Skip to content

build(deps): bump the production-dependencies group with 3 updates#361

Merged
zachdaniel merged 1 commit intomainfrom
dependabot/hex/production-dependencies-27ed390ea7
Feb 2, 2026
Merged

build(deps): bump the production-dependencies group with 3 updates#361
zachdaniel merged 1 commit intomainfrom
dependabot/hex/production-dependencies-27ed390ea7

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 1, 2026
edited
Loading

Bumps the production-dependencies group with 3 updates: req, sourceror and spitfire.

Updates req from 0.5.16 to 0.5.17

Changelog

Sourced from req's changelog.

CHANGELOG

HEAD

  • [retry]: Use default delay if retry-after is "negative"

    Previously, we were only handling "negative" retry-after in "http date" format and slept for zero seconds. We were crashing on retry-after with negative seconds.

    Now, we're using the default delay (1s, 2s, 4s, ...) in either format.

Commits

Updates sourceror from 1.10.0 to 1.10.1

Release notes

Sourced from sourceror's releases.

v1.10.1

What's Changed

Full Changelog: doorgan/sourceror@v1.10.0...v1.10.1

Changelog

Sourced from sourceror's changelog.

v1.10.1 (2026-01-26)

  • [Sourceror] Fixed range calculation for charlists with concatenations.
Commits

Updates spitfire from 0.2.1 to 0.3.1

Changelog

Sourced from spitfire's changelog.

0.3.1 (2026-01-20)

Bug Fixes

  • handle unexpected tokens when parsing stabs (#76) (365007b)

0.3.0 (2026-01-19)

Features

  • Handle atom_safe and kw_identifier_safe tokens (#72) (c4fd161)

Bug Fixes

  • handle eof inside list-esque constructs (#67) (14a2bf3)
  • handle no_fuel_remaining in parse_with_comments (#73) (f777bb4)
  • improve recovery from unexpected semicolons (#70) (792e9c9)
  • infinite loop parsing incomplete struct (#66) (bebd845)
  • parsing crashes on code with errors (#65) (b6bbdb4)
  • recover from incomplete keyword lists (#71) (0513a5d)
Commits
  • eadeb4a chore(main): release 0.3.1
  • 365007b fix: handle unexpected tokens when parsing stabs (#76)
  • e310fc8 chore: fix formatting
  • 27d7b08 chore: typo
  • d4e770b chore(main): release 0.3.0 (#68)
  • f777bb4 fix: handle no_fuel_remaining in parse_with_comments (#73)
  • c4fd161 feat: Handle atom_safe and kw_identifier_safe tokens (#72)
  • b6bbdb4 fix: parsing crashes on code with errors (#65)
  • 0513a5d fix: recover from incomplete keyword lists (#71)
  • bebd845 fix: infinite loop parsing incomplete struct (#66)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file elixir Pull requests that update elixir code labels Feb 1, 2026
@dependabot
build(deps): bump the production-dependencies group with 3 updates
f4ba94c 
Bumps the production-dependencies group with 3 updates: [req](https://github.com/wojtekmach/req), [sourceror](https://github.com/doorgan/sourceror) and [spitfire](https://github.com/elixir-tools/spitfire).


Updates `req` from 0.5.16 to 0.5.17
- [Release notes](https://github.com/wojtekmach/req/releases)
- [Changelog](https://github.com/wojtekmach/req/blob/main/CHANGELOG.md)
- [Commits](wojtekmach/req@v0.5.16...v0.5.17)

Updates `sourceror` from 1.10.0 to 1.10.1
- [Release notes](https://github.com/doorgan/sourceror/releases)
- [Changelog](https://github.com/doorgan/sourceror/blob/main/CHANGELOG.md)
- [Commits](doorgan/sourceror@v1.10.0...v1.10.1)

Updates `spitfire` from 0.2.1 to 0.3.1
- [Release notes](https://github.com/elixir-tools/spitfire/releases)
- [Changelog](https://github.com/elixir-tools/spitfire/blob/main/CHANGELOG.md)
- [Commits](elixir-tools/spitfire@v0.2.1...v0.3.1)

---
updated-dependencies:
- dependency-name: req
  dependency-version: 0.5.17
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: sourceror
  dependency-version: 1.10.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: spitfire
  dependency-version: 0.3.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/hex/production-dependencies-27ed390ea7 branch from 4c75b6a to f4ba94c Compare February 2, 2026 06:18
@zachdaniel zachdaniel merged commit a5145cc into main Feb 2, 2026
12 checks passed
@dependabot dependabot bot deleted the dependabot/hex/production-dependencies-27ed390ea7 branch February 2, 2026 06:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file elixir Pull requests that update elixir code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@zachdaniel