From b4521163b6b50ff2b7fddffa0d721262732259e2 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 24 Oct 2025 10:30:30 +0000
Subject: [PATCH 1/2] Bump cython from 3.1.5 to 3.1.6 (#11708)
Bumps [cython](https://github.com/cython/cython) from 3.1.5 to 3.1.6.
Changelog
Sourced from cython's
changelog.
3.1.6 (2025-10-23)
Bugs fixed
-
Unicode characters formatted from C integers with
f"{value:c}" could result in
invalid Python string objects since Cython 3.1.0.
(Github issue :issue:7240)
-
cythonize (program and function) now uses
concurrent.futures.ProcessPoolExecutor
instead of multiprocessing.Pool to fix a hang on build
failures in parallel builds.
A possible work-around is to disable parallel builds.
Patch by Sviatoslav Sydorenko. (Github issue
:issue:7183)
Commits
b40c676
Prepare release of 3.1.6.2c00332
Build: Clear "license-files" option in setup metadata due
to6d0b9bd
Build: Use twine to check the wheels before uploading them.fecd0e5
Silence a C coercion warning in a test.2a68bbc
Avoid back-and-forth between signed and unsigned index types in C array
conve...1824975
Silence a C compiler warning about implicit signed/unsigned
conversion.a583bc3
Disable parallelism in cythonize command/function on
spawn (GH-7183)2ee0bc1
Update changelog.b0f7b40
Fix f-string joining when non-ASCII "{intvalue:c}" character
formats are invo...67351ba
Adapt release date of 3.1.5 to PyPI release time.- Additional commits viewable in compare
view
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
Signed-off-by: dependabot[bot]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
requirements/constraints.txt | 2 +-
requirements/cython.txt | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/requirements/constraints.txt b/requirements/constraints.txt
index 7ee71586ed1..cade2482eaa 100644
--- a/requirements/constraints.txt
+++ b/requirements/constraints.txt
@@ -59,7 +59,7 @@ coverage==7.11.0
# pytest-cov
cryptography==46.0.3
# via trustme
-cython==3.1.5
+cython==3.1.6
# via -r requirements/cython.in
distlib==0.4.0
# via virtualenv
diff --git a/requirements/cython.txt b/requirements/cython.txt
index 7d87371c03d..05f39110b33 100644
--- a/requirements/cython.txt
+++ b/requirements/cython.txt
@@ -4,7 +4,7 @@
#
# pip-compile --allow-unsafe --output-file=requirements/cython.txt --resolver=backtracking --strip-extras requirements/cython.in
#
-cython==3.1.5
+cython==3.1.6
# via -r requirements/cython.in
multidict==6.7.0
# via -r requirements/multidict.in
From 0288aeaf8dba7ee7f580febdc3d31c5754d7ae2f Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 24 Oct 2025 10:33:52 +0000
Subject: [PATCH 2/2] Bump pytest-codspeed from 4.1.1 to 4.2.0 (#11709)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Bumps [pytest-codspeed](https://github.com/CodSpeedHQ/pytest-codspeed)
from 4.1.1 to 4.2.0.
Release notes
Sourced from pytest-codspeed's
releases.
v4.2.0
What's Changed
Full Changelog: https://github.com/CodSpeedHQ/pytest-codspeed/compare/v4.1.1...v4.2.0
Changelog
Sourced from pytest-codspeed's
changelog.
[4.2.0] - 2025-10-24
🚀 Features
🐛 Bug Fixes
- Throw error when instrument hooks failed to initialize under
codspeed env by
@adriencaccia
⚙️ Internals
Commits
3b0649b
Release v4.2.0 🚀1af4399
feat: support python 3.142e8a7a8
fix(valgrind): throw error when instrument hooks failed to initialize
under c...bf30b24
chore: bump mypyf1e42e4
chore(ci): bump python to 3.14 in the ci- See full diff in compare
view
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
Signed-off-by: dependabot[bot]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
requirements/constraints.txt | 2 +-
requirements/dev.txt | 2 +-
requirements/lint.txt | 2 +-
requirements/test-common.txt | 2 +-
requirements/test-ft.txt | 2 +-
requirements/test.txt | 2 +-
6 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/requirements/constraints.txt b/requirements/constraints.txt
index cade2482eaa..6f5904d8b4f 100644
--- a/requirements/constraints.txt
+++ b/requirements/constraints.txt
@@ -177,7 +177,7 @@ pytest==8.4.2
# pytest-cov
# pytest-mock
# pytest-xdist
-pytest-codspeed==4.1.1
+pytest-codspeed==4.2.0
# via
# -r requirements/lint.in
# -r requirements/test-common.in
diff --git a/requirements/dev.txt b/requirements/dev.txt
index 3c9d53d31e8..9c24339d87d 100644
--- a/requirements/dev.txt
+++ b/requirements/dev.txt
@@ -172,7 +172,7 @@ pytest==8.4.2
# pytest-cov
# pytest-mock
# pytest-xdist
-pytest-codspeed==4.1.1
+pytest-codspeed==4.2.0
# via
# -r requirements/lint.in
# -r requirements/test-common.in
diff --git a/requirements/lint.txt b/requirements/lint.txt
index dfffa164601..af1b3f2a533 100644
--- a/requirements/lint.txt
+++ b/requirements/lint.txt
@@ -82,7 +82,7 @@ pytest==8.4.2
# -r requirements/lint.in
# pytest-codspeed
# pytest-mock
-pytest-codspeed==4.1.1
+pytest-codspeed==4.2.0
# via -r requirements/lint.in
pytest-mock==3.15.1
# via -r requirements/lint.in
diff --git a/requirements/test-common.txt b/requirements/test-common.txt
index 3585f1af52a..eaed33d1164 100644
--- a/requirements/test-common.txt
+++ b/requirements/test-common.txt
@@ -71,7 +71,7 @@ pytest==8.4.2
# pytest-cov
# pytest-mock
# pytest-xdist
-pytest-codspeed==4.1.1
+pytest-codspeed==4.2.0
# via -r requirements/test-common.in
pytest-cov==7.0.0
# via -r requirements/test-common.in
diff --git a/requirements/test-ft.txt b/requirements/test-ft.txt
index 604f752905b..9da6e8df1f0 100644
--- a/requirements/test-ft.txt
+++ b/requirements/test-ft.txt
@@ -104,7 +104,7 @@ pytest==8.4.2
# pytest-cov
# pytest-mock
# pytest-xdist
-pytest-codspeed==4.1.1
+pytest-codspeed==4.2.0
# via -r requirements/test-common.in
pytest-cov==7.0.0
# via -r requirements/test-common.in
diff --git a/requirements/test.txt b/requirements/test.txt
index 2f27fcad6a6..5c74637ac79 100644
--- a/requirements/test.txt
+++ b/requirements/test.txt
@@ -104,7 +104,7 @@ pytest==8.4.2
# pytest-cov
# pytest-mock
# pytest-xdist
-pytest-codspeed==4.1.1
+pytest-codspeed==4.2.0
# via -r requirements/test-common.in
pytest-cov==7.0.0
# via -r requirements/test-common.in