Skip to content

Bump the pip-deps group across 1 directory with 7 updates#3030

Closed
dependabot[bot] wants to merge 1 commit intodevelopfrom
dependabot/pip/pip-deps-344587f8de
Closed

Bump the pip-deps group across 1 directory with 7 updates#3030
dependabot[bot] wants to merge 1 commit intodevelopfrom
dependabot/pip/pip-deps-344587f8de

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Feb 23, 2026
edited
Loading

Bumps the pip-deps group with 7 updates in the / directory:

Package From To
boto3 1.42.46 1.42.55
flask 3.1.2 3.1.3
asf-search 11.0.3 12.0.1
responses 0.25.8 0.26.0
ruff 0.15.0 0.15.2
openapi-spec-validator 0.7.2 0.8.0
cfn-lint 1.44.0 1.45.0

Updates boto3 from 1.42.46 to 1.42.55

Commits
  • 77c52e2 Merge branch 'release-1.42.55'
  • 2024b09 Bumping version to 1.42.55
  • 3cc8917 Add changelog entries from botocore
  • ae39e43 Merge branch 'release-1.42.54'
  • 2fd0261 Merge branch 'release-1.42.54' into develop
  • f07efd3 Bumping version to 1.42.54
  • 36bad54 Add changelog entries from botocore
  • ab66554 Merge branch 'release-1.42.53'
  • 9699df9 Merge branch 'release-1.42.53' into develop
  • dfa0446 Bumping version to 1.42.53
  • Additional commits viewable in compare view

Updates flask from 3.1.2 to 3.1.3

Release notes

Sourced from flask's releases.

3.1.3

This is the Flask 3.1.3 security fix release, which fixes a security issue but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/Flask/3.1.3/ Changes: https://flask.palletsprojects.com/page/changes/#version-3-1-3

  • The session is marked as accessed for operations that only access the keys but not the values, such as in and len. GHSA-68rp-wp8r-4726
Changelog

Sourced from flask's changelog.

Version 3.1.3

Released 2026-02-18

  • The session is marked as accessed for operations that only access the keys but not the values, such as in and len. :ghsa:68rp-wp8r-4726
Commits
  • 22d9247 release version 3.1.3
  • 089cb86 Merge commit from fork
  • c17f379 request context tracks session access
  • 27be933 start version 3.1.3
  • 4e652d3 Abort if the instance folder cannot be created (#5903)
  • 3d03098 Abort if the instance folder cannot be created
  • 407eb76 document using gevent for async (#5900)
  • ac5664d document using gevent for async
  • 4f79d5b Increase required flit_core version to 3.11 (#5865)
  • fe3b215 Increase required flit_core version to 3.11
  • Additional commits viewable in compare view

Updates asf-search from 11.0.3 to 12.0.1

Release notes

Sourced from asf-search's releases.

v12.0.1

v12.0.1

Added

  • collectionName and conceptID added to TROPOProduct properties dict

v12.0.0

v12.0.0

Added

  • Add DISP-S1-STATIC support: product type constant, added to OPERA-S1 dataset, supported in OPERAS1Product class
  • Add TROPO dataset for TROPO-ZENITH and ECMWF_TROPO product types
  • Add new ASFProduct subclass TROPOProduct for TROPO-ZENITH and ECMWF_TROPO product types

Changed

  • Moved TROPO-ZENITH out of OPERA-S1 dataset, now in standalone TROPO dataset
Changelog

Sourced from asf-search's changelog.

v12.0.1

Added

  • collectionName and conceptID added to TROPOProduct properties dict

v12.0.0

Added

  • Add DISP-S1-STATIC support: product type constant, added to OPERA-S1 dataset, supported in OPERAS1Product class
  • Add TROPO dataset for TROPO-ZENITH and ECMWF_TROPO product types
  • Add new ASFProduct subclass TROPOProduct for TROPO-ZENITH and ECMWF_TROPO product types

Changed

  • Moved TROPO-ZENITH out of OPERA-S1 dataset, now in standalone TROPO dataset
Commits
  • 036e6f7 Merge pull request #422 from asfadmin/topic-tropo-metadata-improvement
  • e7c8d94 feature: add collectionName and conceptID to TROPOProduct properties
  • 23a7b33 feat: add nisar-science-product-access notebook
  • bc4fd9a Bump version to v12.0.0 and add new product support
  • 301c621 Merge pull request #420 from asfadmin/feat-disp-static
  • 6b649ac bug: add additionalUrls, s3Urls, and byte sizes to TROPO jsonlite outputs
  • a44cd8f fix: ECMWF_TROPO uses single datetime for start and stop time
  • a92fdbf test: update test case, add missing byte mapping for TROPOProduct
  • fa2327d chore: update changelog
  • 27da71e feat: add TROPOProduct class
  • Additional commits viewable in compare view

Updates responses from 0.25.8 to 0.26.0

Release notes

Sourced from responses's releases.

0.26.0

  • When using assert_all_requests_are_fired=True, assertions about unfired requests are now raised even when an exception occurs in the context manager or decorated function. Previously, these assertions were suppressed when exceptions occurred. This new behavior provides valuable debugging context about which mocked requests were or weren't called.
  • Consider the Retry-After header when handling retries
Changelog

Sourced from responses's changelog.

0.26.0

  • When using assert_all_requests_are_fired=True, assertions about unfired requests are now raised even when an exception occurs in the context manager or decorated function. Previously, these assertions were suppressed when exceptions occurred. This new behavior provides valuable debugging context about which mocked requests were or weren't called.
  • Consider the Retry-After header when handling retries
Commits
  • 94913d0 release: 0.26.0
  • 051b79e Make assert_all_requests_are_fired always assert on exception (#782)
  • 0905cb8 Fix query_param_matcher not matching empty query parameter values (#787)
  • e0c6faa ci(release): Switch from action-prepare-release to Craft (#785)
  • 1be3a73 fix: Consider the Retry-After header when handling retries (#784)
  • c6730fb Merge branch 'release/0.25.8'
  • See full diff in compare view

Updates ruff from 0.15.0 to 0.15.2

Release notes

Sourced from ruff's releases.

0.15.2

Release Notes

Released on 2026-02-19.

Preview features

Bug fixes

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.2

Released on 2026-02-19.

Preview features

... (truncated)

Commits

Updates openapi-spec-validator from 0.7.2 to 0.8.0

Release notes

Sourced from openapi-spec-validator's releases.

0.8.0

Upgrades

  • Jsonschema-path 0.4 and openapi-schema-validator 0.7 upgrades #459
  • Python 3.13 and 3.14 support #392 #457

Fixes

  • Update openapi-schema-validator version constraint #439

Backward incompatibilities

0.8.0b3

Upgrades

  • Jsonschema-path 0.4.0b8 upgrade #455

0.8.0b2

Upgrades

  • Jsonschema-path 0.4.0b2 upgrade #449

Fixes

  • Update openapi-schema-validator version constraint #439

0.8.0b1

Upgrades

  • Python 3.8 support dropped #392
  • Python 3.13 support #392
  • Jsonschema-path upgrade #398
Commits
  • 574be21 Version 0.8.0
  • 626b371 Merge pull request #459 from python-openapi/feature/jsonschema-path-and-opena...
  • f5e7f21 Jsonschema-path 0.4 and openapi-schema-validator 0.7 upgrades
  • 34f3842 Merge pull request #457 from python-openapi/feature/python-3.14-support
  • ecd42bb Python 3.14 support
  • c21387c Merge pull request #458 from python-openapi/feature/workflow-naming
  • 8fe47e9 Merge pull request #450 from python-openapi/dependabot/pip/pytest-8.4.2
  • a78c4a9 Workflows naming normalization
  • b5ead03 Bump pytest from 8.4.1 to 8.4.2
  • 08e7805 Merge pull request #452 from python-openapi/dependabot/pip/pytest-cov-7.0.0
  • Additional commits viewable in compare view

Updates cfn-lint from 1.44.0 to 1.45.0

Release notes

Sourced from cfn-lint's releases.

Release v1.45.0

What's Changed

New Contributors

Full Changelog: aws-cloudformation/cfn-lint@v1.44.0...v1.45.0

Changelog

Sourced from cfn-lint's changelog.

v1.45.0

What's Changed

New Contributors

Full Changelog: aws-cloudformation/cfn-lint@v1.44.0...v1.45.0

Commits
  • 596a08b Release v1.45.0 (#4374)
  • 8f85b91 Update CloudFormation schemas to 2026-02-23 (#4362)
  • 718a23a Accept any SSM parameter and List types with warning for undocumented types (...
  • a46657d Fix E3009 false positive for Fn::Transform in additional properties (#4368)
  • 599b0fa Pin cfn-lint version to 1.44.0 in Dockerfile (#4365)
  • f8a00aa chore(deps): bump pyinstaller from 6.18.0 to 6.19.0 in /requirements (#4370)
  • e987bd8 Add lambda schema extensions (#4372)
  • e52850c chore(deps): bump setuptools from 80.10.2 to 82.0.0 in /requirements (#4366)
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot Bot added bumpless Changes to documentation, CI/CD pipelines, etc that don't affect the project's version major Bump the major version number of this project labels Feb 23, 2026
@dependabot dependabot Bot requested review from a team as code owners February 23, 2026 21:19
@dependabot dependabot Bot added major Bump the major version number of this project bumpless Changes to documentation, CI/CD pipelines, etc that don't affect the project's version labels Feb 23, 2026
@dependabot dependabot Bot force-pushed the dependabot/pip/pip-deps-344587f8de branch from 0415c55 to ccd5b8d Compare March 2, 2026 21:30
@jhkennedy
Copy link
Copy Markdown
Contributor

jhkennedy commented Mar 3, 2026

@dependabot rebase

@dependabot
Bump the pip-deps group across 1 directory with 7 updates
c9dcfa2 
Bumps the pip-deps group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [boto3](https://github.com/boto/boto3) | `1.42.46` | `1.42.55` |
| [flask](https://github.com/pallets/flask) | `3.1.2` | `3.1.3` |
| [asf-search](https://github.com/asfadmin/Discovery-asf_search) | `11.0.3` | `12.0.1` |
| [responses](https://github.com/getsentry/responses) | `0.25.8` | `0.26.0` |
| [ruff](https://github.com/astral-sh/ruff) | `0.15.0` | `0.15.2` |
| [openapi-spec-validator](https://github.com/python-openapi/openapi-spec-validator) | `0.7.2` | `0.8.0` |
| [cfn-lint](https://github.com/aws-cloudformation/cfn-lint) | `1.44.0` | `1.45.0` |



Updates `boto3` from 1.42.46 to 1.42.55
- [Release notes](https://github.com/boto/boto3/releases)
- [Commits](boto/boto3@1.42.46...1.42.55)

Updates `flask` from 3.1.2 to 3.1.3
- [Release notes](https://github.com/pallets/flask/releases)
- [Changelog](https://github.com/pallets/flask/blob/main/CHANGES.rst)
- [Commits](pallets/flask@3.1.2...3.1.3)

Updates `asf-search` from 11.0.3 to 12.0.1
- [Release notes](https://github.com/asfadmin/Discovery-asf_search/releases)
- [Changelog](https://github.com/asfadmin/Discovery-asf_search/blob/master/CHANGELOG.md)
- [Commits](asfadmin/Discovery-asf_search@v11.0.3...v12.0.1)

Updates `responses` from 0.25.8 to 0.26.0
- [Release notes](https://github.com/getsentry/responses/releases)
- [Changelog](https://github.com/getsentry/responses/blob/master/CHANGES)
- [Commits](getsentry/responses@0.25.8...0.26.0)

Updates `ruff` from 0.15.0 to 0.15.2
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.0...0.15.2)

Updates `openapi-spec-validator` from 0.7.2 to 0.8.0
- [Release notes](https://github.com/python-openapi/openapi-spec-validator/releases)
- [Commits](python-openapi/openapi-spec-validator@0.7.2...0.8.0)

Updates `cfn-lint` from 1.44.0 to 1.45.0
- [Release notes](https://github.com/aws-cloudformation/cfn-lint/releases)
- [Changelog](https://github.com/aws-cloudformation/cfn-lint/blob/main/CHANGELOG.md)
- [Commits](aws-cloudformation/cfn-lint@v1.44.0...v1.45.0)

---
updated-dependencies:
- dependency-name: boto3
  dependency-version: 1.42.55
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-deps
- dependency-name: flask
  dependency-version: 3.1.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-deps
- dependency-name: asf-search
  dependency-version: 12.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: pip-deps
- dependency-name: responses
  dependency-version: 0.26.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-deps
- dependency-name: ruff
  dependency-version: 0.15.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-deps
- dependency-name: openapi-spec-validator
  dependency-version: 0.8.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-deps
- dependency-name: cfn-lint
  dependency-version: 1.45.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/pip/pip-deps-344587f8de branch from ccd5b8d to c9dcfa2 Compare March 3, 2026 01:27
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github Mar 9, 2026

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this Mar 9, 2026
@dependabot dependabot Bot deleted the dependabot/pip/pip-deps-344587f8de branch March 9, 2026 20:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

bumpless Changes to documentation, CI/CD pipelines, etc that don't affect the project's version major Bump the major version number of this project

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jhkennedy