Skip to content

Bump the python-dependencies group with 22 updates#754

Merged
github-actions[bot] merged 1 commit into
mainfrom
dependabot/pip/python-dependencies-6e939aa87c
Jul 1, 2026
Merged

Bump the python-dependencies group with 22 updates#754
github-actions[bot] merged 1 commit into
mainfrom
dependabot/pip/python-dependencies-6e939aa87c

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown
Contributor

Bumps the python-dependencies group with 22 updates:

Package From To
certifi 2026.5.20 2026.6.17
click 8.4.1 8.4.2
coverage 7.14.1 7.14.3
cssbeautifier 1.15.4 2.0.3
distlib 0.4.2 0.4.3
django-stubs 6.0.5 6.0.6
django-stubs-ext 6.0.5 6.0.6
djlint 1.39.0 1.40.0
filelock 3.29.1 3.29.4
jsbeautifier 1.15.4 2.0.3
json5 0.14.0 0.15.0
librt 0.11.0 0.12.0
nh3 0.3.5 0.3.6
pytest 9.0.3 9.1.1
python-discovery 1.4.0 1.4.2
regex 2026.5.9 2026.6.28
ruff 0.15.16 0.15.20
tqdm 4.68.2 4.68.3
virtualenv 21.4.2 21.5.1
griffelib 2.0.2 2.1.0
mkdocstrings-python 2.0.4 2.0.5
pymdown-extensions 10.21.3 11.0

Updates certifi from 2026.5.20 to 2026.6.17

Commits

Updates click from 8.4.1 to 8.4.2

Release notes

Sourced from click's releases.

8.4.2

This is the Click 8.4.1 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/click/8.4.2/ Changes: https://click.palletsprojects.com/page/changes/#version-8-4-2 Milestone: https://github.com/pallets/click/milestone/34

  • Fix Fish shell completion broken in 8.4.0 by #3126. Newlines and tabs in option help text are now escaped, keeping the original completion format while still supporting multi-line help. #3502 #3043 #3504 #3508
  • Deprecated commands and options with empty or missing help text no longer render a stray leading space before the (DEPRECATED) label. #3509
  • A {class}Group with invoke_without_command=True marks its subcommand as optional in the usage help, showing [COMMAND] instead of COMMAND. #3059 #3507
  • echo_via_pager flushes after each write, so passing a generator streams output to the pager incrementally instead of staying hidden until the pipe buffer fills. #3242 #2542 #3534
  • echo_via_pager and get_pager_file no longer close a borrowed stdout stream when no external pager runs, completing the partial I/O operation on closed file fix from #3482. #3449 #3533
  • Fix CLI usage symopsis for optional arguments producing double square brackets [[a|b|c]]... whose type already brackets their metavar. #3578
  • {func}version_option resolves a package_name that does not match an installed distribution as an import (top-level module) name via {func}importlib.metadata.packages_distributions. Packages whose top-level module name differs from their distribution name (PIL vs Pillow, jwt vs PyJWT) no longer raise RuntimeError out of the box. #2331 #1884 #3125 #3582
Changelog

Sourced from click's changelog.

Version 8.4.2

Released 2026-06-24

  • Fix Fish shell completion broken in 8.4.0 by {pr}3126. Newlines and tabs in option help text are now escaped, keeping the original completion format while still supporting multi-line help. {issue}3502 {issue}3043 {pr}3504 {pr}3508
  • Deprecated commands and options with empty or missing help text no longer render a stray leading space before the (DEPRECATED) label. {pr}3509
  • A {class}Group with invoke_without_command=True marks its subcommand as optional in the usage help, showing [COMMAND] instead of COMMAND. {issue}3059 {pr}3507
  • echo_via_pager flushes after each write, so passing a generator streams output to the pager incrementally instead of staying hidden until the pipe buffer fills. {issue}3242 {issue}2542 {pr}3534
  • echo_via_pager and get_pager_file no longer close a borrowed stdout stream when no external pager runs, completing the partial I/O operation on closed file fix from {pr}3482. {issue}3449 {pr}3533
  • Fix CLI usage symopsis for optional arguments producing double square brackets [[a|b|c]]... whose type already brackets their metavar. {pr}3578
  • {func}version_option resolves a package_name that does not match an installed distribution as an import (top-level module) name via {func}importlib.metadata.packages_distributions. Packages whose top-level module name differs from their distribution name (PIL vs Pillow, jwt vs PyJWT) no longer raise RuntimeError out of the box. {issue}2331 {issue}1884 {issue}3125 {pr}3582
Commits
  • b2e30a1 Release version 8.4.2
  • 7a16b20 Fix package_name resolution when module differs from distribution name (#3582)
  • bec5928 Fix package_name resolution when top-level module differs from distribution...
  • 916883a Fix tests to not rely on -Wdefault option (#3591)
  • 09195f6 Fix double-bracketing of choices in synopsis (#3578)
  • 1557e26 Check for warning exception with idiomatic context manager
  • d9ff133 Static typing improvements in click.shell_completion (#3460)
  • 762c97e Fix double-bracketing of choices in synopsis
  • 8929d39 Convert changes to markdown. (#3559)
  • 237be50 Move changes headings down a level.
  • Additional commits viewable in compare view

Updates coverage from 7.14.1 to 7.14.3

Changelog

Sourced from coverage's changelog.

Version 7.14.3 — 2026-06-22

  • Fix: the default ... exclusion rule now also matches function bodies whose closing return-type bracket is on its own line (for example, after a long -> dict[ ... ] annotation that a formatter has split over multiple lines). Closes issue 2185, thanks Mengjia Shang <pull 2196_>.

  • Fix: On 3.13t, we incorrectly issued Couldn't import C tracer errors. We can't import the C tracer because in 7.14.2 we stopped shipping compiled wheels for 3.13t. Thanks, Hugo van Kemenade <pull 2203_>_.

.. _issue 2185: coveragepy/coveragepy#2185 .. _pull 2196: coveragepy/coveragepy#2196 .. _pull 2203: coveragepy/coveragepy#2203

.. _changes_7-14-2:

Version 7.14.2 — 2026-06-20

  • Fix: some messages were being written to stdout, making coverage json -o - useless for capturing JSON output. Now messages are written to stderr, fixing issue 2197_.

  • Fix: CoverageData kept one SQLite connection per thread that recorded coverage, but never closed them when those threads terminated. On long runs with many short-lived threads this leaked one file descriptor per dead thread, eventually failing with OSError: [Errno 24] Too many open files. Connections belonging to terminated threads are now closed and dropped. Fixes issue 2192. Thanks, Matthew Lloyd <pull 2193_>.

  • Fix: when using sys.monitoring, we were assuming we could use the COVERAGE_ID tool id. But other tools might also assume they could use that id. Pre-allocated ids don't really make sense, so now we search for a usable one instead. Fixes issue 2187_.

  • Following the advice of cibuildwheel <no-13t_>_, we no longer distribute wheels for Python 3.13 free-threaded.

.. _issue 2187: coveragepy/coveragepy#2187 .. _issue 2192: coveragepy/coveragepy#2192 .. _pull 2193: coveragepy/coveragepy#2193 .. _issue 2197: coveragepy/coveragepy#2197 .. _no-13t: https://py-free-threading.github.io/ci/#building-free-threaded-wheels-with-cibuildwheel

.. _changes_7-14-1:

Commits
  • 22f13ea docs: sample HTML for 7.14.3
  • 2ca4e5f docs: prep for 7.14.3
  • 01d714e docs: add changelog entry for #2203
  • f36248d fix: don't emit 'Couldn't import C tracer' warning for 3.13t (#2203)
  • 86d73d1 docs: thanks, Mengjia Shang
  • 3d4ae3c docs: add the #2196 pr link to CHANGES
  • f4b2b4d fix: exclude ... bodies after multi-line return-type annotations (#2185) (#...
  • 1980ed0 chore: bump sigstore/gh-action-sigstore-python (#2201)
  • bca3217 build: since we don't ship 3.13t, don't test it
  • 77550d8 docs: oops, mismatched pull requests
  • Additional commits viewable in compare view

Updates cssbeautifier from 1.15.4 to 2.0.3

Release notes

Sourced from cssbeautifier's releases.

v2.0.1 🌈

What's Changed

Full Changelog: beautifier/js-beautify@v2.0.0...v2.0.1

What's Changed

New Contributors

... (truncated)

Changelog

Sourced from cssbeautifier's changelog.

v2.0.3

v2.0.1

  • Removed all usage of six and dropped support for Python 2. (#2374)
  • Move minimum version to Nodejs v22.x (#2363)
  • Bump nopt from 7.2.1 to 8.1.0 (#2361)
  • Fix minor crash for certain oddly formed *.js files (#2128)
Commits
  • 20ff725 Merge remote-tracking branch 'origin/staging/main' into staging/release
  • 0f4a267 Bump version numbers for 2.0.3
  • 49e88a1 Update Changelog
  • c19eddd Merge remote-tracking branch 'origin/main' into staging/main
  • 6808b3d Update milestone-publish.yml with production environment
  • b82ec44 Release: 2.0.2
  • 733c76b Merge remote-tracking branch 'origin/staging/main' into staging/release
  • 50121b7 Bump version numbers for 2.0.2
  • 4007b0c Update Changelog
  • a847aa3 Update milestone-publish.yml with npm OIDC
  • Additional commits viewable in compare view

Updates distlib from 0.4.2 to 0.4.3

Changelog

Sourced from distlib's changelog.

0.4.3


Released: 2026-06-12
  • resources

    • Removed too-restrictive check for escaping resources.
Commits
  • 3f4a377 Changes for 0.4.3.
  • 5ee19e6 Relax too-strict escaping check for resources.
  • f0e3d1a Bump version.
  • 06e010d Add upper version limit for setuptools for build, to keep metadata version to...
  • 8b5aa55 Added tag 0.4.2 for changeset 5295c0ceb419
  • See full diff in compare view

Updates django-stubs from 6.0.5 to 6.0.6

Commits

Updates django-stubs-ext from 6.0.5 to 6.0.6

Commits

Updates djlint from 1.39.0 to 1.40.0

Release notes

Sourced from djlint's releases.

v1.40.0

Feature

  • Add single_attribute_per_line to wrap attributes in a Prettier-like layout using the configured indent.

v1.39.7

Fix

  • Preserve Jinja template comments inside formatted <script> and <style> blocks.

v1.39.6

Fix

  • Avoid false H025 reports for HTML-like strings inside template tags.
  • Preserve Jinja template tags inside formatted <script> and <style> blocks.

Packaging

  • Revise the minimum required dependency versions:
    • click raised from 8.0.1 to 8.2.0
    • cssbeautifier lowered from 1.14.4 to 1.13.0
    • jsbeautifier lowered from 1.14.4 to 1.13.0
    • json5 raised from 0.9.11 to 0.10.0
    • pathspec lowered from 0.12 to 0.9.0
    • pyyaml lowered from 6 to 5.1
    • regex lowered from 2023 to 2021.8.21
    • tomli is lowered from 2.0.1 to 0.2.0

v1.39.5

Fix

  • Return 1 when no files match the requested lint or format run.
  • Make --check - return 1 when formatting changes are needed.
  • Keep progress output off stdin runs.

Performance

  • Defer runtime-only imports until the CLI code paths that need them.
  • Process stdin formatting in memory instead of creating a temporary file.
  • Avoid creating an executor when a run only has one worker.

v1.39.4

Fix

  • Fix crashes in mypyc-compiled wheels.

v1.39.3

Fix

  • Use Click instead of tqdm for progress output, send progress to stderr, respect --quiet, and honor NO_COLOR. Remove direct colorama and tqdm dependencies now that Click handles CLI colors and progress.

... (truncated)

Changelog

Sourced from djlint's changelog.

[1.40.0] - 2026-07-01

Feature

  • Add single_attribute_per_line to wrap attributes in a Prettier-like layout using the configured indent.

[1.39.7] - 2026-06-30

Fix

  • Preserve Jinja template comments inside formatted <script> and <style> blocks.

[1.39.6] - 2026-06-30

Fix

  • Avoid false H025 reports for HTML-like strings inside template tags.
  • Preserve Jinja template tags inside formatted <script> and <style> blocks.

Packaging

  • Revise the minimum required dependency versions:
    • click raised from 8.0.1 to 8.2.0
    • cssbeautifier lowered from 1.14.4 to 1.13.0
    • jsbeautifier lowered from 1.14.4 to 1.13.0
    • json5 raised from 0.9.11 to 0.10.0
    • pathspec lowered from 0.12 to 0.9.0
    • pyyaml lowered from 6 to 5.1
    • regex lowered from 2023 to 2021.8.21
    • tomli is lowered from 2.0.1 to 0.2.0

[1.39.5] - 2026-06-29

Fix

  • Return 1 when no files match the requested lint or format run.
  • Make --check - return 1 when formatting changes are needed.
  • Keep progress output off stdin runs.

Performance

  • Defer runtime-only imports until the CLI code paths that need them.
  • Process stdin formatting in memory instead of creating a temporary file.
  • Avoid creating an executor when a run only has one worker.

[1.39.4] - 2026-06-24

Fix

  • Fix crashes in mypyc-compiled wheels.

... (truncated)

Commits
  • c345224 chore: reformat
  • 1726366 v1.40.0
  • d7f7e79 feat(formatter): add single-attribute-per-line wrapping option
  • b0edf00 chore(deps): update dependency prettier to v3.9.1 (#2166)
  • 0fb2474 v1.39.7
  • 1e2f18b fix: preserve Jinja comments in formatted script/style blocks
  • 461ce5a chore(deps): lock file maintenance (#2165)
  • 06feff0 chore(deps): update untitaker/hyperlink action to v0.3.2 (#2164)
  • b309b76 chore: remove RUF076 from ruff
  • 16e80c7 v1.39.6
  • Additional commits viewable in compare view

Updates filelock from 3.29.1 to 3.29.4

Release notes

Sourced from filelock's releases.

3.29.4

What's Changed

Full Changelog: tox-dev/filelock@3.29.3...3.29.4

3.29.3

What's Changed

Full Changelog: tox-dev/filelock@3.29.2...3.29.3

3.29.2

What's Changed

Full Changelog: tox-dev/filelock@3.29.1...3.29.2

Changelog

Sourced from filelock's changelog.

########### Changelog ###########


3.29.4 (2026-06-13)


  • keep the read/write heartbeat alive on a transient touch error :pr:562 - by :user:dxbjavid
  • verify inode in break_lock_file before unlinking a stale lock :pr:561 - by :user:dxbjavid

3.29.3 (2026-06-10)


  • 🐛 fix(ci): restore release environment on tag job :pr:559
  • validate pid range in _parse_lock_holder :pr:556 - by :user:dxbjavid
  • 🔧 ci(release): publish to PyPI on tag push :pr:557
  • build(deps): bump astral-sh/setup-uv from 8.1.0 to 8.2.0 :pr:558 - by :user:dependabot[bot]

3.29.2 (2026-06-10)


  • build(deps): bump actions/checkout from 6.0.2 to 6.0.3 :pr:555 - by :user:dependabot[bot]
  • [pre-commit.ci] pre-commit autoupdate :pr:554 - by :user:pre-commit-ci[bot]
  • check hostname in is_lock_held_by_us :pr:553 - by :user:dxbjavid
  • 🔒 fix(soft): harden stale-lock breaking and self-heal malformed locks :pr:551
  • open marker reads non-blocking to refuse attacker-placed fifo :pr:549 - by :user:dxbjavid

3.29.1 (2026-06-03)


  • 🐛 fix(soft): refuse to follow symlinks when reading the lock file :pr:548 - by :user:dxbjavid
  • [pre-commit.ci] pre-commit autoupdate :pr:547 - by :user:pre-commit-ci[bot]
  • [pre-commit.ci] pre-commit autoupdate :pr:546 - by :user:pre-commit-ci[bot]
  • chore: improve filelock maintenance path :pr:545 - by :user:lphuc2250gma
  • chore: improve filelock maintenance path :pr:544 - by :user:lphuc2250gma
  • chore: improve filelock maintenance path :pr:542 - by :user:lphuc2250gma
  • docs: clarify per-thread scope of FileLock configuration :pr:543 - by :user:Gares95
  • [pre-commit.ci] pre-commit autoupdate :pr:541 - by :user:pre-commit-ci[bot]
  • docs: fix API docs of release() :pr:540 - by :user:MrAnno
  • [pre-commit.ci] pre-commit autoupdate :pr:539 - by :user:pre-commit-ci[bot]
  • [pre-commit.ci] pre-commit autoupdate :pr:538 - by :user:pre-commit-ci[bot]
  • [pre-commit.ci] pre-commit autoupdate :pr:537 - by :user:pre-commit-ci[bot]
  • build(deps): bump astral-sh/setup-uv from 8.0.0 to 8.1.0 :pr:536 - by :user:dependabot[bot]
  • [pre-commit.ci] pre-commit autoupdate :pr:535 - by :user:pre-commit-ci[bot]

... (truncated)

Commits
  • f3c11c0 Release 3.29.4
  • 5d663ee keep the read/write heartbeat alive on a transient touch error (#562)
  • 406d0a2 verify inode in break_lock_file before unlinking a stale lock (#561)
  • 85e73d7 🐛 fix(ci): publish from release.yaml on tag push (#560)
  • f86dcb1 Release 3.29.3
  • 643bdbe 🐛 fix(ci): restore release environment on tag job (#559)
  • 7a8f74a validate pid range in _parse_lock_holder (#556)
  • d1d49a0 🔧 ci(release): publish to PyPI on tag push (#557)
  • b37e162 build(deps): bump astral-sh/setup-uv from 8.1.0 to 8.2.0 (#558)
  • d9216de Release 3.29.2
  • Additional commits viewable in compare view

Updates jsbeautifier from 1.15.4 to 2.0.3

Commits

Updates json5 from 0.14.0 to 0.15.0

Commits
  • 77f686d Update dependencies and bump to version 0.15.0.
  • d235a0d Parse signed hexadecimal literals instead of raising (#113)
  • 59a4f85 Fix typo in docstring of the loads function (#112)
  • 4d57adb Update signatures of loads and parse to include return types (#108)
  • See full diff in compare view

Updates librt from 0.11.0 to 0.12.0

Commits

Updates nh3 from 0.3.5 to 0.3.6

Release notes

Sourced from nh3's releases.

v0.3.6

What's Changed

Full Changelog: messense/nh3@v0.3.5...v0.3.6

Commits
  • bea70df Bump version to 0.3.6
  • 788cee2 Expose ammonia's url_relative policy via url_relative kwarg (#131)
  • e76a81a Bump pyo3 from 0.28.3 to 0.29.0 (#130)
  • 8ec45a3 Add nh3.escape alias for clean_text (#127)
  • a1e0226 Document tag_attribute_values as alternate to attributes (#126)
  • 389fb79 Validate clean_content_tags conflict with tags (#125)
  • 61aad5a Bump uraimo/run-on-arch-action in the github-actions group (#124)
  • See full diff in compare view

Updates pytest from 9.0.3 to 9.1.1

Release notes

Sourced from pytest's releases.

9.1.1

pytest 9.1.1 (2026-06-19)

Bug fixes

  • #14220: Fixed a logic bug in pytest.RaisesGroup which would might cause it to display incorrect "It matches FooError() which was paired with BarError" messages.
  • #14591: Fixed a regression in pytest 9.1.0 which caused overriding a parametrized fixture with an indirect @​pytest.mark.parametrize to fail with "duplicate parametrization of '<fixture name>'".
  • #14606: Fixed list-item typing errors from mypy in @pytest.mark.parametrize <pytest.mark.parametrize ref> argvalues parameter.
  • #14608: Fixed a regression in pytest 9.1.0 where conftest.py files located in <invocation dir>/test* were no longer loaded as initial conftests when invoked without arguments. This could cause certain hooks (like pytest_addoption) in these files to not fire.

9.1.0

pytest 9.1.0 (2026-06-13)

Removals and backward incompatible breaking changes

  • #14533: When using --doctest-modules, autouse fixtures with module, package or session scope that are defined inline in Python test modules (not plugins or conftests) will now possibly execute twice.

    If this is undesirable, move the fixture definition to a conftest.py file if possible.

    Technical explanation for those interested: When using --doctest-modules, pytest possibly collects Python modules twice, once as pytest.Module and once as a DoctestModule (depending on the configuration). Due to improvements in pytest's fixture implementation, if e.g. the DoctestModule collects a fixture, it is now visible to it only, and not to the Module. This means that both need to register the fixtures independently.

Deprecations (removal in next major release)

  • #10819: Added a deprecation warning for class-scoped fixtures defined as instance methods (without @classmethod). Such fixtures set attributes on a different instance than the test methods use, leading to unexpected behavior. Use @classmethod decorator instead -- by yastcher.

    See 10819 and 14011.

  • #12882: Calling request.getfixturevalue() <pytest.FixtureRequest.getfixturevalue> during teardown to request a fixture that was not already requested is now deprecated and will become an error in pytest 10.

    See dynamic-fixture-request-during-teardown for details.

  • #13409: Using non-~collections.abc.Collection iterables (such as generators, iterators, or custom iterable objects) for the argvalues parameter in @pytest.mark.parametrize <pytest.mark.parametrize ref> and metafunc.parametrize <pytest.Metafunc.parametrize> is now deprecated.

    These iterables get exhausted after the first iteration, leading to tests getting unexpectedly skipped in cases such as running pytest.main() multiple times, using class-level parametrize decorators, or collecting tests multiple times.

    See parametrize-iterators for details and suggestions.

  • #13946: The private config.inicfg attribute is now deprecated. Use config.getini() <pytest.Config.getini> to access configuration values instead.

    See config-inicfg for more details.

  • #14004: Passing baseid to ~pytest.FixtureDef or nodeid strings to fixture registration APIs is now deprecated. These are internal pytest APIs that are used by some plugins.

... (truncated)

Commits
  • cf470ec Prepare release version 9.1.1
  • e0c8ce6 Merge pull request #14625 from pytest-dev/patchback/backports/9.1.x/a07c31a97...
  • 1b82d16 Merge pull request #14624 from pytest-dev/patchback/backports/9.1.x/b375b79ec...
  • 501c4bc Merge pull request #14596 from bluetech/doc-classmethod
  • b61f588 Merge pull request #14622 from chrisburr/fix-14608-initial-conftest-test-subdir
  • 9a567e0 [automated] Update plugin list (#14617) (#14618)
  • ef8b299 Merge pull request #14620 from pytest-dev/patchback/backports/9.1.x/680f9f3ed...
  • 66abd07 Merge pull request #14220 from bysiber/fix-stale-iexp-raisesgroup
  • 79fbf93 Merge pull request #14612 from pytest-dev/patchback/backports/9.1.x/974ed48b6...
  • 0d312eb Merge pull request #14611 from bluetech/parametrize-argvalues-typing
  • Additional commits viewable in compare view

Updates python-discovery from 1.4.0 to 1.4.2

Release notes

Sourced from

Bumps the python-dependencies group with 22 updates:

| Package | From | To |
| --- | --- | --- |
| [certifi](https://github.com/certifi/python-certifi) | `2026.5.20` | `2026.6.17` |
| [click](https://github.com/pallets/click) | `8.4.1` | `8.4.2` |
| [coverage](https://github.com/coveragepy/coveragepy) | `7.14.1` | `7.14.3` |
| [cssbeautifier](https://github.com/beautifier/js-beautify) | `1.15.4` | `2.0.3` |
| [distlib](https://github.com/pypa/distlib) | `0.4.2` | `0.4.3` |
| [django-stubs](https://github.com/typeddjango/django-stubs) | `6.0.5` | `6.0.6` |
| [django-stubs-ext](https://github.com/typeddjango/django-stubs) | `6.0.5` | `6.0.6` |
| [djlint](https://github.com/djlint/djLint) | `1.39.0` | `1.40.0` |
| [filelock](https://github.com/tox-dev/py-filelock) | `3.29.1` | `3.29.4` |
| [jsbeautifier](https://github.com/ghost6991/Jsbeautifier) | `1.15.4` | `2.0.3` |
| [json5](https://github.com/dpranke/pyjson5) | `0.14.0` | `0.15.0` |
| [librt](https://github.com/mypyc/librt) | `0.11.0` | `0.12.0` |
| [nh3](https://github.com/messense/nh3) | `0.3.5` | `0.3.6` |
| [pytest](https://github.com/pytest-dev/pytest) | `9.0.3` | `9.1.1` |
| [python-discovery](https://github.com/tox-dev/python-discovery) | `1.4.0` | `1.4.2` |
| [regex](https://github.com/mrabarnett/mrab-regex) | `2026.5.9` | `2026.6.28` |
| [ruff](https://github.com/astral-sh/ruff) | `0.15.16` | `0.15.20` |
| [tqdm](https://github.com/tqdm/tqdm) | `4.68.2` | `4.68.3` |
| [virtualenv](https://github.com/pypa/virtualenv) | `21.4.2` | `21.5.1` |
| griffelib | `2.0.2` | `2.1.0` |
| [mkdocstrings-python](https://github.com/mkdocstrings/python) | `2.0.4` | `2.0.5` |
| [pymdown-extensions](https://github.com/facelessuser/pymdown-extensions) | `10.21.3` | `11.0` |


Updates `certifi` from 2026.5.20 to 2026.6.17
- [Commits](certifi/python-certifi@2026.05.20...2026.06.17)

Updates `click` from 8.4.1 to 8.4.2
- [Release notes](https://github.com/pallets/click/releases)
- [Changelog](https://github.com/pallets/click/blob/main/CHANGES.md)
- [Commits](pallets/click@8.4.1...8.4.2)

Updates `coverage` from 7.14.1 to 7.14.3
- [Release notes](https://github.com/coveragepy/coveragepy/releases)
- [Changelog](https://github.com/coveragepy/coveragepy/blob/main/CHANGES.rst)
- [Commits](coveragepy/coveragepy@7.14.1...7.14.3)

Updates `cssbeautifier` from 1.15.4 to 2.0.3
- [Release notes](https://github.com/beautifier/js-beautify/releases)
- [Changelog](https://github.com/beautifier/js-beautify/blob/v2.0.3/CHANGELOG.md)
- [Commits](beautifier/js-beautify@v1.15.4...v2.0.3)

Updates `distlib` from 0.4.2 to 0.4.3
- [Release notes](https://github.com/pypa/distlib/releases)
- [Changelog](https://github.com/pypa/distlib/blob/master/CHANGES.rst)
- [Commits](pypa/distlib@0.4.2...0.4.3)

Updates `django-stubs` from 6.0.5 to 6.0.6
- [Release notes](https://github.com/typeddjango/django-stubs/releases)
- [Commits](typeddjango/django-stubs@6.0.5...6.0.6)

Updates `django-stubs-ext` from 6.0.5 to 6.0.6
- [Release notes](https://github.com/typeddjango/django-stubs/releases)
- [Commits](typeddjango/django-stubs@6.0.5...6.0.6)

Updates `djlint` from 1.39.0 to 1.40.0
- [Release notes](https://github.com/djlint/djLint/releases)
- [Changelog](https://github.com/djlint/djLint/blob/master/CHANGELOG.md)
- [Commits](djlint/djLint@v1.39.0...v1.40.0)

Updates `filelock` from 3.29.1 to 3.29.4
- [Release notes](https://github.com/tox-dev/py-filelock/releases)
- [Changelog](https://github.com/tox-dev/filelock/blob/main/docs/changelog.rst)
- [Commits](tox-dev/filelock@3.29.1...3.29.4)

Updates `jsbeautifier` from 1.15.4 to 2.0.3
- [Commits](https://github.com/ghost6991/Jsbeautifier/commits)

Updates `json5` from 0.14.0 to 0.15.0
- [Commits](dpranke/pyjson5@v0.14.0...v0.15.0)

Updates `librt` from 0.11.0 to 0.12.0
- [Commits](mypyc/librt@v0.11.0...v0.12.0)

Updates `nh3` from 0.3.5 to 0.3.6
- [Release notes](https://github.com/messense/nh3/releases)
- [Commits](messense/nh3@v0.3.5...v0.3.6)

Updates `pytest` from 9.0.3 to 9.1.1
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](pytest-dev/pytest@9.0.3...9.1.1)

Updates `python-discovery` from 1.4.0 to 1.4.2
- [Release notes](https://github.com/tox-dev/python-discovery/releases)
- [Changelog](https://github.com/tox-dev/python-discovery/blob/main/docs/changelog.rst)
- [Commits](tox-dev/python-discovery@1.4.0...1.4.2)

Updates `regex` from 2026.5.9 to 2026.6.28
- [Changelog](https://github.com/mrabarnett/mrab-regex/blob/hg/changelog.txt)
- [Commits](mrabarnett/mrab-regex@2026.5.9...2026.6.28)

Updates `ruff` from 0.15.16 to 0.15.20
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.16...0.15.20)

Updates `tqdm` from 4.68.2 to 4.68.3
- [Release notes](https://github.com/tqdm/tqdm/releases)
- [Commits](tqdm/tqdm@v4.68.2...v4.68.3)

Updates `virtualenv` from 21.4.2 to 21.5.1
- [Release notes](https://github.com/pypa/virtualenv/releases)
- [Changelog](https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst)
- [Commits](pypa/virtualenv@21.4.2...21.5.1)

Updates `griffelib` from 2.0.2 to 2.1.0

Updates `mkdocstrings-python` from 2.0.4 to 2.0.5
- [Release notes](https://github.com/mkdocstrings/python/releases)
- [Changelog](https://github.com/mkdocstrings/python/blob/main/CHANGELOG.md)
- [Commits](mkdocstrings/python@2.0.4...2.0.5)

Updates `pymdown-extensions` from 10.21.3 to 11.0
- [Release notes](https://github.com/facelessuser/pymdown-extensions/releases)
- [Commits](facelessuser/pymdown-extensions@10.21.3...11.0)

---
updated-dependencies:
- dependency-name: certifi
  dependency-version: 2026.6.17
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-dependencies
- dependency-name: click
  dependency-version: 8.4.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-dependencies
- dependency-name: coverage
  dependency-version: 7.14.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: python-dependencies
- dependency-name: cssbeautifier
  dependency-version: 2.0.3
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: python-dependencies
- dependency-name: distlib
  dependency-version: 0.4.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: python-dependencies
- dependency-name: django-stubs
  dependency-version: 6.0.6
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: python-dependencies
- dependency-name: django-stubs-ext
  dependency-version: 6.0.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-dependencies
- dependency-name: djlint
  dependency-version: 1.40.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: python-dependencies
- dependency-name: filelock
  dependency-version: 3.29.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: python-dependencies
- dependency-name: jsbeautifier
  dependency-version: 2.0.3
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: python-dependencies
- dependency-name: json5
  dependency-version: 0.15.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: python-dependencies
- dependency-name: librt
  dependency-version: 0.12.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: python-dependencies
- dependency-name: nh3
  dependency-version: 0.3.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-dependencies
- dependency-name: pytest
  dependency-version: 9.1.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: python-dependencies
- dependency-name: python-discovery
  dependency-version: 1.4.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: python-dependencies
- dependency-name: regex
  dependency-version: 2026.6.28
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: python-dependencies
- dependency-name: ruff
  dependency-version: 0.15.20
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: python-dependencies
- dependency-name: tqdm
  dependency-version: 4.68.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: python-dependencies
- dependency-name: virtualenv
  dependency-version: 21.5.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: python-dependencies
- dependency-name: griffelib
  dependency-version: 2.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-dependencies
- dependency-name: mkdocstrings-python
  dependency-version: 2.0.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-dependencies
- dependency-name: pymdown-extensions
  dependency-version: '11.0'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: python-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Jul 1, 2026
@github-actions github-actions Bot enabled auto-merge July 1, 2026 17:09
@github-actions github-actions Bot merged commit 5c97663 into main Jul 1, 2026
6 checks passed
@github-actions github-actions Bot deleted the dependabot/pip/python-dependencies-6e939aa87c branch July 1, 2026 17:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants