Skip to content

Bump the python-production group across 1 directory with 5 updates#2413

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/uv/main/python-production-b486b5267f
Open

Bump the python-production group across 1 directory with 5 updates#2413
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/uv/main/python-production-b486b5267f

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown
Contributor

Bumps the python-production group with 4 updates in the / directory: fastapi, httpx2, click and ase.

Updates fastapi from 0.138.0 to 0.139.0

Release notes

Sourced from fastapi's releases.

0.139.0

Features

  • ✨ Support dependencies in app.frontend(), e.g. for automatic cookie authentication for the frontend. PR #15908 by @​tiangolo.

Translations

Internal

0.138.1

Refactors

  • ♻️ Refactor Library Skills, make info easier to find for agents. PR #15841 by @​tiangolo.

Internal

... (truncated)

Commits
  • cecd96d 🔖 Release version 0.139.0 (#15910)
  • aea6609 📝 Update release notes
  • 319be50 ✨ Support dependencies in app.frontend(), e.g. for automatic cookie authent...
  • 66a90f6 📝 Update release notes
  • d30a3eb 👥 Update FastAPI People - Experts (#15909)
  • 122f1b5 📝 Update release notes
  • fd6ece3 👥 Update FastAPI GitHub topic repositories (#15906)
  • ec2a6ad 📝 Update release notes
  • 9d7d7fe 🌐 Update translations for fr (update-outdated) (#15897)
  • 8dc852d 📝 Update release notes
  • Additional commits viewable in compare view

Updates httpx2 from 2.4.0 to 2.5.0

Changelog

Sourced from httpx2's changelog.

2.5.0 (June 25th, 2026)

Added

  • Add native server-sent events support via client.sse(). (#1046)
  • Support | and |= operators for Headers. (#1047)

Fixed

  • Allow IPv6 CIDR notation in no_proxy. (#967)
Commits
  • 9b7ee8e Version 2.5.0 (#1051)
  • 9d5dd67 Inline SSE header defaults using the Headers union operator (#1049)
  • a6e4c43 Suppress empty SSE keepalive events and accept case-insensitive content type ...
  • f1a6268 Support | and |= operators for Headers (#1047)
  • e709094 Add native server-sent events support via client.sse() (#1046)
  • 82b9e2d Allow IPv6 CIDR notation in no_proxy (#967)
  • See full diff in compare view

Updates click from 8.2.1 to 8.4.2

Release notes

Sourced from click's releases.

8.4.2

This is the Click 8.4.1 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/click/8.4.2/ Changes: https://click.palletsprojects.com/page/changes/#version-8-4-2 Milestone: https://github.com/pallets/click/milestone/34

  • Fix Fish shell completion broken in 8.4.0 by #3126. Newlines and tabs in option help text are now escaped, keeping the original completion format while still supporting multi-line help. #3502 #3043 #3504 #3508
  • Deprecated commands and options with empty or missing help text no longer render a stray leading space before the (DEPRECATED) label. #3509
  • A {class}Group with invoke_without_command=True marks its subcommand as optional in the usage help, showing [COMMAND] instead of COMMAND. #3059 #3507
  • echo_via_pager flushes after each write, so passing a generator streams output to the pager incrementally instead of staying hidden until the pipe buffer fills. #3242 #2542 #3534
  • echo_via_pager and get_pager_file no longer close a borrowed stdout stream when no external pager runs, completing the partial I/O operation on closed file fix from #3482. #3449 #3533
  • Fix CLI usage symopsis for optional arguments producing double square brackets [[a|b|c]]... whose type already brackets their metavar. #3578
  • {func}version_option resolves a package_name that does not match an installed distribution as an import (top-level module) name via {func}importlib.metadata.packages_distributions. Packages whose top-level module name differs from their distribution name (PIL vs Pillow, jwt vs PyJWT) no longer raise RuntimeError out of the box. #2331 #1884 #3125 #3582

8.4.1

This is the Click 8.4.1 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/click/8.4.1/ Changes: https://click.palletsprojects.com/page/changes/#version-8-4-1 Milestone: https://github.com/pallets/click/milestone/32

  • get_parameter_source() is available during eager callbacks and type conversion again. #3458 #3484
  • Zsh completion scripts parse correctly on Windows. #3277 # 3466
  • Shell completion of Choice Enum values produces a valid completion result. #3015
  • Fix empty byte-string handling in echo. #3487
  • Fix closed file error with echo_via_pager. #3449

8.4.0

This is the Click 8.4.0 feature release. A feature release may include new features, remove previously deprecated code, add new deprecation, or introduce potentially breaking changes.

We encourage everyone to upgrade. You can read more about our [Version Support Policy][version] on our website.

... (truncated)

Changelog

Sourced from click's changelog.

Version 8.4.2

Released 2026-06-24

  • Fix Fish shell completion broken in 8.4.0 by {pr}3126. Newlines and tabs in option help text are now escaped, keeping the original completion format while still supporting multi-line help. {issue}3502 {issue}3043 {pr}3504 {pr}3508
  • Deprecated commands and options with empty or missing help text no longer render a stray leading space before the (DEPRECATED) label. {pr}3509
  • A {class}Group with invoke_without_command=True marks its subcommand as optional in the usage help, showing [COMMAND] instead of COMMAND. {issue}3059 {pr}3507
  • echo_via_pager flushes after each write, so passing a generator streams output to the pager incrementally instead of staying hidden until the pipe buffer fills. {issue}3242 {issue}2542 {pr}3534
  • echo_via_pager and get_pager_file no longer close a borrowed stdout stream when no external pager runs, completing the partial I/O operation on closed file fix from {pr}3482. {issue}3449 {pr}3533
  • Fix CLI usage symopsis for optional arguments producing double square brackets [[a|b|c]]... whose type already brackets their metavar. {pr}3578
  • {func}version_option resolves a package_name that does not match an installed distribution as an import (top-level module) name via {func}importlib.metadata.packages_distributions. Packages whose top-level module name differs from their distribution name (PIL vs Pillow, jwt vs PyJWT) no longer raise RuntimeError out of the box. {issue}2331 {issue}1884 {issue}3125 {pr}3582

Version 8.4.1

Released 2026-05-21

  • get_parameter_source() is available during eager callbacks and type conversion again. {issue}3458 {pr}3484
  • Zsh completion scripts parse correctly on Windows. {issue}3277 {pr}3466
  • Shell completion of Enum values used as Choice options produces a valid completion result. {issue}3015 {pr}3471
  • Fix empty byte-string handling in echo. {issue}3487 {pr}3493
  • Fix closed file error with echo_via_pager. {issue}3449 {pr}3482
  • Fix open_url on Windows when the file path contains spaces. {issue}2994 {pr}3478

Version 8.4.0

Released 2026-05-17

  • {class}ParamType typing improvements. {pr}3371

    • {class}ParamType is now a generic abstract base class,

... (truncated)

Commits
  • b2e30a1 Release version 8.4.2
  • 7a16b20 Fix package_name resolution when module differs from distribution name (#3582)
  • bec5928 Fix package_name resolution when top-level module differs from distribution...
  • 916883a Fix tests to not rely on -Wdefault option (#3591)
  • 09195f6 Fix double-bracketing of choices in synopsis (#3578)
  • 1557e26 Check for warning exception with idiomatic context manager
  • d9ff133 Static typing improvements in click.shell_completion (#3460)
  • 762c97e Fix double-bracketing of choices in synopsis
  • 8929d39 Convert changes to markdown. (#3559)
  • 237be50 Move changes headings down a level.
  • Additional commits viewable in compare view

Updates ase from 3.28.0 to 3.29.0

Commits
  • f27c000 ASE version 3.29.0
  • 814f6ad replay trajectory: fix resource warning by using ExitStack
  • 62edf66 Merge branch 'fix-pipeline' into 'master'
  • d75c014 Pass sparse matrices for block_diag
  • f5e452c Merge branch 'fix-mr-4143' into 'master'
  • 8e57da8 Add test_vasp_out_with_empty_contcar
  • ee4fac3 Rename variable
  • 2b5d80c Merge branch 'master' into 'master'
  • 765cb11 Merge branch 'fix-1935' into 'master'
  • bbd0c19 Merge branch 'fix-strange-ci-issue' into 'master'
  • Additional commits viewable in compare view

Updates numpy from 2.2.6 to 1.26.4

Commits
  • 9815c16 Merge pull request #25770 from charris/prepare-1.26.4
  • 114ed25 REL: Prepare for the NumPy 1.26.4 release
  • 2fae4d3 Merge pull request #25323 from stefanor/import-asstr
  • ce89a0a Merge pull request #25756 from charris/backport-24711
  • f62dfc6 Merge pull request #25755 from charris/backport-25709
  • fee88ab BUG: Fix np.quantile([Fraction(2,1)], 0.5) (#24711)
  • 659be68 MAINT: Include header defining backtrace
  • 837cd38 Merge pull request #25748 from rgommers/unvendor-mesonpython
  • f984240 CI: upgrade cibuildwheel from 2.16.4 to 2.16.5 [wheel build]
  • 3548f9d BLD: unvendor meson-python [wheel build]
  • Additional commits viewable in compare view

@dependabot dependabot Bot added the dependency_updates Issues pertaining to updates to our dependencies that are breaking the eager build label Jul 1, 2026
@dependabot dependabot Bot requested review from CasperWA and ml-evs as code owners July 1, 2026 05:52
@dependabot dependabot Bot added the dependency_updates Issues pertaining to updates to our dependencies that are breaking the eager build label Jul 1, 2026
@dependabot dependabot Bot changed the title Bump the python-production group with 5 updates Bump the python-production group across 1 directory with 5 updates Jul 2, 2026
Bumps the python-production group with 4 updates in the / directory: [fastapi](https://github.com/fastapi/fastapi), [httpx2](https://github.com/pydantic/httpx2), [click](https://github.com/pallets/click) and [ase](https://gitlab.com/ase/ase).


Updates `fastapi` from 0.138.0 to 0.139.0
- [Release notes](https://github.com/fastapi/fastapi/releases)
- [Commits](fastapi/fastapi@0.138.0...0.139.0)

Updates `httpx2` from 2.4.0 to 2.5.0
- [Release notes](https://github.com/pydantic/httpx2/releases)
- [Changelog](https://github.com/pydantic/httpx2/blob/main/src/httpx2/CHANGELOG.md)
- [Commits](pydantic/httpx2@v2.4.0...v2.5.0)

Updates `click` from 8.2.1 to 8.4.2
- [Release notes](https://github.com/pallets/click/releases)
- [Changelog](https://github.com/pallets/click/blob/main/CHANGES.md)
- [Commits](pallets/click@8.2.1...8.4.2)

Updates `ase` from 3.28.0 to 3.29.0
- [Changelog](https://gitlab.com/ase/ase/blob/master/CHANGELOG.rst)
- [Commits](https://gitlab.com/ase/ase/compare/3.28.0...3.29.0)

Updates `numpy` from 2.2.6 to 1.26.4
- [Release notes](https://github.com/numpy/numpy/releases)
- [Changelog](https://github.com/numpy/numpy/blob/main/doc/RELEASE_WALKTHROUGH.rst)
- [Commits](numpy/numpy@v2.2.6...v1.26.4)

---
updated-dependencies:
- dependency-name: ase
  dependency-version: 3.29.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-production
- dependency-name: click
  dependency-version: 8.4.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-production
- dependency-name: fastapi
  dependency-version: 0.138.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-production
- dependency-name: httpx2
  dependency-version: 2.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-production
- dependency-name: numpy
  dependency-version: 1.26.4
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: python-production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/uv/main/python-production-b486b5267f branch from e4d8fe8 to cedd723 Compare July 2, 2026 12:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependency_updates Issues pertaining to updates to our dependencies that are breaking the eager build

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants