Skip to content

chore(deps): bump the python-deps group across 1 directory with 2 updates#28

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/uv/python/main/python-deps-220755ebcd
Open

chore(deps): bump the python-deps group across 1 directory with 2 updates#28
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/uv/python/main/python-deps-220755ebcd

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot Bot commented on behalf of github May 25, 2026
edited
Loading

Updates the requirements on requests and maturin to permit the latest version.
Updates requests from 2.33.1 to 2.34.2

Release notes

Sourced from requests's releases.

v2.34.2

2.34.2 (2026-05-14)

  • Moved headers input type back to Mapping to avoid invariance issues with MutableMapping and inferred dict types. Users calling Request.headers.update() may need to narrow typing in their code. (#7441)

Full Changelog: https://github.com/psf/requests/blob/main/HISTORY.md#2342-2026-05-14

v2.34.1

2.34.1 (2026-05-13)

Bugfixes

  • Widened json input type from dict and list to Mapping and Sequence. (#7436)
  • Changed headers input type to MutableMapping and removed None from Request.headers typing to improve handling for users. (#7431)
  • Response.reason moved from str | None to str to improve handling for users. (#7437)
  • Fixed a bug where some bodies with custom __getattr__ implementations weren't being properly detected as Iterables. (#7433)

New Contributors

Full Changelog: https://github.com/psf/requests/blob/main/HISTORY.md#2341-2026-05-13

v2.34.0

2.34.0 (2026-05-11)

Announcements

  • Requests 2.34.0 introduces inline types, replacing those provided by typeshed. Public API types should be fully compatible with mypy, pyright, and ty. We believe types are comprehensive but if you find issues, please report them to the pinned tracking issue.

    Special thanks to @​bastimeyer, @​cthoyt, @​edgarrmondragon, and @​srittau for helping review and test the types ahead of the release. (#7272)

Improvements

  • Digest Auth hashing algorithms have added usedforsecurity=False to clarify security considerations. (#7310)
  • Requests added support for Python 3.15 based on beta1. Downstream projects should be able to start testing prior to its release in October. (#7422)
  • Requests added support for Python 3.14t. (#7419)

Bugfixes

  • Response.history no longer contains a reference to itself, preventing accidental looping when traversing the history list. (#7328)
  • Requests no longer performs greedy matching on no_proxy domains. The

... (truncated)

Changelog

Sourced from requests's changelog.

2.34.2 (2026-05-14)

  • Moved headers input type back to Mapping to avoid invariance issues with MutableMapping and inferred dict types. Users calling Request.headers.update() may need to narrow typing in their code. (#7441)

2.34.1 (2026-05-13)

Bugfixes

  • Widened json input type from dict and list to Mapping and Sequence. (#7436)
  • Changed headers input type to MutableMapping and removed None from Request.headers typing to improve handling for users. (#7431)
  • Response.reason moved from str | None to str to improve handling for users. (#7437)
  • Fixed a bug where some bodies with custom __getattr__ implementations weren't being properly detected as Iterables. (#7433)

2.34.0 (2026-05-11)

Announcements

  • Requests 2.34.0 introduces inline types, replacing those provided by typeshed. Public API types should be fully compatible with mypy, pyright, and ty. We believe types are comprehensive but if you find issues, please report them to the pinned tracking issue.

    Special thanks to @​bastimeyer, @​cthoyt, @​edgarrmondragon, and @​srittau for helping review and test the types ahead of the release. (#7272)

Improvements

  • Digest Auth hashing algorithms have added usedforsecurity=False to clarify security considerations. (#7310)
  • Requests added support for Python 3.15 based on beta1. Downstream projects should be able to start testing prior to its release in October. (#7422)
  • Requests added support for Python 3.14t. (#7419)

Bugfixes

  • Response.history no longer contains a reference to itself, preventing accidental looping when traversing the history list. (#7328)
  • Requests no longer performs greedy matching on no_proxy domains. The proxy_bypass implementation has been updated with CPython's fix from bpo-39057. (#7427)
  • Requests no longer incorrectly strips duplicate leading slashes in URI paths. This should address user issues with specific presigned URLs. Note the full fix requires urllib3 2.7.0+. (#7315)
Commits

Updates maturin to 1.13.3

Release notes

Sourced from maturin's releases.

v1.13.3

What's Changed

Full Changelog: PyO3/maturin@v1.13.2...v1.13.3

Changelog

Sourced from maturin's changelog.

1.13.3

  • Fix: disable abi3 in pyo3 config for version-specific fallback builds (#3180)

1.13.2

  • Fix: resolve test failures in distro packaging environments (#3129)
  • Fix: redirect tracing output to stderr to avoid breaking PEP 517 (#3131)
  • Fix: skip interpreters with empty output for WSL2 cross-compile (#3137)
  • Fix: set explicit lib_name in pyo3 config for Android abi3 cross-compilation (#3130)
  • Chore: add sysconfig/cpython-freebsd-15.0-amd64.txt (#3140)
  • Quote python-version in generated GitHub Actions workflow
  • Update rustls-webpki
  • Fix: two-phase bridge detection for conditional abi3 features (#3144)
  • Update cargo-zigbuild to 0.22.2
  • Update pyo3 to 0.28.3
  • Treat pyo3 0.29.0+ as having Windows import lib support (raw-dylib) (#3145)
  • Fix bin bindings with external shared library dependencies (#3147)
  • Upgrade MSRV to 1.89.0 (#3149)
  • Musllinux oci image (#3152)
  • Remove Cirrus CI for FreeBSD (#3156)
  • Perf: defer stage_artifact copy-back, finalize via rename when unpatched (#3155)
  • Perf: eliminate stage_artifact double-copy, drop was_patched flag (#3157)
  • Fix release pipeline (#3158)
  • Auditwheel: copy unpatched cargo output back before in-place patching (#3159)
  • Develop: fail loudly when pip leaves a stale ~ install behind (#1922) (#3161)
  • Provide a link for the lib.name in Cargo.toml (#3167)
  • Fix duplicated version in changelog (#3171)
  • Switch to actions/attest from attest-build-provenance (#3169)
  • Switch generation to actions/attest action, upgrade to v4 (#3170)
  • Fix: avoid duplicate --interpreter panic in PEP 517 backend (#3175)
  • Add trusted publishing options to generate-ci (#3176)
  • Fix(sdist): handle symlinked Cargo.toml pointing outside project root (#3178)
  • Stop install cffi for Python 3.8 in Dockerfile
  • Fix: support pixi-managed virtualenvs in maturin develop (#3165)
  • Support PEP 783 pyemscripten_*_wasm32 wheel platform tag (#3163)

1.13.1

  • Fix: fall back to placeholder for abi3 when found interpreters are too old (#3126)

1.13.0

  • Refactor: unified interpreter resolution pipeline (#3032)
  • Refactor: decompose large modules into focused submodules (#3052)
  • Keep cargo build artifact at original path after staging (#3054)
  • Fix --strip conflicting with --include-debuginfo in develop (#3057)
  • Fix abi3 wheel producing version-specific tags for CPython below minimum (#3061)
  • Generate-ci: use uv pip for pytest steps to fix local wheel preference (#3063)
  • Update reflink-copy to 0.1.29 to fix sparc Linux builds

... (truncated)

Commits
  • 1f7e752 Release v1.13.3 (#3183)
  • 863c990 fix: disable abi3 in pyo3 config for version-specific fallback builds (#3180)
  • fd70e0d Release v1.13.2
  • 8058c01 Support PEP 783 pyemscripten_*_wasm32 wheel platform tag (#3163)
  • 211434c fix: support pixi-managed virtualenvs in maturin develop (#3165)
  • 8a5130d Stop install cffi for Python 3.8 in Dockerfile
  • 4ac4d99 fix(sdist): handle symlinked Cargo.toml pointing outside project root (#3178)
  • dd54ac9 Add trusted publishing options to generate-ci (#3176)
  • e6d39af fix: avoid duplicate --interpreter panic in PEP 517 backend (#3175)
  • 02ad7b3 build(deps): bump openssl from 0.10.78 to 0.10.79 (#3173)
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels May 25, 2026
@dependabot
chore(deps): bump the python-deps group across 1 directory with 2 upd…
cebaddc 
…ates

Updates the requirements on [requests](https://github.com/psf/requests) and [maturin](https://github.com/pyo3/maturin) to permit the latest version.

Updates `requests` from 2.33.1 to 2.34.2
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](psf/requests@v2.33.1...v2.34.2)

Updates `maturin` to 1.13.3
- [Release notes](https://github.com/pyo3/maturin/releases)
- [Changelog](https://github.com/PyO3/maturin/blob/main/Changelog.md)
- [Commits](PyO3/maturin@v1.13.1...v1.13.3)

---
updated-dependencies:
- dependency-name: maturin
  dependency-version: 1.13.3
  dependency-type: direct:development
  dependency-group: python-deps
- dependency-name: requests
  dependency-version: 2.34.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/uv/python/main/python-deps-220755ebcd branch from 1caa27e to cebaddc Compare May 27, 2026 13:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants