From c03452c70b45ad9741e8862e3b85cb1abf9c3ec3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 9 Oct 2025 10:18:43 +0000 Subject: [PATCH 1/3] Bump filelock from 3.19.1 to 3.20.0 (#11615) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [filelock](https://github.com/tox-dev/py-filelock) from 3.19.1 to 3.20.0.
Release notes

Sourced from filelock's releases.

3.20.0

What's Changed

New Contributors

Full Changelog: https://github.com/tox-dev/filelock/compare/3.19.1...3.20.0

Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=filelock&package-manager=pip&previous-version=3.19.1&new-version=3.20.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- requirements/constraints.txt | 2 +- requirements/dev.txt | 2 +- requirements/lint.txt | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/requirements/constraints.txt b/requirements/constraints.txt index cf1e00f7bee..1290beefd68 100644 --- a/requirements/constraints.txt +++ b/requirements/constraints.txt @@ -70,7 +70,7 @@ exceptiongroup==1.3.0 # via pytest execnet==2.1.1 # via pytest-xdist -filelock==3.19.1 +filelock==3.20.0 # via virtualenv forbiddenfruit==0.1.4 # via blockbuster diff --git a/requirements/dev.txt b/requirements/dev.txt index 60e88b75cf3..b234cbb67db 100644 --- a/requirements/dev.txt +++ b/requirements/dev.txt @@ -68,7 +68,7 @@ exceptiongroup==1.3.0 # via pytest execnet==2.1.1 # via pytest-xdist -filelock==3.19.1 +filelock==3.20.0 # via virtualenv forbiddenfruit==0.1.4 # via blockbuster diff --git a/requirements/lint.txt b/requirements/lint.txt index 708cc6e97a4..8f8df45e236 100644 --- a/requirements/lint.txt +++ b/requirements/lint.txt @@ -27,7 +27,7 @@ distlib==0.4.0 # via virtualenv exceptiongroup==1.3.0 # via pytest -filelock==3.19.1 +filelock==3.20.0 # via virtualenv forbiddenfruit==0.1.4 # via blockbuster From 80606d5657c9c87da037611eb6a5c28d062aa05f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 9 Oct 2025 10:34:36 +0000 Subject: [PATCH 2/3] Bump platformdirs from 4.4.0 to 4.5.0 (#11616) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [platformdirs](https://github.com/tox-dev/platformdirs) from 4.4.0 to 4.5.0.
Release notes

Sourced from platformdirs's releases.

4.5.0

What's Changed

New Contributors

Full Changelog: https://github.com/tox-dev/platformdirs/compare/4.4.0...4.5.0

Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=platformdirs&package-manager=pip&previous-version=4.4.0&new-version=4.5.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- requirements/constraints.txt | 2 +- requirements/dev.txt | 2 +- requirements/lint.txt | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/requirements/constraints.txt b/requirements/constraints.txt index 1290beefd68..52a1448aecf 100644 --- a/requirements/constraints.txt +++ b/requirements/constraints.txt @@ -137,7 +137,7 @@ pip-tools==7.5.1 # via -r requirements/dev.in pkgconfig==1.5.5 # via -r requirements/test-common.in -platformdirs==4.4.0 +platformdirs==4.5.0 # via virtualenv pluggy==1.6.0 # via diff --git a/requirements/dev.txt b/requirements/dev.txt index b234cbb67db..430ca9bc99e 100644 --- a/requirements/dev.txt +++ b/requirements/dev.txt @@ -134,7 +134,7 @@ pip-tools==7.5.1 # via -r requirements/dev.in pkgconfig==1.5.5 # via -r requirements/test-common.in -platformdirs==4.4.0 +platformdirs==4.5.0 # via virtualenv pluggy==1.6.0 # via diff --git a/requirements/lint.txt b/requirements/lint.txt index 8f8df45e236..31f87fb8389 100644 --- a/requirements/lint.txt +++ b/requirements/lint.txt @@ -55,7 +55,7 @@ packaging==25.0 # via pytest pathspec==0.12.1 # via mypy -platformdirs==4.4.0 +platformdirs==4.5.0 # via virtualenv pluggy==1.6.0 # via pytest From 7a404ed8fbdf878adb3ca137d7ceb673c74e2170 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 9 Oct 2025 10:40:29 +0000 Subject: [PATCH 3/3] Bump tomli from 2.2.1 to 2.3.0 (#11617) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [tomli](https://github.com/hukkin/tomli) from 2.2.1 to 2.3.0.
Changelog

Sourced from tomli's changelog.

2.3.0

  • Added
    • Binary wheels for Python 3.14 (also free-threaded)
  • Performance
    • Reduced import time
Commits
  • 3fccd16 Bump version: 2.2.1 → 2.3.0
  • 6504016 Add 2.3.0 changelog
  • 0bc66fc Remove now off-by-default PyPy from cibuildwheel skip list
  • 0aa242f Update license metadata to appease PEP 639
  • a18221e Bump GitHub CI actions
  • 6fa4d90 [pre-commit.ci] pre-commit autoupdate (#260)
  • b974fa1 [pre-commit.ci] pre-commit autoupdate (#248)
  • f574f36 Update mypy to 1.15 and use --strict mode (#257)
  • 1da01ef Reduce import time by removing typing import (#251)
  • 4188188 Reduce import time by removing string and tomli._types imports
  • Additional commits viewable in compare view

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tomli&package-manager=pip&previous-version=2.2.1&new-version=2.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- requirements/constraints.txt | 2 +- requirements/dev.txt | 2 +- requirements/doc-spelling.txt | 2 +- requirements/doc.txt | 2 +- requirements/lint.txt | 2 +- requirements/test-common.txt | 2 +- requirements/test-ft.txt | 2 +- requirements/test.txt | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/requirements/constraints.txt b/requirements/constraints.txt index 52a1448aecf..fd73a37c401 100644 --- a/requirements/constraints.txt +++ b/requirements/constraints.txt @@ -244,7 +244,7 @@ stamina==25.1.0 # via cherry-picker tenacity==9.1.2 # via stamina -tomli==2.2.1 +tomli==2.3.0 # via # build # cherry-picker diff --git a/requirements/dev.txt b/requirements/dev.txt index 430ca9bc99e..f0ac2f57a03 100644 --- a/requirements/dev.txt +++ b/requirements/dev.txt @@ -235,7 +235,7 @@ stamina==25.1.0 # via cherry-picker tenacity==9.1.2 # via stamina -tomli==2.2.1 +tomli==2.3.0 # via # build # cherry-picker diff --git a/requirements/doc-spelling.txt b/requirements/doc-spelling.txt index 3c5f0f4048e..a5b1fe23760 100644 --- a/requirements/doc-spelling.txt +++ b/requirements/doc-spelling.txt @@ -61,7 +61,7 @@ sphinxcontrib-spelling==8.0.1 ; platform_system != "Windows" # via -r requirements/doc-spelling.in sphinxcontrib-towncrier==0.5.0a0 # via -r requirements/doc.in -tomli==2.2.1 +tomli==2.3.0 # via # sphinx # towncrier diff --git a/requirements/doc.txt b/requirements/doc.txt index 1c6738f8613..99d38d86ad6 100644 --- a/requirements/doc.txt +++ b/requirements/doc.txt @@ -54,7 +54,7 @@ sphinxcontrib-serializinghtml==2.0.0 # via sphinx sphinxcontrib-towncrier==0.5.0a0 # via -r requirements/doc.in -tomli==2.2.1 +tomli==2.3.0 # via # sphinx # towncrier diff --git a/requirements/lint.txt b/requirements/lint.txt index 31f87fb8389..087a2f63e90 100644 --- a/requirements/lint.txt +++ b/requirements/lint.txt @@ -96,7 +96,7 @@ six==1.17.0 # via python-dateutil slotscheck==0.19.1 # via -r requirements/lint.in -tomli==2.2.1 +tomli==2.3.0 # via # mypy # pytest diff --git a/requirements/test-common.txt b/requirements/test-common.txt index 181fc34dd2c..1465527db2b 100644 --- a/requirements/test-common.txt +++ b/requirements/test-common.txt @@ -89,7 +89,7 @@ setuptools-git==1.2 # via -r requirements/test-common.in six==1.17.0 # via python-dateutil -tomli==2.2.1 +tomli==2.3.0 # via # coverage # mypy diff --git a/requirements/test-ft.txt b/requirements/test-ft.txt index abe94c1bb75..83762508513 100644 --- a/requirements/test-ft.txt +++ b/requirements/test-ft.txt @@ -120,7 +120,7 @@ setuptools-git==1.2 # via -r requirements/test-common.in six==1.17.0 # via python-dateutil -tomli==2.2.1 +tomli==2.3.0 # via # coverage # mypy diff --git a/requirements/test.txt b/requirements/test.txt index 425d84664cc..101f2cb9018 100644 --- a/requirements/test.txt +++ b/requirements/test.txt @@ -120,7 +120,7 @@ setuptools-git==1.2 # via -r requirements/test-common.in six==1.17.0 # via python-dateutil -tomli==2.2.1 +tomli==2.3.0 # via # coverage # mypy