Skip to content

MAINT: Bump the minor-and-patch group across 1 directory with 8 updates#2202

Merged
romanlutz merged 4 commits into
mainfrom
dependabot/uv/minor-and-patch-b4116bff31
Jul 15, 2026
Merged

MAINT: Bump the minor-and-patch group across 1 directory with 8 updates#2202
romanlutz merged 4 commits into
mainfrom
dependabot/uv/minor-and-patch-b4116bff31

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 15, 2026

Copy link
Copy Markdown
Contributor

Bumps the minor-and-patch group with 8 updates in the / directory:

Package From To
openai 2.44.0 2.45.0
transformers 5.13.0 5.13.1
websockets 16.0 16.1
azure-ai-ml 1.34.0 1.34.1
sentencepiece 0.2.1 0.2.2
litellm 1.91.3 1.92.0
ty 0.0.57 0.0.59
ruff 0.15.20 0.15.21

Updates openai from 2.44.0 to 2.45.0

Release notes

Sourced from openai's releases.

v2.45.0

2.45.0 (2026-07-09)

Full Changelog: v2.44.0...v2.45.0

Features

  • api: gpt-5.6-sol updates (039d1fe)

Bug Fixes

  • api: restore beta resource accessors (2dfc130)

Chores

  • retrigger release automation (7b61351)
Changelog

Sourced from openai's changelog.

2.45.0 (2026-07-09)

Full Changelog: v2.44.0...v2.45.0

Features

  • api: gpt-5.6-sol updates (039d1fe)

Bug Fixes

  • api: restore beta resource accessors (2dfc130)

Chores

  • retrigger release automation (7b61351)
Commits

Updates transformers from 5.13.0 to 5.13.1

Release notes

Sourced from transformers's releases.

Patch release v5.13.1

This patch is focused on enabling transformers for the latest release of vllm!

  • Be more defensive with remap_legacy_layer_types for custom models (#47245) from @​hmellor
  • Fix custom code which doesn't know about the new linear layer type names (#47174) from @​hmellor
  • Fix case where _LazyAutoMapping.register is passed a str key (#47148) from @​hmellor
Commits
  • 4626421 v5.13.1
  • bef013c Be more defensive with remap_legacy_layer_types for custom models (#47245)
  • 8bbbe24 Fix custom code which doesn't know about the new linear layer type names (#47...
  • c782b84 Fix case where _LazyAutoMapping.register is passed a str key (#47148)
  • See full diff in compare view

Updates websockets from 16.0 to 16.1

Release notes

Sourced from websockets's releases.

16.1

See https://websockets.readthedocs.io/en/stable/project/changelog.html for details.

Commits
  • 4df6f90 Release version 16.1.
  • 7c69eca Increase timeout for building wheels.
  • 493864e Complete and review changelog.
  • 73ff538 Temporarily remove the trio implementation (again).
  • 77f7d71 Shorten changelog and docstring for previous commit.
  • 84859e1 Add text argument to broadcast() to force the frame type
  • 1a38f5a Document research on removing a workaround.
  • 99431ee Apply code style to docs/conf.py.
  • bf97b98 Fix typos in tests.
  • 21a3418 Fix typos in comments
  • Additional commits viewable in compare view

Updates azure-ai-ml from 1.34.0 to 1.34.1

Release notes

Sourced from azure-ai-ml's releases.

azure-ai-ml_1.34.1

1.34.1 (2026-07-15)

Bugs Fixed

  • Fixed datastore create failing with TypeError: Object of type Datastore is not JSON serializable. The datastore operation was migrated to the TypeSpec client while the datastore entity still produced a legacy msrest model; the request body is now serialized to its wire form before being sent, keeping the on-the-wire request unchanged.
  • Fixed BatchEndpoint defaults serialization regression where deployment_name was sent to the service as snake_case instead of camelCase (deploymentName), causing begin_create_or_update to fail with "Could not find member 'deployment_name' on object of type 'BatchEndpointDefaults'". Serialization now emits the correct camelCase wire format, while BatchEndpoint.defaults returned from get() continues to expose an object that supports attribute access (e.g. endpoint.defaults.deployment_name), preserving backward compatibility with existing code and samples.
Commits

Updates sentencepiece from 0.2.1 to 0.2.2

Release notes

Sourced from sentencepiece's releases.

v0.2.2

Release Notes v0.2.2

This release contains major updates, including the migration of the Python wrapper to pybind11, native NumPy support, enhanced offset mapping, performance optimizations, security hardening, and internal code modernization.

1. Python Wrapper (pybind11 Migration & Features)

  • SWIG to pybind11 Migration: Fully migrated the Python wrapper from SWIG to pybind11, enabling better performance, safer memory management, and cleaner code integration (#1266, Commit 528dc9e).
  • Native NumPy Support:
    • direct encode/decoder from/to numpy object
  • Enhanced Offset Mapping:
    • Added new offset mapping features supporting both Unicode character offsets and raw byte offsets.
    • Added bounds checking to prevent OOB reads in offset mapping (Commit c5b0ce0).
    • Fixed crash issues and OOB spans in alignment conversions (#1231, #1211).
  • Type Stubs (PEP 561): Added inline type stubs (.pyi files) and packaged PEP 561 marker to provide auto-completion and static type safety in IDEs (#1258, Commit 8b7f97b).
  • Parallel Encoding API: Introduced parallel_encode and ThreadPool APIs, allowing Python users to tokenize single large documents across multiple CPU cores in parallel (#1254, Commit 3c37c39).
  • Direct Proto Loading: Added support for loading processors and normalizers directly from in-memory Proto instances (Commit 12788ba).
  • Concurrency Enhancements: Added GIL release during C++ execution to improve multi-threaded Python performance (#1251, Commit 0a044ae).
  • BOS/EOS Behavior Hardening: Aligned BOS/EOS adding behavior with C++ constraints, raising explicit ValueError instead of silent failures or crashes (Commit 780618a).

2. Performance Optimizations

  • BPE Training Optimization: Ported O(log n) lazy priority queue update optimization to BPE trainer to speed up training (Commit 8db9878).
  • Encode/Decode Optimizations: Decoding/Encoding optimization for integer/string input case by skipping SentencePieceText conversion, resulting in ~2x speedup (Commit 4b9231b).
  • Unigram Pruning: Improved unigram pruning using token-normalized frequency calculations (#1135, Commit 1cd0c59).

3. Security & Hardening

  • Trie Validation at Load: Added verification of darts-clone trie offsets when loading models to prevent segfaults on corrupted or malicious model files (#1224, Commit 6b2f05d).
  • Bounds Checking in Maps: Added bounds checks to piece accessors and validated value offsets in DecompileCharsMap (#1265, Commit 82b7c6d).
  • Crash Prevention: Replaced internal CHECK macros with DCHECK or returned errors to prevent host application crashes on invalid inputs (Commit 66b2587).
  • Null Character Disallowment: Explicitly disallow vocabulary pieces containing null characters (Commit eb3ba49).
  • NBest Timeout: Implemented a global timeout for NBest A* search to prevent hangs on pathological inputs (Commit ba57749).

4. C++ API & Internals Modernization

  • Abseil Migration: Extensively migrated from custom utilities to Abseil primitives (#1270
  • Normalizer Maps: Supported loading normalizer from raw maps in C++ (#1273, Commit e476e5e).

5. Build & Packaging

  • Deprecate Win32 Wheels: Stopped support and distribution of 32-bit Windows wheels (win32) (Commit 24fd00c).
  • Modernized Python builds: Switched from calling setup.py directly to the standard pypa/build PEP 517 frontend (#1167, Commit f300c7d).
  • PEP 639 License: Added PEP 639 license metadata to pyproject.toml (#1173).

6. Documentation

  • API Cheat Sheet: Added comparison tables, zero-copy, and sampling comparison guides.
  • Refactored Options: Fully reorganized options.md and special_symbols.md with verified code examples.
Commits
  • e0cce7d Merge pull request #1279 from google/dependabot/github_actions/github-actions...
  • a9e2b5e Bump the github-actions group with 2 updates
  • 20ab5fb Fix Unigram float score overflow and NaN/Inf corruption
  • 1f1483c Add use_reserved_id_map parameter and control token merge tests
  • 69d8562 Add performance benchmark suite and reports
  • 24fd00c Stop support for Win32 wheels
  • 4b9231b Optimize Decode/Encode paths using absl::Span and add benchmarks
  • b91b764 Merge pull request #1277 from google/new_doc
  • e93413b Update documentation: Modernize README and merge CLI/Build guides
  • 7ce7669 Merge pull request #1276 from kkew3/fix-dockerfile-20260620
  • Additional commits viewable in compare view

Updates litellm from 1.91.3 to 1.92.0

Release notes

Sourced from litellm's releases.

v1.92.0

Verify Docker Image Signature

All LiteLLM Docker images are signed with cosign. Every release is signed with the same key introduced in commit 0112e53.

Verify using the pinned commit hash (recommended):

A commit hash is cryptographically immutable, so this is the strongest way to ensure you are using the original signing key:

cosign verify \
  --key https://raw.githubusercontent.com/BerriAI/litellm/0112e53046018d726492c814b3644b7d376029d0/cosign.pub \
  ghcr.io/berriai/litellm:v1.92.0

Verify using the release tag (convenience):

Tags are protected in this repository and resolve to the same key. This option is easier to read but relies on tag protection rules:

cosign verify \
  --key https://raw.githubusercontent.com/BerriAI/litellm/v1.92.0/cosign.pub \
  ghcr.io/berriai/litellm:v1.92.0

Expected output:

The following checks were performed on each of these signatures:
  - The cosign claims were validated
  - The signatures were verified against the specified public key

What's Changed

... (truncated)

Commits
  • b3086cc chore(release): backport 11 staging PRs onto patch-1.92.0rc2 for the 1.92.0 s...
  • 78c5618 Merge pull request #32554 from BerriAI/litellm_ui_rebuild_192rc1
  • 0f4f09f chore: update Next.js build artifacts (2026-07-08 23:23 UTC, node v20.20.2)
  • d2b4f49 Merge pull request #32553 from BerriAI/litellm_backport_patch_192rc1
  • 27b5cfd fix(otel): restore error.* span attributes on v2 error spans (LIT-4179) (#32524)
  • c5fa3a8 Merge pull request #32405 from BerriAI/litellm_kraken-remove-envref-gates
  • 8c8e4d0 fix(ui/mcp): do not reset in-flight OAuth resume when create modal mounts clo...
  • 2d35ea5 feat(otel): stamp gen_ai.response.time_to_first_chunk on streaming LLM spans ...
  • b5dee35 Merge pull request #32277 from BerriAI/litellm_/elated-noyce-6fc150
  • e1ec215 Merge pull request #32256 from BerriAI/litellm_bedrock_db_env_expansion
  • Additional commits viewable in compare view

Updates ty from 0.0.57 to 0.0.59

Release notes

Sourced from ty's releases.

0.0.59

Release Notes

Released on 2026-07-12.

Bug fixes

  • Guard descriptor classification cycles (#26690)
  • Respect init=False in dataclass field-order checks (#26749)
  • Avoid duplicate diagnostics for overloaded TypeIs (#26716)

Library support

  • Pydantic: Support custom __init__ methods (#26699)
  • Pydantic: Support field metadata in Annotated (#26650)

Core type checking

  • Allow unsound equality-based narrowing for builtins (#26414)
  • Bind Self in implicit dunder calls (#26711)
  • Correct protocol method receiver binding (#26701)
  • Exempt ParamSpec callables from the dunder descriptor heuristic (#26696)
  • Remove transitive TypeVar artifacts during collection inference (#26714)

LSP server

  • Avoid broad invalidation from file check eligibility (#26741)
  • Correct how we expand tabs in docstrings (#26679)
  • Resolve ambiguity in Google-style docstring parsing in favour of observations from popular projects (#26673)

CLI

  • Avoid allocation for every stdout write (#26698)
  • Buffer diagnostic output (#26702)

Performance

  • Cache generic context (#26745)
  • Cache known class instances (#26746)
  • Reuse common TypedDict constraints through intersections (#26747)
  • Use purpose-specific types for completion and module text (#26664)

Contributors

... (truncated)

Changelog

Sourced from ty's changelog.

0.0.59

Released on 2026-07-12.

Bug fixes

  • Guard descriptor classification cycles (#26690)
  • Respect init=False in dataclass field-order checks (#26749)
  • Avoid duplicate diagnostics for overloaded TypeIs (#26716)

Library support

  • Pydantic: Support custom __init__ methods (#26699)
  • Pydantic: Support field metadata in Annotated (#26650)

Core type checking

  • Allow unsound equality-based narrowing for builtins (#26414)
  • Bind Self in implicit dunder calls (#26711)
  • Correct protocol method receiver binding (#26701)
  • Exempt ParamSpec callables from the dunder descriptor heuristic (#26696)
  • Remove transitive TypeVar artifacts during collection inference (#26714)

LSP server

  • Avoid broad invalidation from file check eligibility (#26741)
  • Correct how we expand tabs in docstrings (#26679)
  • Resolve ambiguity in Google-style docstring parsing in favour of observations from popular projects (#26673)

CLI

  • Avoid allocation for every stdout write (#26698)
  • Buffer diagnostic output (#26702)

Performance

  • Cache generic context (#26745)
  • Cache known class instances (#26746)
  • Reuse common TypedDict constraints through intersections (#26747)
  • Use purpose-specific types for completion and module text (#26664)

Contributors

... (truncated)

Commits

Updates ruff from 0.15.20 to 0.15.21

Release notes

Sourced from ruff's releases.

0.15.21

Release Notes

Released on 2026-07-09.

Preview features

  • Add --add-ignore for adding ruff:ignore comments (#26346)
  • [flake8-comprehensions] Drop C409 tuple comprehension preview behavior (#25707)
  • Avoid whitespace normalization when formatting comments (#26455)
  • [pyupgrade] Lint and fix use of deprecated abc decorators (UP051) (#26417)

Bug fixes

  • Refine non-empty f-string detection (#26526)
  • Detect syntax errors in individual notebook cells (#26419)
  • [flake8-implicit-str-concat] Fix ISC003 autofix incorrectly stripping + from comments (#26554)

Rule changes

  • [flake8-executable] Mark EXE004 fix as unsafe (#26033)
  • [flake8-pyi] Mark PYI061 fixes as unsafe in Python files (#26533)
  • [pydocstyle] Skip overload-with-docstring in stub files (D418) (#26318)

Performance

  • Avoid per-token source index visitor calls (#26506)
  • Cache parenthesized expression boundaries in the formatter (#26344)
  • Improve performance of rendering edits in preview mode (#26565)
  • Inline fits_element in formatter (#26429)
  • Inline formatter printing hot paths (#26504)
  • Lazily create builtin bindings (#26510)
  • Skip empty trivia scans in the source indexer (#26507)
  • Use ICF for macOS release builds (#25780)

Formatter

  • Add --extend-exclude to ruff format (#26372)

Documentation

  • Add "How does Ruff's import sorting compare to isort?" link to README (#26530)
  • Fix Mozilla Firefox repository link in README (#26537)
  • [flake8-bandit] Fix misleading docstring for mako-templates (S702) (#26432)
  • [ruff] Fix non-triggering example for if-key-in-dict-del (RUF051) (#26433)

Contributors

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.21

Released on 2026-07-09.

Preview features

  • Add --add-ignore for adding ruff:ignore comments (#26346)
  • [flake8-comprehensions] Drop C409 tuple comprehension preview behavior (#25707)
  • Avoid whitespace normalization when formatting comments (#26455)
  • [pyupgrade] Lint and fix use of deprecated abc decorators (UP051) (#26417)

Bug fixes

  • Refine non-empty f-string detection (#26526)
  • Detect syntax errors in individual notebook cells (#26419)
  • [flake8-implicit-str-concat] Fix ISC003 autofix incorrectly stripping + from comments (#26554)

Rule changes

  • [flake8-executable] Mark EXE004 fix as unsafe (#26033)
  • [flake8-pyi] Mark PYI061 fixes as unsafe in Python files (#26533)
  • [pydocstyle] Skip overload-with-docstring in stub files (D418) (#26318)

Performance

  • Avoid per-token source index visitor calls (#26506)
  • Cache parenthesized expression boundaries in the formatter (#26344)
  • Improve performance of rendering edits in preview mode (#26565)
  • Inline fits_element in formatter (#26429)
  • Inline formatter printing hot paths (#26504)
  • Lazily create builtin bindings (#26510)
  • Skip empty trivia scans in the source indexer (#26507)
  • Use ICF for macOS release builds (#25780)

Formatter

  • Add --extend-exclude to ruff format (#26372)

Documentation

  • Add "How does Ruff's import sorting compare to isort?" link to README (#26530)
  • Fix Mozilla Firefox repository link in README (#26537)
  • [flake8-bandit] Fix misleading docstring for mako-templates (S702) (#26432)
  • [ruff] Fix non-triggering example for if-key-in-dict-del (RUF051) (#26433)

Contributors

... (truncated)

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Jul 15, 2026
Bumps the minor-and-patch group with 8 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [openai](https://github.com/openai/openai-python) | `2.44.0` | `2.45.0` |
| [transformers](https://github.com/huggingface/transformers) | `5.13.0` | `5.13.1` |
| [websockets](https://github.com/python-websockets/websockets) | `16.0` | `16.1` |
| [azure-ai-ml](https://github.com/Azure/azure-sdk-for-python) | `1.34.0` | `1.34.1` |
| [sentencepiece](https://github.com/google/sentencepiece) | `0.2.1` | `0.2.2` |
| [litellm](https://github.com/BerriAI/litellm) | `1.91.3` | `1.92.0` |
| [ty](https://github.com/astral-sh/ty) | `0.0.57` | `0.0.59` |
| [ruff](https://github.com/astral-sh/ruff) | `0.15.20` | `0.15.21` |



Updates `openai` from 2.44.0 to 2.45.0
- [Release notes](https://github.com/openai/openai-python/releases)
- [Changelog](https://github.com/openai/openai-python/blob/main/CHANGELOG.md)
- [Commits](openai/openai-python@v2.44.0...v2.45.0)

Updates `transformers` from 5.13.0 to 5.13.1
- [Release notes](https://github.com/huggingface/transformers/releases)
- [Commits](huggingface/transformers@v5.13.0...v5.13.1)

Updates `websockets` from 16.0 to 16.1
- [Release notes](https://github.com/python-websockets/websockets/releases)
- [Commits](python-websockets/websockets@16.0...16.1)

Updates `azure-ai-ml` from 1.34.0 to 1.34.1
- [Release notes](https://github.com/Azure/azure-sdk-for-python/releases)
- [Commits](Azure/azure-sdk-for-python@azure-ai-ml_1.34.0...azure-ai-ml_1.34.1)

Updates `sentencepiece` from 0.2.1 to 0.2.2
- [Release notes](https://github.com/google/sentencepiece/releases)
- [Commits](google/sentencepiece@v0.2.1...v0.2.2)

Updates `litellm` from 1.91.3 to 1.92.0
- [Release notes](https://github.com/BerriAI/litellm/releases)
- [Commits](BerriAI/litellm@v1.91.3...v1.92.0)

Updates `ty` from 0.0.57 to 0.0.59
- [Release notes](https://github.com/astral-sh/ty/releases)
- [Changelog](https://github.com/astral-sh/ty/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ty@0.0.57...0.0.59)

Updates `ruff` from 0.15.20 to 0.15.21
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.20...0.15.21)

---
updated-dependencies:
- dependency-name: azure-ai-ml
  dependency-version: 1.34.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: litellm
  dependency-version: 1.92.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: openai
  dependency-version: 2.45.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: ruff
  dependency-version: 0.15.21
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: sentencepiece
  dependency-version: 0.2.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: transformers
  dependency-version: 5.13.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: ty
  dependency-version: 0.0.59
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: websockets
  dependency-version: '16.1'
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title MAINT: Bump the minor-and-patch group with 8 updates MAINT: Bump the minor-and-patch group across 1 directory with 8 updates Jul 15, 2026
@dependabot dependabot Bot force-pushed the dependabot/uv/minor-and-patch-b4116bff31 branch from 8725375 to ff7d719 Compare July 15, 2026 13:58
Copilot AI and others added 3 commits July 15, 2026 09:21
Dependabot bumped the litellm ceiling to <1.93.0, which resolved
litellm 1.92.0. Starting at 1.92.0, litellm replaced its universal
py3-none-any wheel with manylinux-only wheels backed by a Rust (PyO3)
extension that has no Windows/macOS wheels and fails to build via
maturin on Python 3.14, breaking every main-job across all platforms.

Restore the <1.92.0 cap (as the existing comment documents) and re-lock,
pinning litellm back to 1.91.3. The other 7 group updates (azure-ai-ml,
openai, ruff, sentencepiece, transformers, ty, websockets) are kept.

Co-authored-by: Copilot App <223556219+Copilot@users.noreply.github.com>
Copilot-Session: fa9f2da2-2ad5-4a8d-9175-6007695725c8
Co-authored-by: Copilot App <223556219+Copilot@users.noreply.github.com>

Copilot-Session: fa9f2da2-2ad5-4a8d-9175-6007695725c8
@romanlutz romanlutz enabled auto-merge July 15, 2026 17:13
@romanlutz romanlutz added this pull request to the merge queue Jul 15, 2026
Merged via the queue into main with commit bae493e Jul 15, 2026
49 checks passed
@romanlutz romanlutz deleted the dependabot/uv/minor-and-patch-b4116bff31 branch July 15, 2026 17:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants