Skip to content

build(deps): bump the minor-updates group across 1 directory with 14 updates #242

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: master
Choose a base branch
from
Open

build(deps): bump the minor-updates group across 1 directory with 14 updates #242

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 5, 2026
edited
Loading

Bumps the minor-updates group with 14 updates in the / directory:

Package From To
asgiref 3.9.1 3.11.0
charset-normalizer 3.4.3 3.4.4
django-solo 2.4.0 2.5.1
idna 3.10 3.11
psycopg2-binary 2.9.10 2.9.11
sqlparse 0.5.3 0.5.5
typing-extensions 4.14.1 4.15.0
urllib3 2.5.0 2.6.2
whitenoise 6.9.0 6.11.0
ruff 0.12.9 0.14.10
pre-commit 4.3.0 4.5.1
bandit 1.8.6 1.9.2
mypy 1.17.1 1.19.1
django-stubs[compatible-mypy] 5.2.2 5.2.8

Updates asgiref from 3.9.1 to 3.11.0

Changelog

Sourced from asgiref's changelog.

3.11.0 (2025-11-19)

  • sync_to_async gains a context parameter, similar to those for asyncio.create_task, TaskGroup &co, that can be used on Python 3.11+ to control the context used by the underlying task.

    The parent context is already propagated by default but the additional control is useful if multiple sync_to_async calls need to share the same context, e.g. when used with asyncio.gather().

3.10.0 (2025-10-05)

  • Added AsyncSingleThreadContext context manager to ensure multiple AsyncToSync invocations use the same thread. (#511)

3.9.2 (2025-09-23)

  • Adds support for Python 3.14.

  • Fixes wsgi.errors file descriptor in WsgiToAsgi adapter.

Commits

Updates charset-normalizer from 3.4.3 to 3.4.4

Release notes

Sourced from charset-normalizer's releases.

Version 3.4.4

3.4.4 (2025-10-13)

Changed

  • Bound setuptools to a specific constraint setuptools>=68,<=81.
  • Raised upper bound of mypyc for the optional pre-built extension to v1.18.2

Removed

  • setuptools-scm as a build dependency.

Misc

  • Enforced hashes in dev-requirements.txt and created ci-requirements.txt for security purposes.
  • Additional pre-built wheels for riscv64, s390x, and armv7l architectures.
  • Restore multiple.intoto.jsonl in GitHub releases in addition to individual attestation file per wheel.
Changelog

Sourced from charset-normalizer's changelog.

3.4.4 (2025-10-13)

Changed

  • Bound setuptools to a specific constraint setuptools>=68,<=81.
  • Raised upper bound of mypyc for the optional pre-built extension to v1.18.2

Removed

  • setuptools-scm as a build dependency.

Misc

  • Enforced hashes in dev-requirements.txt and created ci-requirements.txt for security purposes.
  • Additional pre-built wheels for riscv64, s390x, and armv7l architectures.
  • Restore multiple.intoto.jsonl in GitHub releases in addition to individual attestation file per wheel.
Commits
  • b30ffdc 🔧 fix checksum step in cd.yml
  • d3fbfcf 🔧 fix cd.yml
  • dafbb95 Release 3.4.4 (#658)
  • 1f18ffa ⬆️ raise mypy upper bound to 1.18.2
  • ef4ac69 Merge branch 'release-3.4.4' of github.com:jawah/charset_normalizer into rele...
  • 4b35dda 📝 write changelog for 3.4.4
  • 0ec6452 🔧 update cd.yml workflow (add riscv64, s390x and armv7l)
  • f341ede ⬆️ upgrade dependencies (dev, ci)
  • a308841 📝 write changelog for 3.4.4
  • 9c906da 🔧 update cd.yml workflow (add riscv64, s390x and armv7l)
  • Additional commits viewable in compare view

Updates django-solo from 2.4.0 to 2.5.1

Release notes

Sourced from django-solo's releases.

2.5.1

What's Changed

Full Changelog: lazybird/django-solo@2.5.0...2.5.1

2.5.0

What's Changed

Full Changelog: lazybird/django-solo@2.4.0...2.5.0

Changelog

Sourced from django-solo's changelog.

django-solo-2.5.1

  • Fix license metadata to be compatible with modern setuptools.

django-solo-2.5.0

Date: 1 January, 2026

  • Add support for Django 5.2 and 6.0
  • Drop support for Python 3.9.
  • Add support for Python 3.14.
  • Update linting dependencies.
Commits

Updates idna from 3.10 to 3.11

Changelog

Sourced from idna's changelog.

3.11 (2025-10-12)

  • Update to Unicode 16.0.0, including significant changes to UTS46 processing. As a result of Unicode ending support for it, transitional processing no longer has an effect and returns the same result.
  • Add support for Python 3.14, lowest supported version is Python 3.8.
  • Various updates to packaging, including PEP 740 support.
Commits
  • ad949ee Release v3.11
  • cae4ba7 Second release candidate for 3.11
  • 8adb305 Add space in RST link
  • 74cb2b6 Release candidate for 3.11
  • 05dab09 Format idna-data with ruff
  • 90eac78 Apply ruff formatting
  • a31ce7e Remove errant test vectors
  • 81f0333 Omit vectors known to be broken in test suite
  • a0f3257 Merge branch 'master' into unicode-16-uts46-changes
  • 38d9886 Remove extra UTS46 test vector
  • Additional commits viewable in compare view

Updates psycopg2-binary from 2.9.10 to 2.9.11

Changelog

Sourced from psycopg2-binary's changelog.

Current release

What's new in psycopg 2.9.11 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • Add support for Python 3.14.
  • Avoid a segfault passing more arguments than placeholders if Python is built with assertions enabled (:ticket:[#1791](https://github.com/psycopg/psycopg2/issues/1791)).
  • Add riscv64 platform binary packages (:ticket:[#1813](https://github.com/psycopg/psycopg2/issues/1813)).
  • ~psycopg2.errorcodes map and ~psycopg2.errors classes updated to PostgreSQL 18.
  • Drop support for Python 3.8.

What's new in psycopg 2.9.10 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • Add support for Python 3.13.
  • Receive notifications on commit (:ticket:[#1728](https://github.com/psycopg/psycopg2/issues/1728)).
  • ~psycopg2.errorcodes map and ~psycopg2.errors classes updated to PostgreSQL 17.
  • Drop support for Python 3.7.

What's new in psycopg 2.9.9 ^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • Add support for Python 3.12.
  • Drop support for Python 3.6.

What's new in psycopg 2.9.8 ^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • Wheel package bundled with PostgreSQL 16 libpq in order to add support for recent features, such as sslcertmode.

What's new in psycopg 2.9.7 ^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • Fix propagation of exceptions raised during module initialization (:ticket:[#1598](https://github.com/psycopg/psycopg2/issues/1598)).
  • Fix building when pg_config returns an empty string (:ticket:[#1599](https://github.com/psycopg/psycopg2/issues/1599)).
  • Wheel package bundled with OpenSSL 1.1.1v.

What's new in psycopg 2.9.6 ^^^^^^^^^^^^^^^^^^^^^^^^^^^

... (truncated)

Commits
  • fd9ae8c chore: bump to version 2.9.11
  • d923840 chore: update docs requirements
  • d42dc71 Merge branch 'fix-1791'
  • 4fde656 fix: avoid failed assert passing more arguments than placeholders
  • 8308c19 fix: drop warning about the use of deprecated PyWeakref_GetObject function
  • 1a1eabf build(deps): bump actions/github-script from 7 to 8
  • 897af8b build(deps): bump peter-evans/repository-dispatch from 3 to 4
  • ceefd30 build(deps): bump actions/checkout from 4 to 5
  • 4dc5854 build(deps): bump actions/setup-python from 5 to 6
  • 1945788 Merge pull request #1802 from edgarrmondragon/cp314-wheels
  • Additional commits viewable in compare view

Updates sqlparse from 0.5.3 to 0.5.5

Changelog

Sourced from sqlparse's changelog.

Release 0.5.5 (Dec 19, 2025)

Bug Fixes

  • Fix DoS protection to raise SQLParseError instead of silently returning None when grouping limits are exceeded (issue827).
  • Fix splitting of BEGIN TRANSACTION statements (issue826).

Release 0.5.4 (Nov 28, 2025)

Enhancements

  • Add support for Python 3.14.
  • Add type annotations to top-level API functions and include py.typed marker for PEP 561 compliance, enabling type checking with mypy and other tools (issue756).
  • Add pre-commit hook support. sqlparse can now be used as a pre-commit hook to automatically format SQL files. The CLI now supports multiple files and an --in-place flag for in-place editing (issue537).
  • Add ATTACH and DETACH to PostgreSQL keywords (pr808).
  • Add INTERSECT to close keywords in WHERE clause (pr820).
  • Support REGEXP BINARY comparison operator (pr817).

Bug Fixes

  • Add additional protection against denial of service attacks when parsing very large lists of tuples. This enhances the existing recursion protections with configurable limits for token processing to prevent DoS through algorithmic complexity attacks. The new limits (MAX_GROUPING_DEPTH=100, MAX_GROUPING_TOKENS=10000) can be adjusted or disabled (by setting to None) if needed for legitimate large SQL statements.
  • Remove shebang from cli.py and remove executable flag (pr818).
  • Fix strip_comments not removing all comments when input contains only comments (issue801, pr803 by stropysh).
  • Fix splitting statements with IF EXISTS/IF NOT EXISTS inside BEGIN...END blocks (issue812).
  • Fix splitting on semicolons inside BEGIN...END blocks (issue809).
Commits
  • 0d24023 Bump version to 0.5.5
  • da67ac1 Enhance DoS protection by raising SQLParseError for exceeded grouping limits ...
  • 5ca50a2 Fix splitting of BEGIN TRANSACTION statements (fixes #826).
  • acd8e58 Back to development version.
  • 14e300b Bump version.
  • 96a67e2 Code cleanup.
  • 1a3bfbd Fix handling of semicolons inside BEGIN...END blocks (fixes #809).
  • e92a032 Fix handling of IF EXISTS statements in BEGIN...END blocks (fixes #812).
  • 149bebf Update Changelog.
  • 561a67e Update AUTHORS.
  • Additional commits viewable in compare view

Updates typing-extensions from 4.14.1 to 4.15.0

Release notes

Sourced from typing-extensions's releases.

4.15.0

No user-facing changes since 4.15.0rc1.

New features since 4.14.1:

  • Add the @typing_extensions.disjoint_base decorator, as specified in PEP 800. Patch by Jelle Zijlstra.
  • Add typing_extensions.type_repr, a backport of annotationlib.type_repr, introduced in Python 3.14 (CPython PR #124551, originally by Jelle Zijlstra). Patch by Semyon Moroz.
  • Fix behavior of type params in typing_extensions.evaluate_forward_ref. Backport of CPython PR #137227 by Jelle Zijlstra.

4.15.0rc1

  • Add the @typing_extensions.disjoint_base decorator, as specified in PEP 800. Patch by Jelle Zijlstra.
  • Add typing_extensions.type_repr, a backport of annotationlib.type_repr, introduced in Python 3.14 (CPython PR #124551, originally by Jelle Zijlstra). Patch by Semyon Moroz.
  • Fix behavior of type params in typing_extensions.evaluate_forward_ref. Backport of CPython PR #137227 by Jelle Zijlstra.
Changelog

Sourced from typing-extensions's changelog.

Release 4.15.0 (August 25, 2025)

No user-facing changes since 4.15.0rc1.

Release 4.15.0rc1 (August 18, 2025)

  • Add the @typing_extensions.disjoint_base decorator, as specified in PEP 800. Patch by Jelle Zijlstra.
  • Add typing_extensions.type_repr, a backport of annotationlib.type_repr, introduced in Python 3.14 (CPython PR #124551, originally by Jelle Zijlstra). Patch by Semyon Moroz.
  • Fix behavior of type params in typing_extensions.evaluate_forward_ref. Backport of CPython PR #137227 by Jelle Zijlstra.
Commits

Updates urllib3 from 2.5.0 to 2.6.2

Release notes

Sourced from urllib3's releases.

2.6.2

🚀 urllib3 is fundraising for HTTP/2 support

urllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects please consider contributing financially to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.

Thank you for your support.

Changes

  • Fixed HTTPResponse.read_chunked() to properly handle leftover data in the decoder's buffer when reading compressed chunked responses. (urllib3/urllib3#3734)

2.6.1

🚀 urllib3 is fundraising for HTTP/2 support

urllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects please consider contributing financially to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.

Thank you for your support.

Changes

  • Restore previously removed HTTPResponse.getheaders() and HTTPResponse.getheader() methods. (#3731)

2.6.0

🚀 urllib3 is fundraising for HTTP/2 support

urllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects please consider contributing financially to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.

Thank you for your support.

Security

  • Fixed a security issue where streaming API could improperly handle highly compressed HTTP content ("decompression bombs") leading to excessive resource consumption even when a small amount of data was requested. Reading small chunks of compressed data is safer and much more efficient now. (CVE-2025-66471 reported by @​Cycloctane, 8.9 High, GHSA-2xpw-w6gg-jr37)
  • Fixed a security issue where an attacker could compose an HTTP response with virtually unlimited links in the Content-Encoding header, potentially leading to a denial of service (DoS) attack by exhausting system resources during decoding. The number of allowed chained encodings is now limited to 5. (CVE-2025-66418 reported by @​illia-v, 8.9 High, GHSA-gm62-xv2j-4w53)

[!IMPORTANT]

  • If urllib3 is not installed with the optional urllib3[brotli] extra, but your environment contains a Brotli/brotlicffi/brotlipy package anyway, make sure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to benefit from the security fixes and avoid warnings. Prefer using urllib3[brotli] to install a compatible Brotli package automatically.
  • If you use custom decompressors, please make sure to update them to respect the changed API of urllib3.response.ContentDecoder.

Features

  • Enabled retrieval, deletion, and membership testing in HTTPHeaderDict using bytes keys. (#3653)
  • Added host and port information to string representations of HTTPConnection. (#3666)
  • Added support for Python 3.14 free-threading builds explicitly. (#3696)

Removals

  • Removed the HTTPResponse.getheaders() method in favor of HTTPResponse.headers. Removed the HTTPResponse.getheader(name, default) method in favor of HTTPResponse.headers.get(name, default). (#3622)

... (truncated)

Changelog

Sourced from urllib3's changelog.

2.6.2 (2025-12-11)

  • Fixed HTTPResponse.read_chunked() to properly handle leftover data in the decoder's buffer when reading compressed chunked responses. ([#3734](https://github.com/urllib3/urllib3/issues/3734) <https://github.com/urllib3/urllib3/issues/3734>__)

2.6.1 (2025-12-08)

  • Restore previously removed HTTPResponse.getheaders() and HTTPResponse.getheader() methods. ([#3731](https://github.com/urllib3/urllib3/issues/3731) <https://github.com/urllib3/urllib3/issues/3731>__)

2.6.0 (2025-12-05)

Security

  • Fixed a security issue where streaming API could improperly handle highly compressed HTTP content ("decompression bombs") leading to excessive resource consumption even when a small amount of data was requested. Reading small chunks of compressed data is safer and much more efficient now. (GHSA-2xpw-w6gg-jr37 <https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37>__)
  • Fixed a security issue where an attacker could compose an HTTP response with virtually unlimited links in the Content-Encoding header, potentially leading to a denial of service (DoS) attack by exhausting system resources during decoding. The number of allowed chained encodings is now limited to 5. (GHSA-gm62-xv2j-4w53 <https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53>__)

.. caution::

  • If urllib3 is not installed with the optional urllib3[brotli] extra, but your environment contains a Brotli/brotlicffi/brotlipy package anyway, make sure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to benefit from the security fixes and avoid warnings. Prefer using urllib3[brotli] to install a compatible Brotli package automatically.

  • If you use custom decompressors, please make sure to update them to respect the changed API of urllib3.response.ContentDecoder.

Features

  • Enabled retrieval, deletion, and membership testing in HTTPHeaderDict using bytes keys. ([#3653](https://github.com/urllib3/urllib3/issues/3653) <https://github.com/urllib3/urllib3/issues/3653>__)
  • Added host and port information to string representations of HTTPConnection. ([#3666](https://github.com/urllib3/urllib3/issues/3666) <https://github.com/urllib3/urllib3/issues/3666>__)
  • Added support for Python 3.14 free-threading builds explicitly. ([#3696](https://github.com/urllib3/urllib3/issues/3696) <https://github.com/urllib3/urllib3/issues/3696>__)

... (truncated)

Commits

Updates whitenoise from 6.9.0 to 6.11.0

Changelog

Sourced from whitenoise's changelog.

6.11.0 (2025-09-18)

  • Support Django 6.0.

6.10.0 (2025-09-09)

  • Support Python 3.14.
Commits

Updates ruff from 0.12.9 to 0.14.10

Release notes

Sourced from ruff's releases.

0.14.10

Release Notes

Released on 2025-12-18.

Preview features

  • [formatter] Fluent formatting of method chains (#21369)
  • [formatter] Keep lambda parameters on one line and parenthesize the body if it expands (#21385)
  • [flake8-implicit-str-concat] New rule to prevent implicit string concatenation in collections (ISC004) (#21972)
  • [flake8-use-pathlib] Make fixes unsafe when types change in compound statements (PTH104, PTH105, PTH109, PTH115) (#22009)
  • [refurb] Extend support for Path.open (FURB101, FURB103) (#21080)

Bug fixes

  • [pyupgrade] Fix parsing named Unicode escape sequences (UP032) (#21901)

Rule changes

  • [eradicate] Ignore ruff:disable and ruff:enable comments in ERA001 (#22038)
  • [flake8-pytest-style] Allow match and check keyword arguments without an expected exception type (PT010) (#21964)
  • [syntax-errors] Annotated name cannot be global (#20868)

Documentation

  • Add uv and ty to the Ruff README (#21996)
  • Document known lambda formatting deviations from Black (#21954)
  • Update setup.md (#22024)
  • [flake8-bandit] Fix broken link (S704) (#22039)

Other changes

  • Fix playground Share button showing "Copied!" before clipboard copy completes (#21942)

Contributors

... (truncated)

Changelog

Sourced from ruff's changelog.

0.14.10

Released on 2025-12-18.

Preview features

  • [formatter] Fluent formatting of method chains (#21369)
  • [formatter] Keep lambda parameters on one line and parenthesize the body if it expands (#21385)
  • [flake8-implicit-str-concat] New rule to prevent implicit string concatenation in collections (ISC004) (#21972)
  • [flake8-use-pathlib] Make fixes unsafe when types change in compound statements (PTH104, PTH105, PTH109, PTH115) (#22009)
  • [refurb] Extend support for Path.open (FURB101, FURB103) (#21080)

Bug fixes

  • [pyupgrade] Fix parsing named Unicode escape sequences (UP032) (#21901)

Rule changes

  • [eradicate] Ignore ruff:disable and ruff:enable comments in ERA001 (#22038)
  • [flake8-pytest-style] Allow match and check keyword arguments without an expected exception type (PT010) (#21964)
  • [syntax-errors] Annotated name cannot be global (#20868)

Documentation

  • Add uv and ty to the Ruff README (#21996)
  • Document known lambda formatting deviations from Black (#21954)
  • Update setup.md (#22024)
  • [flake8-bandit] Fix broken link (S704) (#22039)

Other changes

  • Fix playground Share button showing "Copied!" before clipboard copy completes (#21942)

Contributors

0.14.9

... (truncated)

Commits
  • 45bbb4c Bump 0.14.10 (#22058)
  • 42b9727 [ty] Use datatest instead of dirtest (#21937)
  • f7ec178 [ty] Gracefully handle client requests that can't be deserialized (#22051)
  • c315164 [ty] Don't suggest keyword statements when only expressions are valid
  • bb1955e [ty] Use cursor context in a few more places...
  • 070e08a [ty] Move completion function to the top
  • bab3924 [ty] Refactor completion generation
  • 10748b2 [flake8-pytest-style] Allow match and check keyword arguments without a...
  • 56539db [ty] Fix some configuration panics in the LSP (#22040)
  • 8d32ad1 [ty] Add support for attribute docstrings (#22036)
  • Additional commits viewable in compare view

Updates pre-commit from 4.3.0 to 4.5.1

Release notes

Sourced from pre-commit's releases.

pre-commit v4.5.1

Fixes

  • Fix language: python with repo: local without additional_dependencies.

pre-commit v4.5.0

Features

pre-commit v4.4.0

Features

Fixes

Changelog

Sourced from pre-commit's changelog.

4.5.1 - 2025-12-16

Fixes

  • Fix language: python with repo: local without additional_dependencies.

4.5.0 - 2025-11-22

Features

4.4.0 - 2025-11-08

Features

Fixes

Commits
  • 8a0630c v4.5.1
  • fcbc745 Merge pull request #3597 from pre-commit/empty-setup-py
  • 51592ee fix python local template when artifact dirs are present
  • 67e8faf Merge pull request #3596 from pre-commit/pre-commit-ci-update-config
  • c251e6b [pre-commit.ci] pre-commit autoupdate
  • 98ccafa Merge pull request #3593 from pre-commit/pre-commit-ci-update-config
  • 4895355 [pre-commit.ci] pre-commit autoupdate
  • 2cedd58 Merge pull request #3588 from pre-commit/pre-commit-ci-update-config
  • 465192d [pre-commit.ci] pre-commit autoupdate
  • fd42f96 Merge pull request #3586 from pre-commit/zipapp-sha256-file-not-needed
  • Additional commits viewable in compare view

Updates bandit from 1.8.6 to 1.9.2

Release notes

Sourced from bandit's releases.

1.9.2

What's Changed

Full Changelog: PyCQA/bandit@1.9.1...1.9.2

1.9.1

What's Changed

Full Changelog: PyCQA/bandit@1.9.0...1.9.1

1.9.0

What's Changed

@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Jan 5, 2026
@dependabot
build(deps): bump the minor-updates group across 1 directory with 14 …
b6ef1e7 
…updates

Bumps the minor-updates group with 14 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [asgiref](https://github.com/django/asgiref) | `3.9.1` | `3.11.0` |
| [charset-normalizer](https://github.com/jawah/charset_normalizer) | `3.4.3` | `3.4.4` |
| [django-solo](https://github.com/lazybird/django-solo) | `2.4.0` | `2.5.1` |
| [idna](https://github.com/kjd/idna) | `3.10` | `3.11` |
| [psycopg2-binary](https://github.com/psycopg/psycopg2) | `2.9.10` | `2.9.11` |
| [sqlparse](https://github.com/andialbrecht/sqlparse) | `0.5.3` | `0.5.5` |
| [typing-extensions](https://github.com/python/typing_extensions) | `4.14.1` | `4.15.0` |
| [urllib3](https://github.com/urllib3/urllib3) | `2.5.0` | `2.6.2` |
| [whitenoise](https://github.com/evansd/whitenoise) | `6.9.0` | `6.11.0` |
| [ruff](https://github.com/astral-sh/ruff) | `0.12.9` | `0.14.10` |
| [pre-commit](https://github.com/pre-commit/pre-commit) | `4.3.0` | `4.5.1` |
| [bandit](https://github.com/PyCQA/bandit) | `1.8.6` | `1.9.2` |
| [mypy](https://github.com/python/mypy) | `1.17.1` | `1.19.1` |
| [django-stubs[compatible-mypy]](https://github.com/sponsors/typeddjango) | `5.2.2` | `5.2.8` |



Updates `asgiref` from 3.9.1 to 3.11.0
- [Changelog](https://github.com/django/asgiref/blob/main/CHANGELOG.txt)
- [Commits](django/asgiref@3.9.1...3.11.0)

Updates `charset-normalizer` from 3.4.3 to 3.4.4
- [Release notes](https://github.com/jawah/charset_normalizer/releases)
- [Changelog](https://github.com/jawah/charset_normalizer/blob/master/CHANGELOG.md)
- [Commits](jawah/charset_normalizer@3.4.3...3.4.4)

Updates `django-solo` from 2.4.0 to 2.5.1
- [Release notes](https://github.com/lazybird/django-solo/releases)
- [Changelog](https://github.com/lazybird/django-solo/blob/master/CHANGES)
- [Commits](lazybird/django-solo@2.4.0...2.5.1)

Updates `idna` from 3.10 to 3.11
- [Release notes](https://github.com/kjd/idna/releases)
- [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst)
- [Commits](kjd/idna@v3.10...v3.11)

Updates `psycopg2-binary` from 2.9.10 to 2.9.11
- [Changelog](https://github.com/psycopg/psycopg2/blob/master/NEWS)
- [Commits](psycopg/psycopg2@2.9.10...2.9.11)

Updates `sqlparse` from 0.5.3 to 0.5.5
- [Changelog](https://github.com/andialbrecht/sqlparse/blob/master/CHANGELOG)
- [Commits](andialbrecht/sqlparse@0.5.3...0.5.5)

Updates `typing-extensions` from 4.14.1 to 4.15.0
- [Release notes](https://github.com/python/typing_extensions/releases)
- [Changelog](https://github.com/python/typing_extensions/blob/main/CHANGELOG.md)
- [Commits](python/typing_extensions@4.14.1...4.15.0)

Updates `urllib3` from 2.5.0 to 2.6.2
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst)
- [Commits](urllib3/urllib3@2.5.0...2.6.2)

Updates `whitenoise` from 6.9.0 to 6.11.0
- [Changelog](https://github.com/evansd/whitenoise/blob/main/docs/changelog.rst)
- [Commits](evansd/whitenoise@6.9.0...6.11.0)

Updates `ruff` from 0.12.9 to 0.14.10
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.12.9...0.14.10)

Updates `pre-commit` from 4.3.0 to 4.5.1
- [Release notes](https://github.com/pre-commit/pre-commit/releases)
- [Changelog](https://github.com/pre-commit/pre-commit/blob/main/CHANGELOG.md)
- [Commits](pre-commit/pre-commit@v4.3.0...v4.5.1)

Updates `bandit` from 1.8.6 to 1.9.2
- [Release notes](https://github.com/PyCQA/bandit/releases)
- [Commits](PyCQA/bandit@1.8.6...1.9.2)

Updates `mypy` from 1.17.1 to 1.19.1
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](python/mypy@v1.17.1...v1.19.1)

Updates `django-stubs[compatible-mypy]` from 5.2.2 to 5.2.8
- [Commits](https://github.com/sponsors/typeddjango/commits)

---
updated-dependencies:
- dependency-name: asgiref
  dependency-version: 3.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-updates
- dependency-name: charset-normalizer
  dependency-version: 3.4.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-updates
- dependency-name: django-solo
  dependency-version: 2.5.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-updates
- dependency-name: idna
  dependency-version: '3.11'
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-updates
- dependency-name: psycopg2-binary
  dependency-version: 2.9.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-updates
- dependency-name: sqlparse
  dependency-version: 0.5.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-updates
- dependency-name: typing-extensions
  dependency-version: 4.15.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-updates
- dependency-name: urllib3
  dependency-version: 2.6.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-updates
- dependency-name: whitenoise
  dependency-version: 6.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-updates
- dependency-name: ruff
  dependency-version: 0.14.10
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: minor-updates
- dependency-name: pre-commit
  dependency-version: 4.5.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: minor-updates
- dependency-name: bandit
  dependency-version: 1.9.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: minor-updates
- dependency-name: mypy
  dependency-version: 1.19.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: minor-updates
- dependency-name: django-stubs[compatible-mypy]
  dependency-version: 5.2.8
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: minor-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/pip/minor-updates-6b102f9809 branch from 0621fc2 to b6ef1e7 Compare January 21, 2026 12:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants