Skip to content

chore(deps): bump the major-updates group across 1 directory with 3 updates #138

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: develop
Choose a base branch
from
Open

chore(deps): bump the major-updates group across 1 directory with 3 updates #138

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 19, 2026

Bumps the major-updates group with 3 updates in the / directory: django, black and django-debug-toolbar.

Updates django from 5.2.9 to 5.2.10

Commits
  • 8a0005c [5.2.x] Bumped version for 5.2.10 release.
  • e20d1c2 [5.2.x] Added release date for 5.2.10.
  • 2ca2afd [5.2.x] Refs #33647 -- Fixed silent data truncation in bulk_create on Postgres.
  • 8346657 [5.2.x] Fixed #36376 -- Fixed --no-color for command help in Python 3.14+.
  • 9cc231e [5.2.x] Refs #27890 -- Avoided overwriting TMPDIR in runtests.py under forkse...
  • 5ca0f62 [5.2.x] Refs #36499 -- Adjusted test_strip_tags following Python behavior cha...
  • 322b717 [5.2.x] Added CVE-2025-13372 and CVE-2025-64460 to security archive.
  • 27c508a [5.2.x] Added stub release notes for 5.2.10.
  • a3a8f7a [5.2.x] Post-release version bump.
  • See full diff in compare view

Updates black from 25.12.0 to 26.1.0

Release notes

Sourced from black's releases.

26.1.0

Highlights

Introduces the 2026 stable style (#4892), stabilizing the following changes:

  • always_one_newline_after_import: Always force one blank line after import statements, except when the line after the import is a comment or an import statement (#4489)
  • fix_fmt_skip_in_one_liners: Fix # fmt: skip behavior on one-liner declarations, such as def foo(): return "mock" # fmt: skip, where previously the declaration would have been incorrectly collapsed (#4800)
  • fix_module_docstring_detection: Fix module docstrings being treated as normal strings if preceded by comments (#4764)
  • fix_type_expansion_split: Fix type expansions split in generic functions (#4777)
  • multiline_string_handling: Make expressions involving multiline strings more compact (#1879)
  • normalize_cr_newlines: Add \r style newlines to the potential newlines to normalize file newlines both from and to (#4710)
  • remove_parens_around_except_types: Remove parentheses around multiple exception types in except and except* without as (#4720)
  • remove_parens_from_assignment_lhs: Remove unnecessary parentheses from the left-hand side of assignments while preserving magic trailing commas and intentional multiline formatting (#4865)
  • standardize_type_comments: Format type comments which have zero or more spaces between # and type: or between type: and value to # type: (value) (#4645)

The following change was not in any previous stable release:

  • Regenerated the _width_table.py and added tests for the Khmer language (#4253)

This release alo bumps pathspec to v1 and fixes inconsistencies with Git's .gitignore logic (#4958). Now, files will be ignored if a pattern matches them, even if the parent directory is directly unignored. For example, Black would previously format exclude/not_this/foo.py with this .gitignore:

exclude/
!exclude/not_this/

Now, exclude/not_this/foo.py will remain ignored. To ensure exclude/not_this/ and all of it's children are included in formatting (and in Git), use this .gitignore:

*/exclude/*
!*/exclude/not_this/

This new behavior matches Git. The leading */ are only necessary if you wish to ignore matching subdirectories (like the previous behavior did), and not just matching root

... (truncated)

Changelog

Sourced from black's changelog.

26.1.0

Highlights

Introduces the 2026 stable style (#4892), stabilizing the following changes:

  • always_one_newline_after_import: Always force one blank line after import statements, except when the line after the import is a comment or an import statement (#4489)
  • fix_fmt_skip_in_one_liners: Fix # fmt: skip behavior on one-liner declarations, such as def foo(): return "mock" # fmt: skip, where previously the declaration would have been incorrectly collapsed (#4800)
  • fix_module_docstring_detection: Fix module docstrings being treated as normal strings if preceded by comments (#4764)
  • fix_type_expansion_split: Fix type expansions split in generic functions (#4777)
  • multiline_string_handling: Make expressions involving multiline strings more compact (#1879)
  • normalize_cr_newlines: Add \r style newlines to the potential newlines to normalize file newlines both from and to (#4710)
  • remove_parens_around_except_types: Remove parentheses around multiple exception types in except and except* without as (#4720)
  • remove_parens_from_assignment_lhs: Remove unnecessary parentheses from the left-hand side of assignments while preserving magic trailing commas and intentional multiline formatting (#4865)
  • standardize_type_comments: Format type comments which have zero or more spaces between # and type: or between type: and value to # type: (value) (#4645)

The following change was not in any previous stable release:

  • Regenerated the _width_table.py and added tests for the Khmer language (#4253)

This release alo bumps pathspec to v1 and fixes inconsistencies with Git's .gitignore logic (#4958). Now, files will be ignored if a pattern matches them, even if the parent directory is directly unignored. For example, Black would previously format exclude/not_this/foo.py with this .gitignore:

exclude/
!exclude/not_this/

Now, exclude/not_this/foo.py will remain ignored. To ensure exclude/not_this/ and all of it's children are included in formatting (and in Git), use this .gitignore:

*/exclude/*
!*/exclude/not_this/

This new behavior matches Git. The leading */ are only necessary if you wish to ignore

... (truncated)

Commits

Updates django-debug-toolbar from 5.2.0 to 6.1.0

Release notes

Sourced from django-debug-toolbar's releases.

6.1.0

What's Changed

See change log here

Commits:

New Contributors

Full Changes: django-commons/django-debug-toolbar@6.0.0...6.1.0

6.0.0

Description

The v6.0.0 release of Django Debug Toolbar significantly revamps how panels for the toolbar work. Each panel will now persist its data in a store. A store can either be backed by various backends. The toolbar will support a memory and database backend to start.

The toolbar is now using Django's SafeExceptionReporterFilter.cleanse_setting() function to filter out sensitive information. Some data will be replaced with "********************". This is because the toolbar could be configured to write the request information to a persistent store such as a cache or database.

Django applications with basic installations are backwards compatible with this change. If there are hooks into the internals of the toolbar, such as DebugToolbar.store_id then it will be backwards incompatible.

Third-party panels will need updating. Any data that is stored in record_stats will need to be fetched back out from self.get_stats() before being able to be rendered. This is to support loading an instance of the toolbar from persisted data. A simple example of this transition can be found in debug_toolbar/panels/cache.py in PR 2138

How to upgrade

  • Changes required if the toolbar isn't installed entirely programmatically
    • If you experience RuntimeError: Model class debug_toolbar.models.HistoryEntry doesn't declare an explicit app_label and isn't in an application in INSTALLED_APPS, you need to remove the reference to the toolbar's urls in your urls.py file and MIDDLEWARE setting when the toolbar isn't in INSTALLED_APPS

... (truncated)

Changelog

Sourced from django-debug-toolbar's changelog.

6.1.0 (2025-10-30)

  • Added support for async to timer panel.
  • Added a note about the default password in make example.
  • Removed logging about the toolbar failing to serialize a value into JSON.
  • Moved the the import statement of debug_toolbar.urls to within the if statement's scope on the installation documentation.
  • Changed StoredDebugToolbar.from_store to always create a panel key and class instance, regardless if any data was generated.
  • Fixed selenium tests for CI by using psycopg for Python 3.13 runs.
  • Added CommunityPanel containing links to documentation and resources.
  • Upgraded CI postgis version to 17-3.5.
  • Added how to generate the documentation locally to the contributing documentation.
  • Updated logic that forces values to strings (force_str) to render "Django Debug Toolbar was unable to parse value." when there's a decoding error.
  • Updated docs to show incompatibility with Django Channels.
  • Hide the toolbar's migrations unless debug_toolbar.store.DatabaseStore is being used. This may change in the future.
  • Hide debug_toolbar.HistoryEntry as a model unless debug_toolbar.store.DatabaseStore is being used. This may change in the future.

6.0.0 (2025-07-22)

  • Added support for checking if pytest as the test runner when determining if tests are running.
  • Added show_toolbar_with_docker function to check Docker host IP address when running inside Docker containers.
  • Defines the BaseStore interface for request storage mechanisms.
  • Added the setting TOOLBAR_STORE_CLASS to configure the request storage mechanism. Defaults to debug_toolbar.store.MemoryStore.
  • Rename store_id properties to request_id and Toolbar.store to Toolbar.init_store.
  • Support Panel instances with stored stats via Panel.load_stats_from_store.
  • Swapped Toolbar._store for the get_store() class.
  • Created a StoredDebugToolbar that support creating an instance of the toolbar representing an old request. It should only be used for fetching panels' contents.
  • Drop raw_params from query data.
  • Queries now have a unique djdt_query_id. The SQL forms now reference this id and avoid passing SQL to be executed.
  • Move the formatting logic of SQL queries to just before rendering in SQLPanel.content.
  • Make Panel.panel_id a class member.
  • Update all panels to utilize data from Panel.get_stats() to load content

... (truncated)

Commits
  • 6ef77a1 Version 6.1.0
  • 0b809d5 Support hiding migrations and models when not using the DatabaseStore (#2236)
  • 45bc2db [pre-commit.ci] pre-commit autoupdate
  • 9d569dd Bump the github-actions group with 3 updates
  • 6572221 [pre-commit.ci] pre-commit autoupdate
  • 875d581 Make doc corrections for django channels (#2232)
  • 62ef502 Fix django unicode error (#2217)
  • 24e9065 Update the translatable strings.
  • 6139fd0 Update the transifex link for the project.
  • 35834f8 [pre-commit.ci] pre-commit autoupdate (#2226)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the major-updates group across 1 directory with 3 u…
396701b 
…pdates

Bumps the major-updates group with 3 updates in the / directory: [django](https://github.com/django/django), [black](https://github.com/psf/black) and [django-debug-toolbar](https://github.com/django-commons/django-debug-toolbar).


Updates `django` from 5.2.9 to 5.2.10
- [Commits](django/django@5.2.9...5.2.10)

Updates `black` from 25.12.0 to 26.1.0
- [Release notes](https://github.com/psf/black/releases)
- [Changelog](https://github.com/psf/black/blob/main/CHANGES.md)
- [Commits](psf/black@25.12.0...26.1.0)

Updates `django-debug-toolbar` from 5.2.0 to 6.1.0
- [Release notes](https://github.com/django-commons/django-debug-toolbar/releases)
- [Changelog](https://github.com/django-commons/django-debug-toolbar/blob/main/docs/changes.rst)
- [Commits](django-commons/django-debug-toolbar@5.2.0...6.1.0)

---
updated-dependencies:
- dependency-name: django
  dependency-version: 5.2.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: major-updates
- dependency-name: black
  dependency-version: 26.1.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: major-updates
- dependency-name: django-debug-toolbar
  dependency-version: 6.1.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: major-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Jan 19, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant