Skip to content

build(deps-dev): bump the safe group across 1 directory with 4 updates#88

Open
dependabot[bot] wants to merge 1 commit intodevfrom
dependabot/uv/dev/safe-73edea0876
Open

build(deps-dev): bump the safe group across 1 directory with 4 updates#88
dependabot[bot] wants to merge 1 commit intodevfrom
dependabot/uv/dev/safe-73edea0876

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Mar 9, 2026

Bumps the safe group with 4 updates in the / directory: hatch, ruff, mkdocs-material and fastapi.

Updates hatch from 1.16.4 to 1.16.5

Release notes

Sourced from hatch's releases.

Hatch v1.16.5

Fixed:

  • Handle a breaking change in virtualenv by only supporting the latest version and adding python-discovery as a dependency.
Commits

Updates ruff from 0.15.4 to 0.15.5

Release notes

Sourced from ruff's releases.

0.15.5

Release Notes

Released on 2026-03-05.

Preview features

  • Discover Markdown files by default in preview mode (#23434)
  • [perflint] Extend PERF102 to comprehensions and generators (#23473)
  • [refurb] Fix FURB101 and FURB103 false positives when I/O variable is used later (#23542)
  • [ruff] Add fix for none-not-at-end-of-union (RUF036) (#22829)
  • [ruff] Fix false positive for re.split with empty string pattern (RUF055) (#23634)

Bug fixes

  • [fastapi] Handle callable class dependencies with __call__ method (FAST003) (#23553)
  • [pydocstyle] Fix numpy section ordering (D420) (#23685)
  • [pyflakes] Fix false positive for names shadowing re-exports (F811) (#23356)
  • [pyupgrade] Avoid inserting redundant None elements in UP045 (#23459)

Documentation

  • Document extension mapping for Markdown code formatting (#23574)
  • Update default Python version examples (#23605)

Other changes

  • Publish releases to Astral mirror (#23616)

Contributors

Install ruff 0.15.5

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/ruff/releases/download/0.15.5/ruff-installer.sh | sh

Install prebuilt binaries via powershell script

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.5

Released on 2026-03-05.

Preview features

  • Discover Markdown files by default in preview mode (#23434)
  • [perflint] Extend PERF102 to comprehensions and generators (#23473)
  • [refurb] Fix FURB101 and FURB103 false positives when I/O variable is used later (#23542)
  • [ruff] Add fix for none-not-at-end-of-union (RUF036) (#22829)
  • [ruff] Fix false positive for re.split with empty string pattern (RUF055) (#23634)

Bug fixes

  • [fastapi] Handle callable class dependencies with __call__ method (FAST003) (#23553)
  • [pydocstyle] Fix numpy section ordering (D420) (#23685)
  • [pyflakes] Fix false positive for names shadowing re-exports (F811) (#23356)
  • [pyupgrade] Avoid inserting redundant None elements in UP045 (#23459)

Documentation

  • Document extension mapping for Markdown code formatting (#23574)
  • Update default Python version examples (#23605)

Other changes

  • Publish releases to Astral mirror (#23616)

Contributors

Commits
  • 5e4a3d9 Bump 0.15.5 (#23743)
  • 69c23cc [ty] Render all changed diagnostics in conformance.py (#23613)
  • 4926bd5 [ty] Split deferred checks out of types/infer/builder.rs (#23740)
  • 9a70f5e Discover markdown files by default in preview mode (#23434)
  • 3dc78b0 [ty] Use HasOptionalDefinition for except handlers (#23739)
  • a6a5e8d [ty] Fix precedence of all selector in TOML configurations (#23723)
  • 2a5384b [ty] Make all selector case sensitive (#23713)
  • db77d7b [ty] Add a diagnostic if a TypeVar is used to specialize a ParamSpec, or ...
  • db28490 [ty] Override home directory in ty tests (#23724)
  • 5f0fd91 [ty] More type-variable default validation (#23639)
  • Additional commits viewable in compare view

Updates mkdocs-material from 9.7.3 to 9.7.4

Release notes

Sourced from mkdocs-material's releases.

mkdocs-material-9.7.4

[!WARNING]

Material for MkDocs is in maintenance mode

Going forward, the Material for MkDocs team focuses on Zensical, a next-gen static site generator built from first principles. We will provide critical bug fixes and security updates for Material for MkDocs until November 2026.

Read the full announcement on our blog

Changes

  • Hardened social cards plugin by switching to sandboxed environment (recommended by @​caveeroo)
  • Updated MkDocs 2.0 incompatibility warning
Changelog

Sourced from mkdocs-material's changelog.

mkdocs-material-9.7.4 (2026-03-03)

  • Hardened social cards plugin by switching to sandboxed environment
  • Updated MkDocs 2.0 incompatibility warning

mkdocs-material-9.7.3 (2026-02-24)

  • Fixed #8567: Print MkDocs 2.0 incompatibility warning to stderr

mkdocs-material-9.7.2 (2026-02-18)

  • Opened up version ranges of optional dependencies for forward-compatibility
  • Added warning to 'mkdocs build' about impending MkDocs 2.0 incompatibility

mkdocs-material-9.7.1 (2025-12-18)

  • Updated requests to 2.30+ to mitigate CVE in urllib
  • Fixed privacy plugin not picking up protocol-relative URLs
  • Fixed #8542: false positives and negatives captured in privacy plugin

mkdocs-material-9.7.0 (2025-11-11)

⚠️ Material for MkDocs is now in maintenance mode

This is the last release of Material for MkDocs that will receive new features. Going forward, the Material for MkDocs team focuses on Zensical, a next-gen static site generator built from first principles. We will provide critical bug fixes and security updates for Material for MkDocs for 12 months at least.

Read the full announcement on our blog: https://squidfunk.github.io/mkdocs-material/blog/2025/11/05/zensical/

This release includes all features that were previously exclusive to the Insiders edition. These features are now freely available to everyone.

Note on deprecated plugins: The projects and typeset plugins are included in this release, but must be considered deprecated. Both plugins proved unsustainable to maintain and represent architectural dead ends. They are provided as-is without ongoing support.

Changes:

  • Added support for pinned blog posts and author profiles
  • Added support for customizing pagination for blog index pages
  • Added support for customizing blog category sort order
  • Added support for staying on page when switching languages
  • Added support for disabling tags in table of contents
  • Added support for nested tags and shadow tags
  • Added support for footnote tooltips
  • Added support for instant previews

... (truncated)

Commits

Updates fastapi from 0.133.1 to 0.135.1

Release notes

Sourced from fastapi's releases.

0.135.1

Fixes

  • 🐛 Fix, avoid yield from a TaskGroup, only as an async context manager, closed in the request async exit stack. PR #15038 by @​tiangolo.

Docs

Internal

0.135.0

Features

0.134.0

Features

  • ✨ Add support for streaming JSON Lines and binary data with yield. PR #15022 by @​tiangolo.
    • This also upgrades Starlette from >=0.40.0 to >=0.46.0, as it's needed to properly unrwap and re-raise exceptions from exception groups.
    • New docs: Stream JSON Lines.
    • And new docs: Stream Data.

Docs

  • 📝 Update Library Agent Skill with streaming responses. PR #15024 by @​tiangolo.
  • 📝 Update docs for responses and new stream with yield. PR #15023 by @​tiangolo.
  • 📝 Add await in StreamingResponse code example to allow cancellation. PR #14681 by @​casperdcl.
  • 📝 Rename docs_src/websockets to docs_src/websockets_ to avoid import errors. PR #14979 by @​YuriiMotov.

Internal

Commits
  • ca5f60e 🔖 Release version 0.135.1
  • 87f75aa 📝 Update release notes
  • 8a9258b 🐛 Fix, avoid yield from a TaskGroup, only as an async context manager, closed...
  • 6038507 📝 Update release notes
  • c796ba4 👥 Update FastAPI People - Experts (#15037)
  • b24aa03 📝 Update release notes
  • 2c61047 ✏️ Fix typo in docs/en/docs/_llm-test.md (#15007)
  • e3bbeef 📝 Update release notes
  • d726c8c 📝 Update release notes
  • cf514e6 👥 Update FastAPI People - Contributors and Translators (#15029)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps-dev): bump the safe group across 1 directory with 4 updates
589a787 
Bumps the safe group with 4 updates in the / directory: [hatch](https://github.com/pypa/hatch), [ruff](https://github.com/astral-sh/ruff), [mkdocs-material](https://github.com/squidfunk/mkdocs-material) and [fastapi](https://github.com/fastapi/fastapi).


Updates `hatch` from 1.16.4 to 1.16.5
- [Release notes](https://github.com/pypa/hatch/releases)
- [Commits](pypa/hatch@hatch-v1.16.4...hatch-v1.16.5)

Updates `ruff` from 0.15.4 to 0.15.5
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.4...0.15.5)

Updates `mkdocs-material` from 9.7.3 to 9.7.4
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](squidfunk/mkdocs-material@9.7.3...9.7.4)

Updates `fastapi` from 0.133.1 to 0.135.1
- [Release notes](https://github.com/fastapi/fastapi/releases)
- [Commits](fastapi/fastapi@0.133.1...0.135.1)

---
updated-dependencies:
- dependency-name: hatch
  dependency-version: 1.16.5
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: safe
- dependency-name: ruff
  dependency-version: 0.15.5
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: safe
- dependency-name: mkdocs-material
  dependency-version: 9.7.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: safe
- dependency-name: fastapi
  dependency-version: 0.135.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: safe
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Mar 9, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants