Bump the minor group across 1 directory with 4 updates

[dependabot]

Bumps the minor group with 4 updates in the / directory: icalendar, newrelic, requests and uvicorn.

Updates icalendar from 7.1.0 to 7.1.2

Release notes

Sourced from icalendar's releases.

v7.1.2

To view the changes, please see the Changelog. This release can be installed from PyPI.

v7.1.1

To view the changes, please see the Changelog. This release can be installed from PyPI.

Changelog

Sourced from icalendar's changelog.

7.1.2 (2026-05-22)

Bug fixes

- Replaced the recursive :meth:`Component.__repr__ <icalendar.cal.component.Component.__repr__>` implementation with an iterative stack-based walk so that deeply nested calendars no longer raise :exc:`RecursionError` when formatted via ``repr()``, ``str()``, or f-strings. The output format is unchanged for normally-shaped calendars. @gistrec (`Issue [#1370](https://github.com/collective/icalendar/issues/1370) <https://github.com/collective/icalendar/issues/1370>`_)
Documentation

• Update maintenance documentation. Fix the version switcher on "stable" on Read the Docs. @​stevepiercy (Issue [#1352](https://github.com/collective/icalendar/issues/1352) <https://github.com/collective/icalendar/issues/1352>_)

7.1.1 (2026-05-18)

New features

- Created an :attr:`~icalendar.prop.dt.period.vPeriod.ical_value` property for the :class:`~icalendar.prop.dt.period.vPeriod` component. @ZairKSM (`Issue [#876](https://github.com/collective/icalendar/issues/876) <https://github.com/collective/icalendar/issues/876>`_)
- Created a :meth:`~icalendar.prop.recur.weekday.vWeekday.ical_value` property for the :class:`~icalendar.prop.recur.weekday.vWeekday` component, mirroring the existing pattern on :class:`~icalendar.prop.boolean.vBoolean`. @mvanhorn (`Issue [#1360](https://github.com/collective/icalendar/issues/1360) <https://github.com/collective/icalendar/issues/1360>`_)
Bug fixes

- Strictly validate BINARY property values in :attr:`vBinary.from_ical() &lt;icalendar.prop.binary.vBinary.from_ical&gt;` and reject malformed Base64 input instead of silently accepting invalid characters. @uwezkhan (`Issue [#1349](https://github.com/collective/icalendar/issues/1349) &lt;https://github.com/collective/icalendar/issues/1349&gt;`_)
Documentation

</code></pre>

<ul>

<li>Replace the RFC quotations in the docstrings for :attr:<code>Alarm.REPEAT &lt;icalendar.cal.alarm.Alarm.REPEAT&gt;</code> and :attr:<code>Alarm.DURATION &lt;icalendar.cal.alarm.Alarm.DURATION&gt;</code> with Pythonic descriptions, including parameter notes, conformance references, and worked examples. <a href="https://github.com/tmchow&quot;&gt;&lt;code&gt;@​tmchow&lt;/code&gt;&lt;/a> (<code>Issue #1244 &lt;collective/icalendar#1244>

<li>Edited contributor documentation for how to add a change log entry, and maintenance documentation for how to process news fragments. <a href="https://github.com/stevepiercy&quot;&gt;&lt;code&gt;@​stevepiercy&lt;/code&gt;&lt;/a> (<code>Issue #1256 &lt;collective/icalendar#1256>

<li>Updated release process documentation. <a href="https://github.com/niccokunzmann&quot;&gt;&lt;code&gt;@​niccokunzmann&lt;/code&gt;&lt;/a> <a href="https://github.com/stevepiercy&quot;&gt;&lt;code&gt;@​stevepiercy&lt;/code&gt;&lt;/a> <a href="https://github.com/SashankBhamidi&quot;&gt;&lt;code&gt;@​SashankBhamidi&lt;/code&gt;&lt;/a> (<code>Issue #1293 &lt;collective/icalendar#1293>

</ul>

<p>Dependency changes</p>

<pre><code>

Added towncrier &amp;lt;https://pypi.org/project/towncrier/&amp;gt;_ to development dependencies. @stevepiercy (Issue [#1256](https://github.com/collective/icalendar/issues/1256) &amp;lt;https://github.com/collective/icalendar/issues/1256&amp;gt;_)

Internal changes



Switched from manual change log management to towncrier &lt;https://pypi.org/project/towncrier/&gt;_ to automate the process. @​stevepiercy (Issue [#1256](https://github.com/collective/icalendar/issues/1256) &lt;https://github.com/collective/icalendar/issues/1256&gt;_)
Bump PyPy from 3.10 to 3.11 for testing. @​stevepiercy (Issue [#1383](https://github.com/collective/icalendar/issues/1383) &lt;https://github.com/collective/icalendar/issues/1383&gt;_)

Commits

• f5494e3 Merge branch 'main' into 7.x
• 6ddbd95 version 7.1.2
• 6efe639 Update maintenance docs and fix version switcher for "stable" (#1393)
• 67d6ab9 Fix RecursionError in Component.repr on deeply nested calendars (Closes #...
• 8705729 Restore version warning banner for 'latest' on Read the Docs
• 8fccb3a Update version switcher for 7.1.1
• 79ddc3e Merge branch 'main' into 7.x
• 465936b version 7.1.1
• 39b8db8 Update release process (#1350)
• c343662 Switch to towncrier to automatically manage the change log (#1389)
• Additional commits viewable in compare view

Updates newrelic from 13.0.0 to 13.0.1

Release notes

Sourced from newrelic's releases.

v13.0.1

Notes

This release of the Python agent fixes a context propagation issue in LangChain and LangGraph, an OpenAI chat completion recording issue, and an issue when using OpenAI(https://pypi.org/project/openai) streaming through LiteLLM as a proxy.

Install the agent using easy_install/pip/distribute via the Python Package Index, using conda via the Conda-Forge Package Index, or download it directly from the New Relic download site.

Bugs

• Fix context propagation in LangChain and LangGraph

  • Adds additional transaction context propagation to LangChain and LangGraph to support a wider range of application structures.

• Fix an OpenAI chat completion recording issue

  • OpenAI reintroduced logic that closes the streaming response even if the consumer hasn't read all data. Previously, the chat completion data was only recorded when reaching the stream's end which resulted in chat completion data not being recorded at the closing of the stream. Logic has now been added to capture the chat completion data even if the stream has not been fully read.

• Fix an issue when using OpenAI streaming through LiteLLM as a proxy

  • Previously when using the OpenAI SDK connected through a LiteLLM proxy server it was possible to lose reporting of LLM response data due to a missing finish reason. This has been fixed, and the response should now always be recorded.

Support statement

We recommend updating to the latest agent version as soon as it's available. If you can't upgrade to the latest version, update your agents to a version no more than 90 days old. Read more about keeping agents up to date.

See the New Relic Python agent EOL policy for information about agent releases and support dates.

Commits

• 6e429d2 Fix LiteLLM OpenAI Streaming (#1738)
• 7faf2d9 Update trivyignore for CVEs in urllib3 (#1736)
• 2d92cd2 LangChain & LangGraph Transaction Context Propagation (#1733)
• cda82d1 OpenAI collect chat completion at done (#1727)
• See full diff in compare view

Updates requests from 2.34.1 to 2.34.2

Release notes

Sourced from requests's releases.

v2.34.2

2.34.2 (2026-05-14)

• Moved headers input type back to Mapping to avoid invariance issues with MutableMapping and inferred dict types. Users calling Request.headers.update() may need to narrow typing in their code. (#7441)

Full Changelog: https://github.com/psf/requests/blob/main/HISTORY.md#2342-2026-05-14

Changelog

Sourced from requests's changelog.

2.34.2 (2026-05-14)

• Moved headers input type back to Mapping to avoid invariance issues with MutableMapping and inferred dict types. Users calling Request.headers.update() may need to narrow typing in their code. (#7441)

Commits

• 6e83187 v2.34.2
• 84d10f0 Move Request.headers back to Mapping (#7441)
• See full diff in compare view

Updates uvicorn from 0.46.0 to 0.48.0

Release notes

Sourced from uvicorn's releases.

Version 0.48.0

What's Changed

• Default ssl_ciphers to None and use OpenSSL defaults by @​Kludex in Kludex/uvicorn#2940
• Ignore duplicate forwarding headers in ProxyHeadersMiddleware by @​Kludex in Kludex/uvicorn#2944

Full Changelog: Kludex/uvicorn@0.47.0...0.48.0

Version 0.47.0

What's Changed

• Eagerly import the ASGI app in the parent process by @​Kludex in Kludex/uvicorn#2919
• Add ssl_context_factory for custom SSLContext configuration by @​Kludex in Kludex/uvicorn#2920
• Treat fd=0 as a valid file descriptor with reload/workers by @​eltoder in Kludex/uvicorn#2927

Full Changelog: Kludex/uvicorn@0.46.0...0.47.0

Changelog

Sourced from uvicorn's changelog.

0.48.0 (May 24, 2026)

Changed

• Default ssl_ciphers to None and use OpenSSL defaults (#2940)

Fixed

• Ignore duplicate forwarding headers in ProxyHeadersMiddleware (#2944)

0.47.0 (May 14, 2026)

Added

• Add ssl_context_factory for custom SSLContext configuration (#2920)

Changed

• Eagerly import the ASGI app in the parent process (#2919)

Fixed

• Treat fd=0 as a valid file descriptor with reload/workers (#2927)

Commits

• 73e84e5 Version 0.48.0 (#2951)
• 45ea116 Ignore duplicate forwarding headers in ProxyHeadersMiddleware (#2944)
• dd4394c chore(deps): bump idna from 3.11 to 3.15 (#2941)
• abe0781 Default ssl_ciphers to None and use OpenSSL defaults (#2940)
• 479a2c0 Version 0.47.0 (#2937)
• 89347fd Add 7-day cooldown for dependency resolution via uv exclude-newer (#2936)
• 767315b Drop unused contents/actions permissions from zizmor workflow (#2935)
• f25ee43 chore(deps): bump urllib3 from 2.6.3 to 2.7.0 (#2933)
• 8782666 Fix typo in docs/deployment/index.md. (#2932)
• ad5ff87 Treat fd=0 as a valid file descriptor with reload/workers (#2927)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions