Skip to content

chore(deps): bump the minor-and-patch group in /libs/sdk-py with 8 updates#7971

Open
dependabot[bot] wants to merge 4 commits into
mainfrom
dependabot/uv/libs/sdk-py/minor-and-patch-80a4b0c7e7
Open

chore(deps): bump the minor-and-patch group in /libs/sdk-py with 8 updates#7971
dependabot[bot] wants to merge 4 commits into
mainfrom
dependabot/uv/libs/sdk-py/minor-and-patch-80a4b0c7e7

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 1, 2026

Copy link
Copy Markdown
Contributor

Bumps the minor-and-patch group in /libs/sdk-py with 8 updates:

Package From To
orjson 3.11.8 3.11.9
langchain-protocol 0.0.15 0.0.16
pytest-asyncio 1.3.0 1.4.0
ruff 0.15.12 0.15.15
ty 0.0.33 0.0.42
starlette 1.0.0 1.2.1
pydantic 2.13.3 2.13.4
xxhash 3.6.0 3.7.0

Updates orjson from 3.11.8 to 3.11.9

Release notes

Sourced from orjson's releases.

3.11.9

Changed

  • Build now depends on Rust 1.95 or later instead of 1.89.

Fixed

  • Fix building on Rust 1.95.
Changelog

Sourced from orjson's changelog.

3.11.9 - 2026-05-06

Changed

  • Build now depends on Rust 1.95 or later instead of 1.89.

Fixed

  • Fix building on Rust 1.95.
Commits

Updates langchain-protocol from 0.0.15 to 0.0.16

Release notes

Sourced from langchain-protocol's releases.

langchain-protocol==0.0.16

What's Changed

New Contributors

Full Changelog: langchain-ai/agent-protocol@langchain-protocol==0.0.15...langchain-protocol==0.0.16

Commits
  • 8246ac0 feat(protocol): add batch resume for parallel interrupts (#86)
  • 0f896ba Merge pull request #84 from langchain-ai/mdrxy/bump-dep
  • 2e890bb chore: bump typing-extensions floor from >=4.7.0 to >=4.13.0
  • See full diff in compare view

Updates pytest-asyncio from 1.3.0 to 1.4.0

Release notes

Sourced from pytest-asyncio's releases.

pytest-asyncio v1.4.0

1.4.0 - 2026-05-26

Deprecated

  • Overriding the event_loop_policy fixture is deprecated. Use the pytest_asyncio_loop_factories hook instead. (#1419)

Added

  • Added the pytest_asyncio_loop_factories hook to parametrize asyncio tests with custom event loop factories.

    The hook returns a mapping of factory names to loop factories, and pytest.mark.asyncio(loop_factories=[...]) selects a subset of configured factories per test. When a single factory is configured, test names are unchanged.

    Synchronous @pytest_asyncio.fixture functions now see the correct event loop when custom loop factories are configured, even when test code disrupts the current event loop (e.g., via asyncio.run() or asyncio.set_event_loop(None)). (#1164)

Changed

  • Improved the readability of the warning message that is displayed when asyncio_default_fixture_loop_scope is unset (#1298)
  • Only import asyncio.AbstractEventLoopPolicy for type checking to avoid raising a DeprecationWarning. (#1394)
  • Updated minimum supported pytest version to v8.4.0. (#1397)

Fixed

  • Fixed a ResourceWarning: unclosed event loop warning that could occur when a synchronous test called asyncio.run() or otherwise unset the current event loop after pytest-asyncio had run an async test or fixture. (#724)

Notes for Downstream Packagers

  • Added dependency on sphinx-tabs >= 3.5 to organize documentation examples into tabs. (#1395)

pytest-asyncio v1.4.0a2

1.4.0a2 - 2026-05-02

Deprecated

  • Overriding the event_loop_policy fixture is deprecated. Use the pytest_asyncio_loop_factories hook instead. (#1419)

Added

  • Added the pytest_asyncio_loop_factories hook to parametrize asyncio tests with custom event loop factories.

    The hook returns a mapping of factory names to loop factories, and pytest.mark.asyncio(loop_factories=[...]) selects a subset of configured factories per test. When a single factory is configured, test names are unchanged on pytest 8.4+.

    Synchronous @pytest_asyncio.fixture functions now see the correct event loop when custom loop factories are configured, even when test code disrupts the current event loop (e.g., via asyncio.run() or asyncio.set_event_loop(None)). (#1164)

Changed

  • Improved the readability of the warning message that is displayed when asyncio_default_fixture_loop_scope is unset (#1298)
  • Only import asyncio.AbstractEventLoopPolicy for type checking to avoid raising a DeprecationWarning. (#1394)

... (truncated)

Commits
  • 6e14cd2 chore: Prepare release of v1.4.0.
  • 4b900fb Build(deps): Bump codecov/codecov-action from 6.0.0 to 6.0.1
  • ab9f632 Build(deps): Bump zipp from 3.23.1 to 4.1.0
  • a56fc77 Build(deps): Bump hypothesis from 6.152.6 to 6.152.8
  • e8bae9b Build(deps): Bump requests from 2.34.0 to 2.34.2
  • fc43340 Build(deps): Bump idna from 3.14 to 3.15
  • 762eaf5 Build(deps): Bump jaraco-functools from 4.4.0 to 4.5.0
  • b62e222 Build(deps): Bump click from 8.3.3 to 8.4.0
  • 9190447 Build(deps): Bump pydantic from 2.13.3 to 2.13.4
  • 82a393c ci: Remove unnecessary debug output.
  • Additional commits viewable in compare view

Updates ruff from 0.15.12 to 0.15.15

Release notes

Sourced from ruff's releases.

0.15.15

Release Notes

Released on 2026-05-28.

Preview features

  • Fix Markdown closing fence handling (#25310)
  • [pyflakes] Report duplicate imports in typing.TYPE_CHECKING block (F811) (#22560)

Bug fixes

  • [pyflakes] Treat function-scope bare annotations as locals per PEP 526 (F821) (#21540)

Performance

  • Avoid redundant TokenValue drops in the lexer (#25300)
  • Reduce memory usage by dropping token-excess capacity and improve performance by approximating the initial tokens Vec size (#25354)
  • Use ThinVec in AST to shrink Stmt (#25361)

Documentation

  • Fix line-length example for --config option (#25389)
  • [flake8-comprehensions] Document RecursionError edge case in __len__ (C416) (#25286)
  • [mccabe] Improve example (C901) (#25287)
  • [pyupgrade] Clarify fix safety docs (UP007, UP045) (#25288)
  • [refurb] Document FURB192 exception change for empty sequences (#25317)
  • [ruff] Document false negative for user-defined types (RUF013) (#25289)

Formatter

  • Fix formatting of lambdas nested within f-strings (#25398)

Server

  • Return code action for codeAction/resolve requests that contain no or no valid URL (#25365)

Other changes

  • Expand semantic syntax errors for invalid walruses (#25415)

Contributors

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.15

Released on 2026-05-28.

Preview features

  • Fix Markdown closing fence handling (#25310)
  • [pyflakes] Report duplicate imports in typing.TYPE_CHECKING block (F811) (#22560)

Bug fixes

  • [pyflakes] Treat function-scope bare annotations as locals per PEP 526 (F821) (#21540)

Performance

  • Avoid redundant TokenValue drops in the lexer (#25300)
  • Reduce memory usage by dropping token-excess capacity and improve performance by approximating the initial tokens Vec size (#25354)
  • Use ThinVec in AST to shrink Stmt (#25361)

Documentation

  • Fix line-length example for --config option (#25389)
  • [flake8-comprehensions] Document RecursionError edge case in __len__ (C416) (#25286)
  • [mccabe] Improve example (C901) (#25287)
  • [pyupgrade] Clarify fix safety docs (UP007, UP045) (#25288)
  • [refurb] Document FURB192 exception change for empty sequences (#25317)
  • [ruff] Document false negative for user-defined types (RUF013) (#25289)

Formatter

  • Fix formatting of lambdas nested within f-strings (#25398)

Server

  • Return code action for codeAction/resolve requests that contain no or no valid URL (#25365)

Other changes

  • Expand semantic syntax errors for invalid walruses (#25415)

Contributors

... (truncated)

Commits
  • db5aa0a Bump 0.15.15 (#25431)
  • 366fe21 [ty] Improve diagnostics for syntax errors in forward annotations (#25158)
  • e2e1e64 [ty] Remove excess capacity from more Salsa cached collections (#25411)
  • 1bd77e1 [ty] Use diagnostic message as tie breaker when sorting (#25424)
  • 7e1bc1e Add agent skills for working on ty (#25422)
  • 574e107 Expand semantic syntax errors for invalid walruses (#25415)
  • 4a7ca06 [ty] Display docs for matching parameter when hovering over the name of an ar...
  • 5432709 Refine a few agents instructions (#25423)
  • 3cb09eb [ty] Support typing.TypeForm (#25334)
  • c8cd59f [ty] Infer class attributes assigned by metaclass initialization (#25342)
  • Additional commits viewable in compare view

Updates ty from 0.0.33 to 0.0.42

Release notes

Sourced from ty's releases.

0.0.42

Release Notes

Released on 2026-06-01.

Bug fixes

  • Fix narrowing of enum literal unions by member identity (#25520)
  • Detect recursive expansion in constraint-set solving (#25442)

Core type checking

  • Support tagged-union narrowing for nominal types (#24916)
  • Extend Generator assignability workaround to Python 3.13+ (#25472)
  • Sync vendored typeshed stubs (#25514)

Performance

  • Avoid redundant work for empty collection context (#25527)
  • Deduplicate retained use-def place states (#25450)
  • Compact retained semantic maps (#25238)

Contributors

Install ty 0.0.42

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/ty/releases/download/0.0.42/ty-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/ty/releases/download/0.0.42/ty-installer.ps1 | iex"

Download ty 0.0.42

File Platform Checksum
ty-aarch64-apple-darwin.tar.gz Apple Silicon macOS checksum
ty-x86_64-apple-darwin.tar.gz Intel macOS checksum
ty-aarch64-pc-windows-msvc.zip ARM64 Windows checksum

... (truncated)

Changelog

Sourced from ty's changelog.

0.0.42

Released on 2026-06-01.

Bug fixes

  • Fix narrowing of enum literal unions by member identity (#25520)
  • Detect recursive expansion in constraint-set solving (#25442)

Core type checking

  • Support tagged-union narrowing for nominal types (#24916)
  • Extend Generator assignability workaround to Python 3.13+ (#25472)
  • Sync vendored typeshed stubs (#25514)

Performance

  • Avoid redundant work for empty collection context (#25527)
  • Deduplicate retained use-def place states (#25450)
  • Compact retained semantic maps (#25238)

Contributors

0.0.41

Released on 2026-05-31.

Bug fixes

  • Avoid panic for deferred dataclass field annotations (#25444)
  • Avoid panic from cycle in function decorator inference (#25475)
  • Ignore rejected assignments for synthesized bindings (#25340)
  • Infer bool for not applied to dynamic values (#25445)
  • Use diagnostic message as tie-breaker when sorting (#25424)

LSP server

  • Add call hierarchy support (#25338)
  • Add function parentheses completion (#25305)
  • Display docs for matching parameter when hovering over the name of an argument passed by keyword (#25283)
  • Document completeFunctionParentheses editor setting (#3513)

Diagnostics

  • Introduce opt-in missing-override-decorator rule (#25111)

... (truncated)

Commits

Updates starlette from 1.0.0 to 1.2.1

Release notes

Sourced from starlette's releases.

Version 1.2.1

What's Changed

New Contributors

Full Changelog: Kludex/starlette@1.2.0...1.2.1

Version 1.2.0

What's Changed

Full Changelog: Kludex/starlette@1.1.0...1.2.0

Version 1.1.0

What's Changed

New Contributors

Full Changelog: Kludex/starlette@1.0.1...1.1.0

Version 1.0.1

What's Changed

Full Changelog: Kludex/starlette@1.0.0...1.0.1

Changelog

Sourced from starlette's changelog.

1.2.1 (May 31, 2026)

Fixed

  • Use httpx2 for type checking in the testclient module #3304.
  • Add assert error for requires() when the request parameter is not a Request type #3298.

1.2.0 (May 28, 2026)

Added

  • Support httpx2 in the test client #3291.

1.1.0 (May 23, 2026)

Added

  • Use "application/octet-stream" as the FileResponse media type fallback #3283.

Fixed

  • Only dispatch standard HTTP verbs in HTTPEndpoint #3286.
  • Reject absolute paths in StaticFiles.lookup_path #3287.

1.0.1 (May 21, 2026)

Fixed

  • Ignore malformed Host header when constructing request.url #3279.
Commits
  • ef773fe Version 1.2.1 (#3306)
  • 3fc68a7 Add sponsors section to docs sidebar (#3305)
  • b053f7b chore(deps): bump the python-packages group across 1 directory with 6 updates...
  • 1478775 Add assert error for requires() when request param is not Request type (#3298)
  • 6576547 Describe disconnected-after-response behavior in test docstring (#3243)
  • 9cb1553 Use same module (httpx|httpx2) for type checking as for runtime (#3304)
  • 4060987 Version 1.2.0 (#3300)
  • 1e289ca Migrate docs deploy from Cloudflare Pages to Workers Static Assets (#3282)
  • 100f05a Add httpx2 as a dev dependency (#3295)
  • 508023b Support httpx2 in the test client (#3291)
  • Additional commits viewable in compare view

Updates pydantic from 2.13.3 to 2.13.4

Release notes

Sourced from pydantic's releases.

v2.13.4 2026-05-06

v2.13.4 (2026-05-06)

What's Changed

Packaging

Fixes

Full Changelog: pydantic/pydantic@v2.13.3...v2.13.4

Changelog

Sourced from pydantic's changelog.

v2.13.4 (2026-05-06)

GitHub release

What's Changed

Packaging

Fixes

Commits
  • cf67d4b Fix linting
  • f0d8a21 Prepare release v2.13.4
  • 5e3fe1d Check for pydantic tag pattern in CI
  • 7f9edcc Document tagging conventions
  • b46a0c9 Adapt pydantic-core linker flags on macOS
  • 50629c8 Update to PyPy 7.3.22
  • 8522ebb Preserve RootModel core metadata
  • a37f3af Adapt MISSING sentinel test to work with unreleased typing_extensions ver...
  • 909259a Remove Logfire example in documentation
  • 2c4174c Bump libc from 0.2.155 to 0.2.185
  • See full diff in compare view

Updates xxhash from 3.6.0 to 3.7.0

Release notes

Sourced from xxhash's releases.

v3.7.0

  • Drop support for Python 3.7
  • Build armv7l manylinux/musllinux wheels
  • Build riscv64 manylinux/musllinux wheels
  • Build android and ios wheels

Full list of changes: ifduyue/python-xxhash@v3.6.0...v3.7.0

Changelog

Sourced from xxhash's changelog.

v3.7.0 2025-04-25


- Drop support for Python 3.7
- Build armv7l manylinux/musllinux wheels
- Build riscv64 manylinux/musllinux wheels
- Build android and ios wheels
Commits
  • 404589e Prepare 3.7.0
  • d3cd664 Bump pypa/gh-action-pypi-publish from 1.13.0 to 1.14.0
  • 0d7d943 Bump pypa/cibuildwheel from 3.4.0 to 3.4.1
  • c4b8775 Bump actions/download-artifact from 7 to 8
  • 1ae3e5b Bump actions/upload-artifact from 6 to 7
  • 8faaa34 Bump pypa/cibuildwheel from 3.3.1 to 3.4.0
  • 4ba9b0c Bump docker/setup-qemu-action from 3 to 4
  • 43bb203 Bump actions/download-artifact from 6 to 7
  • a7a3bd2 Bump actions/upload-artifact from 5 to 6
  • c35bf01 Bump pypa/cibuildwheel from 3.3.0 to 3.3.1
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the minor-and-patch group
15e893f 
Bumps the minor-and-patch group in /libs/sdk-py with 8 updates:

| Package | From | To |
| --- | --- | --- |
| [orjson](https://github.com/ijl/orjson) | `3.11.8` | `3.11.9` |
| [langchain-protocol](https://github.com/langchain-ai/agent-protocol) | `0.0.15` | `0.0.16` |
| [pytest-asyncio](https://github.com/pytest-dev/pytest-asyncio) | `1.3.0` | `1.4.0` |
| [ruff](https://github.com/astral-sh/ruff) | `0.15.12` | `0.15.15` |
| [ty](https://github.com/astral-sh/ty) | `0.0.33` | `0.0.42` |
| [starlette](https://github.com/Kludex/starlette) | `1.0.0` | `1.2.1` |
| [pydantic](https://github.com/pydantic/pydantic) | `2.13.3` | `2.13.4` |
| [xxhash](https://github.com/ifduyue/python-xxhash) | `3.6.0` | `3.7.0` |


Updates `orjson` from 3.11.8 to 3.11.9
- [Release notes](https://github.com/ijl/orjson/releases)
- [Changelog](https://github.com/ijl/orjson/blob/master/CHANGELOG.md)
- [Commits](ijl/orjson@3.11.8...3.11.9)

Updates `langchain-protocol` from 0.0.15 to 0.0.16
- [Release notes](https://github.com/langchain-ai/agent-protocol/releases)
- [Commits](langchain-ai/agent-protocol@langchain-protocol==0.0.15...langchain-protocol==0.0.16)

Updates `pytest-asyncio` from 1.3.0 to 1.4.0
- [Release notes](https://github.com/pytest-dev/pytest-asyncio/releases)
- [Commits](pytest-dev/pytest-asyncio@v1.3.0...v1.4.0)

Updates `ruff` from 0.15.12 to 0.15.15
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.12...0.15.15)

Updates `ty` from 0.0.33 to 0.0.42
- [Release notes](https://github.com/astral-sh/ty/releases)
- [Changelog](https://github.com/astral-sh/ty/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ty@0.0.33...0.0.42)

Updates `starlette` from 1.0.0 to 1.2.1
- [Release notes](https://github.com/Kludex/starlette/releases)
- [Changelog](https://github.com/Kludex/starlette/blob/main/docs/release-notes.md)
- [Commits](Kludex/starlette@1.0.0...1.2.1)

Updates `pydantic` from 2.13.3 to 2.13.4
- [Release notes](https://github.com/pydantic/pydantic/releases)
- [Changelog](https://github.com/pydantic/pydantic/blob/main/HISTORY.md)
- [Commits](pydantic/pydantic@v2.13.3...v2.13.4)

Updates `xxhash` from 3.6.0 to 3.7.0
- [Release notes](https://github.com/ifduyue/python-xxhash/releases)
- [Changelog](https://github.com/ifduyue/python-xxhash/blob/master/CHANGELOG.rst)
- [Commits](ifduyue/python-xxhash@v3.6.0...v3.7.0)

---
updated-dependencies:
- dependency-name: orjson
  dependency-version: 3.11.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: langchain-protocol
  dependency-version: 0.0.16
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: pytest-asyncio
  dependency-version: 1.4.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: ruff
  dependency-version: 0.15.15
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: ty
  dependency-version: 0.0.42
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: starlette
  dependency-version: 1.2.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: pydantic
  dependency-version: 2.13.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: xxhash
  dependency-version: 3.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Jun 1, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file internal python:uv Pull requests that update python:uv code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jkennedyvz @claude