to catch deprecated Airflow imports for Airflow 3.1 (AIR321) (#22376)
  • [airflow] Third positional parameter not named ti_key should be flagged for BaseOperatorLink.get_link (AIR303) (#22828)
  • [flake8-gettext] Fix false negatives for plural argument of ngettext (INT001, INT002, INT003) (#21078)
  • [pyflakes] Fix infinite loop in preview fix for unused-import (F401) (#23038)
  • [pygrep-hooks] Detect non-existent mock methods in standalone expressions (PGH005) (#22830)
  • [pylint] Allow dunder submodules and improve diagnostic range (PLC2701) (#22804)
  • [pyupgrade] Improve diagnostic range for tuples (UP024) (#23013)
  • [refurb] Check subscripts in tuple do not use lambda parameters in reimplemented-operator (FURB118) (#23079)
  • [ruff] Detect mutable defaults in field calls (RUF008) (#23046)
  • [ruff] Ignore std cmath.inf (RUF069) (#23120)
  • [ruff] New rule float-equality-comparison (RUF069) (#20585)
  • Don't format unlabeled Markdown code blocks (#23106)
  • Markdown formatting support in LSP (#23063)
  • Support Quarto Markdown language markers (#22947)
  • Support formatting pycon Markdown code blocks (#23112)
  • Use extension mapping to select Markdown code block language (#22934)

Bug fixes

  • Avoid false positive for undefined variables in FAST001 (#23224)
  • Avoid introducing syntax errors for FAST003 autofix (#23227)
  • Avoid suggesting InitVar for __post_init__ that references PEP 695 type parameters (#23226)
  • Deduplicate type variables in generic functions (#23225)
  • Fix exception handler parenthesis removal for Python 3.14+ (#23126)
  • Fix f-string middle panic when parsing t-strings (#23232)
  • Wrap RUF020 target for multiline fixes (#23210)
  • Wrap UP007 target for multiline fixes (#23208)
  • Fix missing diagnostics for last range suppression in file (#23242)
  • [pyupgrade] Fix syntax error on string with newline escape and comment (UP037) (#22968)

Rule changes

  • Use ruff instead of Ruff as the program name in GitHub output format (#23240)
  • [PT006] Fix syntax error when unpacking nested tuples in parametrize fixes (#22441) (#22464)
  • [airflow] Catch deprecated attribute access from context key for Airflow 3.0 (AIR301) (#22850)
  • [airflow] Capture deprecated arguments and a decorator (AIR301) (#23170)
  • [flake8-boolean-trap] Add multiprocessing.Value to excluded functions for FBT003 (#23010)
  • [flake8-bugbear] Add a secondary annotation showing the previous occurrence (B033) (#22634)
  • [flake8-type-checking] Add sub-diagnostic showing the runtime use of an annotation (TC004) (#23091)
  • [isort] Support configurable import section heading comments (#23151)
  • [ruff] Improve the diagnostic for RUF012 (#23202)

Formatter

... (truncated)

Commits
  • a2f11d2 Prepare for 0.15.1 (#23253)
  • d29628e Remove docker-run-action (#23254)
  • 8a04266 [ty] Allow discovering dependencies in system Python environments (#22994)
  • 55d06c8 Ensure pending suppression diagnostics are reported (#23242)
  • d056a9f [isort] support for configurable import section heading comments (#23151)
  • e22fa4f [ty] Fix method calls on subclasses of Any (#23248)
  • fa56c15 [ty] Fix bound method access on None (#23246)
  • 4fd07d0 Make range suppression test snapshot actually useful (#23251)
  • 8c63bce [ty] Include conditional symbols (like datetime.UTC) in auto-import in more...
  • 46be943 Exclude WASM artifacts from GitHub releases (#23221)
  • Additional commits viewable in compare view

Updates types-python-dateutil from 2.9.0.20251115 to 2.9.0.20260124

Commits

Updates pymdown-extensions from 10.20 to 10.21

Release notes

Sourced from pymdown-extensions's releases.

10.21

  • NEW: Caption: Add support for specifying not only IDs but classes and arbitrary attributes. Initial work by @​joapuiib.
  • FIX: MagicLink: Fix a matching pattern for Bitbucket repo.
Commits

Updates typer from 0.21.0 to 0.23.1

Release notes

Sourced from typer's releases.

0.23.1

Fixes

  • 🐛 Fix TYPER_USE_RICH parsing to allow disabling Rich completely. PR #1539 by @​bckohan.

Docs

  • 📝 Remove documentation pages that reference using Click directly. PR #1538 by @​svlandeg.

Internal

0.23.0

Breaking Changes

  • ♻️ When printing error tracebacks with Rich, default to not showing locals, which are sometimes verbose. PR #1072 by @​tiangolo.

Docs

  • 📝 Add more explicit deprecation note in shell packages. PR #1534 by @​tiangolo.

Internal

0.22.0

Breaking Changes

  • 💥 Make typer-slim a shallow wrapper around typer, always requiring rich and shellingham. PR #1522 by @​svlandeg.

0.21.2

Fixes

  • 🐛 Fix highlighting of optional variadic argument metavars. PR #1508 by @​BenjyWiener.
  • 🐛 Fix --help text alignment when using typer.style() in option descriptions. PR #1356 by @​mahimairaja.

Refactors

Upgrades

Docs

... (truncated)

Changelog

Sourced from typer's changelog.

0.23.1

Fixes

  • 🐛 Fix TYPER_USE_RICH parsing to allow disabling Rich completely. PR #1539 by @​bckohan.

Docs

  • 📝 Remove documentation pages that reference using Click directly. PR #1538 by @​svlandeg.

Internal

0.23.0

Breaking Changes

  • ♻️ When printing error tracebacks with Rich, default to not showing locals, which are sometimes verbose. PR #1072 by @​tiangolo.

Docs

  • 📝 Add more explicit deprecation note in shell packages. PR #1534 by @​tiangolo.

Internal

0.22.0

Breaking Changes

  • 💥 Make typer-slim a shallow wrapper around typer, always requiring rich and shellingham. PR #1522 by @​svlandeg.

0.21.2

Fixes

  • 🐛 Fix highlighting of optional variadic argument metavars. PR #1508 by @​BenjyWiener.
  • 🐛 Fix --help text alignment when using typer.style() in option descriptions. PR #1356 by @​mahimairaja.

Refactors

Upgrades

... (truncated)

Commits
  • d2d9f59 🔖 Release version 0.23.1
  • bc0f4b7 📝 Update release notes
  • 1edb599 🐛 Fix TYPER_USE_RICH parsing to allow disabling Rich completely (#1539)
  • d1cb863 📝 Update release notes
  • 2f265f2 📝 Remove documentation pages that reference using Click directly (#1538)
  • 40430e1 📝 Update release notes
  • 6413588 ⬆ Bump ty from 0.0.15 to 0.0.16 (#1533)
  • 6f2b111 🔖 Release version 0.23.0
  • 56d81f0 📝 Update release notes
  • 458325d ♻️ When printing error tracebacks with Rich, default to not showing locals, w...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
⬆ Bump the python-packages group with 9 updates
906d975 
Bumps the python-packages group with 9 updates:

| Package | From | To |
| --- | --- | --- |
| [fastapi](https://github.com/fastapi/fastapi) | `0.128.6` | `0.128.8` |
| [pydantic-settings](https://github.com/pydantic/pydantic-settings) | `2.6.1` | `2.11.0` |
| [pytz](https://github.com/stub42/pytz) | `2024.2` | `2025.2` |
| [python-jose](https://github.com/mpdavis/python-jose) | `3.4.0` | `3.5.0` |
| [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) | `2.0.45` | `2.0.46` |
| [ruff](https://github.com/astral-sh/ruff) | `0.14.10` | `0.15.1` |
| [types-python-dateutil](https://github.com/typeshed-internal/stub_uploader) | `2.9.0.20251115` | `2.9.0.20260124` |
| [pymdown-extensions](https://github.com/facelessuser/pymdown-extensions) | `10.20` | `10.21` |
| [typer](https://github.com/fastapi/typer) | `0.21.0` | `0.23.1` |


Updates `fastapi` from 0.128.6 to 0.128.8
- [Release notes](https://github.com/fastapi/fastapi/releases)
- [Commits](fastapi/fastapi@0.128.6...0.128.8)

Updates `pydantic-settings` from 2.6.1 to 2.11.0
- [Release notes](https://github.com/pydantic/pydantic-settings/releases)
- [Commits](pydantic/pydantic-settings@v2.6.1...v2.11.0)

Updates `pytz` from 2024.2 to 2025.2
- [Release notes](https://github.com/stub42/pytz/releases)
- [Commits](stub42/pytz@release_2024.2...release_2025.2)

Updates `python-jose` from 3.4.0 to 3.5.0
- [Release notes](https://github.com/mpdavis/python-jose/releases)
- [Changelog](https://github.com/mpdavis/python-jose/blob/master/CHANGELOG.md)
- [Commits](mpdavis/python-jose@3.4.0...3.5.0)

Updates `sqlalchemy` from 2.0.45 to 2.0.46
- [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases)
- [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst)
- [Commits](https://github.com/sqlalchemy/sqlalchemy/commits)

Updates `ruff` from 0.14.10 to 0.15.1
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.14.10...0.15.1)

Updates `types-python-dateutil` from 2.9.0.20251115 to 2.9.0.20260124
- [Commits](https://github.com/typeshed-internal/stub_uploader/commits)

Updates `pymdown-extensions` from 10.20 to 10.21
- [Release notes](https://github.com/facelessuser/pymdown-extensions/releases)
- [Commits](facelessuser/pymdown-extensions@10.20...10.21)

Updates `typer` from 0.21.0 to 0.23.1
- [Release notes](https://github.com/fastapi/typer/releases)
- [Changelog](https://github.com/fastapi/typer/blob/master/docs/release-notes.md)
- [Commits](fastapi/typer@0.21.0...0.23.1)

---
updated-dependencies:
- dependency-name: fastapi
  dependency-version: 0.128.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-packages
- dependency-name: pydantic-settings
  dependency-version: 2.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-packages
- dependency-name: pytz
  dependency-version: '2025.2'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: python-packages
- dependency-name: python-jose
  dependency-version: 3.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-packages
- dependency-name: sqlalchemy
  dependency-version: 2.0.46
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: python-packages
- dependency-name: ruff
  dependency-version: 0.15.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: python-packages
- dependency-name: types-python-dateutil
  dependency-version: 2.9.0.20260124
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: python-packages
- dependency-name: pymdown-extensions
  dependency-version: '10.21'
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: python-packages
- dependency-name: typer
  dependency-version: 0.23.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: python-packages
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the upgrade label Feb 16, 2026
@vercel
Copy link
Copy Markdown

vercel bot commented Feb 16, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
authx Ready Ready Preview, Comment Feb 16, 2026 4:50am

@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud bot commented Feb 16, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@yezz123 yezz123 merged commit 78aa96b into main Feb 16, 2026
19 checks passed
@yezz123 yezz123 deleted the dependabot/uv/python-packages-2a542edc38 branch February 16, 2026 13:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

upgrade

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@yezz123