From 120c6e8fdaf2aca4fca67d4bb1e9723c2baeb461 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 7 Jan 2026 21:59:13 +0000 Subject: [PATCH 1/3] Bump virtualenv from 20.35.4 to 20.36.0 (#11929) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.35.4 to 20.36.0.
Release notes

Sourced from virtualenv's releases.

20.36.0

What's Changed

New Contributors

Full Changelog: https://github.com/pypa/virtualenv/compare/20.35.3...20.36.0

Changelog

Sourced from virtualenv's changelog.

v20.36.0 (2026-01-07)

Features - 20.36.0

- Add support for PEP 440 version specifiers in the
``--python`` flag. Users can now specify Python versions using operators
like ``>=``, ``<=``, ``~=``, etc. For example: ``virtualenv
--python=">=3.12" myenv`` `. (:issue:`2994`)
Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=virtualenv&package-manager=pip&previous-version=20.35.4&new-version=20.36.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- requirements/constraints.txt | 2 +- requirements/dev.txt | 2 +- requirements/lint.txt | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/requirements/constraints.txt b/requirements/constraints.txt index bc17d007bbe..34c3b16b795 100644 --- a/requirements/constraints.txt +++ b/requirements/constraints.txt @@ -275,7 +275,7 @@ uvloop==0.21.0 ; platform_system != "Windows" # -r requirements/lint.in valkey==6.1.1 # via -r requirements/lint.in -virtualenv==20.35.4 +virtualenv==20.36.0 # via pre-commit wait-for-it==2.3.0 # via -r requirements/test-common.in diff --git a/requirements/dev.txt b/requirements/dev.txt index af8f14884b8..f4c5716158b 100644 --- a/requirements/dev.txt +++ b/requirements/dev.txt @@ -265,7 +265,7 @@ uvloop==0.21.0 ; platform_system != "Windows" and implementation_name == "cpytho # -r requirements/lint.in valkey==6.1.1 # via -r requirements/lint.in -virtualenv==20.35.4 +virtualenv==20.36.0 # via pre-commit wait-for-it==2.3.0 # via -r requirements/test-common.in diff --git a/requirements/lint.txt b/requirements/lint.txt index 6e5bcd57027..8dbd0e97146 100644 --- a/requirements/lint.txt +++ b/requirements/lint.txt @@ -123,7 +123,7 @@ uvloop==0.21.0 ; platform_system != "Windows" # via -r requirements/lint.in valkey==6.1.1 # via -r requirements/lint.in -virtualenv==20.35.4 +virtualenv==20.36.0 # via pre-commit zlib-ng==1.0.0 # via -r requirements/lint.in From b3a67ce0489221b1b542bef23dc4280ddbcbda6e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 7 Jan 2026 22:17:43 +0000 Subject: [PATCH 2/3] Bump pathspec from 0.12.1 to 1.0.1 (#11931) Bumps [pathspec](https://github.com/cpburnz/python-pathspec) from 0.12.1 to 1.0.1.
Release notes

Sourced from pathspec's releases.

v1.0.1

Release v1.0.1. See CHANGES.rst.

v1.0.0

Release v1.0.0. See CHANGES.rst.

Changelog

Sourced from pathspec's changelog.

1.0.1 (2026-01-06)

Bug fixes:

  • Issue [#100](https://github.com/cpburnz/python-pathspec/issues/100)_: ValueError(f"{patterns=!r} cannot be empty.") when using black.

.. _Issue [#100](https://github.com/cpburnz/python-pathspec/issues/100): cpburnz/python-pathspec#100

1.0.0 (2026-01-05)

Major changes:

  • Issue [#91](https://github.com/cpburnz/python-pathspec/issues/91)_: Dropped support of EoL Python 3.8.
  • Added concept of backends to allow for faster regular expression matching. The backend can be controlled using the backend argument to PathSpec(), PathSpec.from_lines(), GitIgnoreSpec(), and GitIgnoreSpec.from_lines().
  • Renamed "gitwildmatch" pattern back to "gitignore". The "gitignore" pattern behaves slightly differently when used with PathSpec (gitignore as documented) than with GitIgnoreSpec (replicates Git's edge cases).

API changes:

  • Breaking: protected method pathspec.pathspec.PathSpec._match_file() (with a leading underscore) has been removed and replaced by backends. This does not affect normal usage of PathSpec or GitIgnoreSpec. Only custom subclasses will be affected. If this breaks your usage, let me know by opening an issue <https://github.com/cpburnz/python-pathspec/issues>_.
  • Deprecated: "gitwildmatch" is now an alias for "gitignore".
  • Deprecated: pathspec.patterns.GitWildMatchPattern is now an alias for pathspec.patterns.gitignore.spec.GitIgnoreSpecPattern.
  • Deprecated: pathspec.patterns.gitwildmatch module has been replaced by the pathspec.patterns.gitignore package.
  • Deprecated: pathspec.patterns.gitwildmatch.GitWildMatchPattern is now an alias for pathspec.patterns.gitignore.spec.GitIgnoreSpecPattern.
  • Deprecated: pathspec.patterns.gitwildmatch.GitWildMatchPatternError is now an alias for pathspec.patterns.gitignore.GitIgnorePatternError.
  • Removed: pathspec.patterns.gitwildmatch.GitIgnorePattern has been deprecated since v0.4 (2016-07-15).
  • Signature of method pathspec.pattern.RegexPattern.match_file() has been changed from def match_file(self, file: str) -> RegexMatchResult | None to def match_file(self, file: AnyStr) -> RegexMatchResult | None to reflect usage.
  • Signature of class method pathspec.pattern.RegexPattern.pattern_to_regex() has been changed from def pattern_to_regex(cls, pattern: str) -> tuple[str, bool] to def pattern_to_regex(cls, pattern: AnyStr) -> tuple[AnyStr | None, bool | None] to reflect usage and documentation.

New features:

  • Added optional "hyperscan" backend using hyperscan_ library. It will automatically be used when installed. This dependency can be installed with pip install 'pathspec[hyperscan]'.
  • Added optional "re2" backend using the google-re2_ library. It will automatically be used when installed. This dependency can be installed with pip install 'pathspec[re2]'.
  • Added optional dependency on typing-extensions_ library to improve some type hints.

Bug fixes:

  • Issue [#93](https://github.com/cpburnz/python-pathspec/issues/93)_: Do not remove leading spaces.
  • Issue [#95](https://github.com/cpburnz/python-pathspec/issues/95)_: Matching for files inside folder does not seem to behave like .gitignore's.
  • Issue [#98](https://github.com/cpburnz/python-pathspec/issues/98)_: UnboundLocalError in RegexPattern when initialized with pattern=None.
  • Type hint on return value of pathspec.pattern.RegexPattern.match_file() to match documentation.

Improvements:

  • Mark Python 3.13 and 3.14 as supported.
  • No-op patterns are now filtered out when matching files, slightly improving performance.
  • Fix performance regression in iter_tree_files() from v0.10.

... (truncated)

Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pathspec&package-manager=pip&previous-version=0.12.1&new-version=1.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- requirements/constraints.txt | 2 +- requirements/dev.txt | 2 +- requirements/lint.txt | 2 +- requirements/test-common.txt | 2 +- requirements/test-ft.txt | 2 +- requirements/test.txt | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/requirements/constraints.txt b/requirements/constraints.txt index 34c3b16b795..336066ef65e 100644 --- a/requirements/constraints.txt +++ b/requirements/constraints.txt @@ -130,7 +130,7 @@ packaging==25.0 # pytest # sphinx # wheel -pathspec==0.12.1 +pathspec==1.0.1 # via mypy pip-tools==7.5.2 # via -r requirements/dev.in diff --git a/requirements/dev.txt b/requirements/dev.txt index f4c5716158b..12b53ac1bb3 100644 --- a/requirements/dev.txt +++ b/requirements/dev.txt @@ -127,7 +127,7 @@ packaging==25.0 # pytest # sphinx # wheel -pathspec==0.12.1 +pathspec==1.0.1 # via mypy pip-tools==7.5.2 # via -r requirements/dev.in diff --git a/requirements/lint.txt b/requirements/lint.txt index 8dbd0e97146..0b51d045f79 100644 --- a/requirements/lint.txt +++ b/requirements/lint.txt @@ -57,7 +57,7 @@ nodeenv==1.10.0 # via pre-commit packaging==25.0 # via pytest -pathspec==0.12.1 +pathspec==1.0.1 # via mypy platformdirs==4.5.1 # via virtualenv diff --git a/requirements/test-common.txt b/requirements/test-common.txt index 4e43eef94a7..765a593b8b8 100644 --- a/requirements/test-common.txt +++ b/requirements/test-common.txt @@ -46,7 +46,7 @@ mypy-extensions==1.1.0 # via mypy packaging==25.0 # via pytest -pathspec==0.12.1 +pathspec==1.0.1 # via mypy pkgconfig==1.5.5 # via -r requirements/test-common.in diff --git a/requirements/test-ft.txt b/requirements/test-ft.txt index ce93a299424..2a9c4905bab 100644 --- a/requirements/test-ft.txt +++ b/requirements/test-ft.txt @@ -73,7 +73,7 @@ packaging==25.0 # via # gunicorn # pytest -pathspec==0.12.1 +pathspec==1.0.1 # via mypy pkgconfig==1.5.5 # via -r requirements/test-common.in diff --git a/requirements/test.txt b/requirements/test.txt index abc1622c14f..86302ed12a5 100644 --- a/requirements/test.txt +++ b/requirements/test.txt @@ -73,7 +73,7 @@ packaging==25.0 # via # gunicorn # pytest -pathspec==0.12.1 +pathspec==1.0.1 # via mypy pkgconfig==1.5.5 # via -r requirements/test-common.in From b84c71e16ad3985a4835133385091617f11845ea Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 7 Jan 2026 22:20:51 +0000 Subject: [PATCH 3/3] Bump urllib3 from 2.6.2 to 2.6.3 in /requirements in the pip group across 1 directory (#11932) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps the pip group with 1 update in the /requirements directory: [urllib3](https://github.com/urllib3/urllib3). Updates `urllib3` from 2.6.2 to 2.6.3
Release notes

Sourced from urllib3's releases.

2.6.3

🚀 urllib3 is fundraising for HTTP/2 support

urllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects please consider contributing financially to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.

Thank you for your support.

Changes

  • Fixed a security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were followed. (CVE-2026-21441 reported by @​D47A, 8.9 High, GHSA-38jv-5279-wg99)
  • Started treating Retry-After times greater than 6 hours as 6 hours by default. (urllib3/urllib3#3743)
  • Fixed urllib3.connection.VerifiedHTTPSConnection on Emscripten. (urllib3/urllib3#3752)
Changelog

Sourced from urllib3's changelog.

2.6.3 (2026-01-07)

  • Fixed a high-severity security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were followed. (GHSA-38jv-5279-wg99 <https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99>__)
  • Started treating Retry-After times greater than 6 hours as 6 hours by default. ([#3743](https://github.com/urllib3/urllib3/issues/3743) <https://github.com/urllib3/urllib3/issues/3743>__)
  • Fixed urllib3.connection.VerifiedHTTPSConnection on Emscripten. ([#3752](https://github.com/urllib3/urllib3/issues/3752) <https://github.com/urllib3/urllib3/issues/3752>__)
Commits
  • 0248277 Release 2.6.3
  • 8864ac4 Merge commit from fork
  • 70cecb2 Fix Scorecard issues related to vulnerable dev dependencies (#3755)
  • 41f249a Move "v2.0 Migration Guide" to the end of the table of contents (#3747)
  • fd4dffd Patch VerifiedHTTPSConnection for Emscripten (#3752)
  • 13f0bfd Handle massive values in Retry-After when calculating time to sleep for (#3743)
  • 8c480bf Bump actions/upload-artifact from 5.0.0 to 6.0.0 (#3748)
  • 4b40616 Bump actions/cache from 4.3.0 to 5.0.1 (#3750)
  • 82b8479 Bump actions/download-artifact from 6.0.0 to 7.0.0 (#3749)
  • 34284cb Mention experimental features in the security policy (#3746)
  • Additional commits viewable in compare view

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=2.6.2&new-version=2.6.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/aio-libs/aiohttp/network/alerts).
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- requirements/constraints.txt | 112 +++++++++++++++++----------------- requirements/dev.txt | 106 ++++++++++++++++---------------- requirements/doc-spelling.txt | 12 ++-- requirements/doc.txt | 10 +-- 4 files changed, 120 insertions(+), 120 deletions(-) diff --git a/requirements/constraints.txt b/requirements/constraints.txt index 336066ef65e..55431f06c06 100644 --- a/requirements/constraints.txt +++ b/requirements/constraints.txt @@ -6,34 +6,34 @@ # aiodns==3.6.1 # via - # -r requirements/lint.in - # -r requirements/runtime-deps.in + # -r lint.in + # -r runtime-deps.in aiohappyeyeballs==2.6.1 - # via -r requirements/runtime-deps.in + # via -r runtime-deps.in aiohttp-theme==0.1.7 - # via -r requirements/doc.in + # via -r doc.in aiosignal==1.4.0 - # via -r requirements/runtime-deps.in + # via -r runtime-deps.in alabaster==1.0.0 # via sphinx annotated-types==0.7.0 # via pydantic async-timeout==5.0.1 ; python_version < "3.11" # via - # -r requirements/runtime-deps.in + # -r runtime-deps.in # valkey babel==2.17.0 # via sphinx backports-zstd==1.3.0 ; implementation_name == "cpython" # via - # -r requirements/lint.in - # -r requirements/runtime-deps.in + # -r lint.in + # -r runtime-deps.in blockbuster==1.5.26 # via - # -r requirements/lint.in - # -r requirements/test-common.in + # -r lint.in + # -r test-common.in brotli==1.2.0 ; platform_python_implementation == "CPython" - # via -r requirements/runtime-deps.in + # via -r runtime-deps.in build==1.3.0 # via pip-tools certifi==2026.1.4 @@ -55,12 +55,12 @@ click==8.3.1 # wait-for-it coverage==7.13.1 # via - # -r requirements/test-common.in + # -r test-common.in # pytest-cov cryptography==46.0.3 # via trustme cython==3.2.4 - # via -r requirements/cython.in + # via -r cython.in distlib==0.4.0 # via virtualenv docutils==0.21.2 @@ -75,14 +75,14 @@ forbiddenfruit==0.1.4 # via blockbuster freezegun==1.5.5 # via - # -r requirements/lint.in - # -r requirements/test-common.in + # -r lint.in + # -r test-common.in frozenlist==1.8.0 # via - # -r requirements/runtime-deps.in + # -r runtime-deps.in # aiosignal gunicorn==23.0.0 - # via -r requirements/base.in + # via -r base.in identify==2.6.15 # via pre-commit idna==3.7 @@ -96,8 +96,8 @@ iniconfig==2.3.0 # via pytest isal==1.7.2 ; python_version < "3.14" # via - # -r requirements/lint.in - # -r requirements/test-common.in + # -r lint.in + # -r test-common.in jinja2==3.1.6 # via # sphinx @@ -112,13 +112,13 @@ mdurl==0.1.2 # via markdown-it-py multidict==6.7.0 # via - # -r requirements/multidict.in - # -r requirements/runtime-deps.in + # -r multidict.in + # -r runtime-deps.in # yarl mypy==1.19.1 ; implementation_name == "cpython" # via - # -r requirements/lint.in - # -r requirements/test-common.in + # -r lint.in + # -r test-common.in mypy-extensions==1.1.0 # via mypy nodeenv==1.10.0 @@ -133,9 +133,9 @@ packaging==25.0 pathspec==1.0.1 # via mypy pip-tools==7.5.2 - # via -r requirements/dev.in + # via -r dev.in pkgconfig==1.5.5 - # via -r requirements/test-common.in + # via -r test-common.in platformdirs==4.5.1 # via virtualenv pluggy==1.6.0 @@ -143,15 +143,15 @@ pluggy==1.6.0 # pytest # pytest-cov pre-commit==4.5.1 - # via -r requirements/lint.in + # via -r lint.in propcache==0.4.1 # via - # -r requirements/runtime-deps.in + # -r runtime-deps.in # yarl proxy-py==2.4.10 # via - # -r requirements/lint.in - # -r requirements/test-common.in + # -r lint.in + # -r test-common.in pycares==4.11.0 # via aiodns pycparser==2.23 @@ -173,30 +173,30 @@ pyproject-hooks==1.2.0 # pip-tools pytest==9.0.2 # via - # -r requirements/lint.in - # -r requirements/test-common.in + # -r lint.in + # -r test-common.in # pytest-codspeed # pytest-cov # pytest-mock # pytest-xdist pytest-codspeed==4.2.0 # via - # -r requirements/lint.in - # -r requirements/test-common.in + # -r lint.in + # -r test-common.in pytest-cov==7.0.0 - # via -r requirements/test-common.in + # via -r test-common.in pytest-mock==3.15.1 # via - # -r requirements/lint.in - # -r requirements/test-common.in + # -r lint.in + # -r test-common.in pytest-xdist==3.8.0 - # via -r requirements/test-common.in + # via -r test-common.in python-dateutil==2.9.0.post0 # via freezegun python-on-whales==0.79.0 # via - # -r requirements/lint.in - # -r requirements/test-common.in + # -r lint.in + # -r test-common.in pyyaml==6.0.3 # via pre-commit requests==2.32.5 @@ -206,16 +206,16 @@ requests==2.32.5 rich==14.2.0 # via pytest-codspeed setuptools-git==1.2 - # via -r requirements/test-common.in + # via -r test-common.in six==1.17.0 # via python-dateutil slotscheck==0.19.1 - # via -r requirements/lint.in + # via -r lint.in snowballstemmer==3.0.1 # via sphinx sphinx==8.1.3 # via - # -r requirements/doc.in + # -r doc.in # sphinxcontrib-spelling # sphinxcontrib-towncrier sphinxcontrib-applehelp==2.0.0 @@ -231,9 +231,9 @@ sphinxcontrib-qthelp==2.0.0 sphinxcontrib-serializinghtml==2.0.0 # via sphinx sphinxcontrib-spelling==8.0.2 ; platform_system != "Windows" - # via -r requirements/doc-spelling.in + # via -r doc-spelling.in sphinxcontrib-towncrier==0.5.0a0 - # via -r requirements/doc.in + # via -r doc.in tomli==2.3.0 # via # build @@ -246,15 +246,15 @@ tomli==2.3.0 # towncrier towncrier==25.8.0 # via - # -r requirements/doc.in + # -r doc.in # sphinxcontrib-towncrier trustme==1.2.1 ; platform_machine != "i686" # via - # -r requirements/lint.in - # -r requirements/test-common.in + # -r lint.in + # -r test-common.in typing-extensions==4.15.0 ; python_version < "3.13" # via - # -r requirements/runtime-deps.in + # -r runtime-deps.in # aiosignal # cryptography # exceptiongroup @@ -267,26 +267,26 @@ typing-extensions==4.15.0 ; python_version < "3.13" # virtualenv typing-inspection==0.4.2 # via pydantic -urllib3==2.6.2 +urllib3==2.6.3 # via requests uvloop==0.21.0 ; platform_system != "Windows" # via - # -r requirements/base.in - # -r requirements/lint.in + # -r base.in + # -r lint.in valkey==6.1.1 - # via -r requirements/lint.in + # via -r lint.in virtualenv==20.36.0 # via pre-commit wait-for-it==2.3.0 - # via -r requirements/test-common.in + # via -r test-common.in wheel==0.46.0 # via pip-tools yarl==1.22.0 - # via -r requirements/runtime-deps.in + # via -r runtime-deps.in zlib-ng==1.0.0 # via - # -r requirements/lint.in - # -r requirements/test-common.in + # -r lint.in + # -r test-common.in # The following packages are considered to be unsafe in a requirements file: pip==25.3 diff --git a/requirements/dev.txt b/requirements/dev.txt index 12b53ac1bb3..b7c272e5414 100644 --- a/requirements/dev.txt +++ b/requirements/dev.txt @@ -6,34 +6,34 @@ # aiodns==3.6.1 # via - # -r requirements/lint.in - # -r requirements/runtime-deps.in + # -r lint.in + # -r runtime-deps.in aiohappyeyeballs==2.6.1 - # via -r requirements/runtime-deps.in + # via -r runtime-deps.in aiohttp-theme==0.1.7 - # via -r requirements/doc.in + # via -r doc.in aiosignal==1.4.0 - # via -r requirements/runtime-deps.in + # via -r runtime-deps.in alabaster==1.0.0 # via sphinx annotated-types==0.7.0 # via pydantic async-timeout==5.0.1 ; python_version < "3.11" # via - # -r requirements/runtime-deps.in + # -r runtime-deps.in # valkey babel==2.17.0 # via sphinx backports-zstd==1.3.0 ; platform_python_implementation == "CPython" and python_version < "3.14" # via - # -r requirements/lint.in - # -r requirements/runtime-deps.in + # -r lint.in + # -r runtime-deps.in blockbuster==1.5.26 # via - # -r requirements/lint.in - # -r requirements/test-common.in + # -r lint.in + # -r test-common.in brotli==1.2.0 ; platform_python_implementation == "CPython" - # via -r requirements/runtime-deps.in + # via -r runtime-deps.in build==1.3.0 # via pip-tools certifi==2026.1.4 @@ -55,7 +55,7 @@ click==8.3.1 # wait-for-it coverage==7.13.1 # via - # -r requirements/test-common.in + # -r test-common.in # pytest-cov cryptography==46.0.3 # via trustme @@ -73,14 +73,14 @@ forbiddenfruit==0.1.4 # via blockbuster freezegun==1.5.5 # via - # -r requirements/lint.in - # -r requirements/test-common.in + # -r lint.in + # -r test-common.in frozenlist==1.8.0 # via - # -r requirements/runtime-deps.in + # -r runtime-deps.in # aiosignal gunicorn==23.0.0 - # via -r requirements/base.in + # via -r base.in identify==2.6.15 # via pre-commit idna==3.7 @@ -94,8 +94,8 @@ iniconfig==2.3.0 # via pytest isal==1.7.2 ; python_version < "3.14" # via - # -r requirements/lint.in - # -r requirements/test-common.in + # -r lint.in + # -r test-common.in jinja2==3.1.6 # via # sphinx @@ -110,12 +110,12 @@ mdurl==0.1.2 # via markdown-it-py multidict==6.7.0 # via - # -r requirements/runtime-deps.in + # -r runtime-deps.in # yarl mypy==1.19.1 ; implementation_name == "cpython" # via - # -r requirements/lint.in - # -r requirements/test-common.in + # -r lint.in + # -r test-common.in mypy-extensions==1.1.0 # via mypy nodeenv==1.10.0 @@ -130,9 +130,9 @@ packaging==25.0 pathspec==1.0.1 # via mypy pip-tools==7.5.2 - # via -r requirements/dev.in + # via -r dev.in pkgconfig==1.5.5 - # via -r requirements/test-common.in + # via -r test-common.in platformdirs==4.5.1 # via virtualenv pluggy==1.6.0 @@ -140,15 +140,15 @@ pluggy==1.6.0 # pytest # pytest-cov pre-commit==4.5.1 - # via -r requirements/lint.in + # via -r lint.in propcache==0.4.1 # via - # -r requirements/runtime-deps.in + # -r runtime-deps.in # yarl proxy-py==2.4.10 # via - # -r requirements/lint.in - # -r requirements/test-common.in + # -r lint.in + # -r test-common.in pycares==4.11.0 # via aiodns pycparser==2.23 @@ -168,30 +168,30 @@ pyproject-hooks==1.2.0 # pip-tools pytest==9.0.2 # via - # -r requirements/lint.in - # -r requirements/test-common.in + # -r lint.in + # -r test-common.in # pytest-codspeed # pytest-cov # pytest-mock # pytest-xdist pytest-codspeed==4.2.0 # via - # -r requirements/lint.in - # -r requirements/test-common.in + # -r lint.in + # -r test-common.in pytest-cov==7.0.0 - # via -r requirements/test-common.in + # via -r test-common.in pytest-mock==3.15.1 # via - # -r requirements/lint.in - # -r requirements/test-common.in + # -r lint.in + # -r test-common.in pytest-xdist==3.8.0 - # via -r requirements/test-common.in + # via -r test-common.in python-dateutil==2.9.0.post0 # via freezegun python-on-whales==0.79.0 # via - # -r requirements/lint.in - # -r requirements/test-common.in + # -r lint.in + # -r test-common.in pyyaml==6.0.3 # via pre-commit requests==2.32.5 @@ -199,16 +199,16 @@ requests==2.32.5 rich==14.2.0 # via pytest-codspeed setuptools-git==1.2 - # via -r requirements/test-common.in + # via -r test-common.in six==1.17.0 # via python-dateutil slotscheck==0.19.1 - # via -r requirements/lint.in + # via -r lint.in snowballstemmer==3.0.1 # via sphinx sphinx==8.1.3 # via - # -r requirements/doc.in + # -r doc.in # sphinxcontrib-towncrier sphinxcontrib-applehelp==2.0.0 # via sphinx @@ -223,7 +223,7 @@ sphinxcontrib-qthelp==2.0.0 sphinxcontrib-serializinghtml==2.0.0 # via sphinx sphinxcontrib-towncrier==0.5.0a0 - # via -r requirements/doc.in + # via -r doc.in tomli==2.3.0 # via # build @@ -236,15 +236,15 @@ tomli==2.3.0 # towncrier towncrier==25.8.0 # via - # -r requirements/doc.in + # -r doc.in # sphinxcontrib-towncrier trustme==1.2.1 ; platform_machine != "i686" # via - # -r requirements/lint.in - # -r requirements/test-common.in + # -r lint.in + # -r test-common.in typing-extensions==4.15.0 ; python_version < "3.13" # via - # -r requirements/runtime-deps.in + # -r runtime-deps.in # aiosignal # cryptography # exceptiongroup @@ -257,26 +257,26 @@ typing-extensions==4.15.0 ; python_version < "3.13" # virtualenv typing-inspection==0.4.2 # via pydantic -urllib3==2.6.2 +urllib3==2.6.3 # via requests uvloop==0.21.0 ; platform_system != "Windows" and implementation_name == "cpython" # via - # -r requirements/base.in - # -r requirements/lint.in + # -r base.in + # -r lint.in valkey==6.1.1 - # via -r requirements/lint.in + # via -r lint.in virtualenv==20.36.0 # via pre-commit wait-for-it==2.3.0 - # via -r requirements/test-common.in + # via -r test-common.in wheel==0.46.0 # via pip-tools yarl==1.22.0 - # via -r requirements/runtime-deps.in + # via -r runtime-deps.in zlib-ng==1.0.0 # via - # -r requirements/lint.in - # -r requirements/test-common.in + # -r lint.in + # -r test-common.in # The following packages are considered to be unsafe in a requirements file: pip==25.3 diff --git a/requirements/doc-spelling.txt b/requirements/doc-spelling.txt index 8da572fdca4..e78b5d2df62 100644 --- a/requirements/doc-spelling.txt +++ b/requirements/doc-spelling.txt @@ -5,7 +5,7 @@ # pip-compile --allow-unsafe --output-file=requirements/doc-spelling.txt --strip-extras requirements/doc-spelling.in # aiohttp-theme==0.1.7 - # via -r requirements/doc.in + # via -r doc.in alabaster==1.0.0 # via sphinx babel==2.17.0 @@ -42,7 +42,7 @@ snowballstemmer==3.0.1 # via sphinx sphinx==8.1.3 # via - # -r requirements/doc.in + # -r doc.in # sphinxcontrib-spelling # sphinxcontrib-towncrier sphinxcontrib-applehelp==2.0.0 @@ -58,16 +58,16 @@ sphinxcontrib-qthelp==2.0.0 sphinxcontrib-serializinghtml==2.0.0 # via sphinx sphinxcontrib-spelling==8.0.2 ; platform_system != "Windows" - # via -r requirements/doc-spelling.in + # via -r doc-spelling.in sphinxcontrib-towncrier==0.5.0a0 - # via -r requirements/doc.in + # via -r doc.in tomli==2.3.0 # via # sphinx # towncrier towncrier==25.8.0 # via - # -r requirements/doc.in + # -r doc.in # sphinxcontrib-towncrier -urllib3==2.6.2 +urllib3==2.6.3 # via requests diff --git a/requirements/doc.txt b/requirements/doc.txt index 1309e2cf11e..cf3baf2019d 100644 --- a/requirements/doc.txt +++ b/requirements/doc.txt @@ -5,7 +5,7 @@ # pip-compile --allow-unsafe --output-file=requirements/doc.txt --resolver=backtracking --strip-extras requirements/doc.in # aiohttp-theme==0.1.7 - # via -r requirements/doc.in + # via -r doc.in alabaster==1.0.0 # via sphinx babel==2.17.0 @@ -38,7 +38,7 @@ snowballstemmer==3.0.1 # via sphinx sphinx==8.1.3 # via - # -r requirements/doc.in + # -r doc.in # sphinxcontrib-towncrier sphinxcontrib-applehelp==2.0.0 # via sphinx @@ -53,14 +53,14 @@ sphinxcontrib-qthelp==2.0.0 sphinxcontrib-serializinghtml==2.0.0 # via sphinx sphinxcontrib-towncrier==0.5.0a0 - # via -r requirements/doc.in + # via -r doc.in tomli==2.3.0 # via # sphinx # towncrier towncrier==25.8.0 # via - # -r requirements/doc.in + # -r doc.in # sphinxcontrib-towncrier -urllib3==2.6.2 +urllib3==2.6.3 # via requests