Skip to content

Bump the pip-deps group across 1 directory with 9 updates#3040

Open
dependabot[bot] wants to merge 1 commit intodevelopfrom
dependabot/pip/pip-deps-ecbc952ace
Open

Bump the pip-deps group across 1 directory with 9 updates#3040
dependabot[bot] wants to merge 1 commit intodevelopfrom
dependabot/pip/pip-deps-ecbc952ace

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 9, 2026

Bumps the pip-deps group with 9 updates in the / directory:

Package From To
asf-search 11.0.3 12.0.2
flask 3.1.2 3.1.3
boto3 1.42.46 1.42.64
moto[dynamodb] 5.1.21 5.1.22
responses 0.25.8 0.26.0
ruff 0.15.0 0.15.5
setuptools 82.0.0 82.0.1
openapi-spec-validator 0.7.2 0.8.4
cfn-lint 1.44.0 1.46.0

Updates asf-search from 11.0.3 to 12.0.2

Release notes

Sourced from asf-search's releases.

v12.0.2

v12.0.2

Added

  • Add NISAR product type constants for ancillary/aux products, now useable with search() methods. New constants: DCOP, OROST, STUF, TEC, LRCLK_UTC, FOE, MOE, NOE, POE, TSR_STATIC, PMI_STATIC, CORNER_REFL, LSAR_INT_CAL, LSAR_EXT_CAL, FT_WAVEFORM, FT_PARAM, ANTPAT, BFPQ, TFDB, L_CHAN_DATA, SM_STATIC, DSG_STATIC, FRP, PRP, NRP, ECMWF_SMST

Fixed

  • Update ASF_ECMWF_TROPO -> ASF_ECMWF_TROP in dataset collection short name dictionary

v12.0.1

v12.0.1

Added

  • collectionName and conceptID added to TROPOProduct properties dict

v12.0.0

v12.0.0

Added

  • Add DISP-S1-STATIC support: product type constant, added to OPERA-S1 dataset, supported in OPERAS1Product class
  • Add TROPO dataset for TROPO-ZENITH and ECMWF_TROPO product types
  • Add new ASFProduct subclass TROPOProduct for TROPO-ZENITH and ECMWF_TROPO product types

Changed

  • Moved TROPO-ZENITH out of OPERA-S1 dataset, now in standalone TROPO dataset
Changelog

Sourced from asf-search's changelog.

v12.0.2

Added

  • Add NISAR product type constants for ancillary/aux products, now useable with search() methods. New constants: DCOP, OROST, STUF, TEC, LRCLK_UTC, FOE, MOE, NOE, POE, TSR_STATIC, PMI_STATIC, CORNER_REFL, LSAR_INT_CAL, LSAR_EXT_CAL, FT_WAVEFORM, FT_PARAM, ANTPAT, BFPQ, TFDB, L_CHAN_DATA, SM_STATIC, DSG_STATIC, FRP, PRP, NRP, ECMWF_SMST

Fixed

  • Update ASF_ECMWF_TROPO -> ASF_ECMWF_TROP in dataset collection short name dictionary

v12.0.1

Added

  • collectionName and conceptID added to TROPOProduct properties dict

v12.0.0

Added

  • Add DISP-S1-STATIC support: product type constant, added to OPERA-S1 dataset, supported in OPERAS1Product class
  • Add TROPO dataset for TROPO-ZENITH and ECMWF_TROPO product types
  • Add new ASFProduct subclass TROPOProduct for TROPO-ZENITH and ECMWF_TROPO product types

Changed

  • Moved TROPO-ZENITH out of OPERA-S1 dataset, now in standalone TROPO dataset
Commits
  • 8ec17d2 Merge pull request #429 from asfadmin/feat-nisar-ancillary
  • fe5be90 fix: fix product type constant values. Update changelog
  • f5b1a9e organizes NISAR anc/aux product type constants, comments some out for future ...
  • 89a6292 bug: ASF_ECMWF_TROP typo (was this updated?)
  • 070733a chore: switch tab to space
  • 7c4f065 test: update stuf test case
  • d98c839 feat: re-add stuff, LRCLK_UTC & CMWF_SMST
  • 16bd31d feat: make ancillary/aux products searchable by product type
  • 036e6f7 Merge pull request #422 from asfadmin/topic-tropo-metadata-improvement
  • e7c8d94 feature: add collectionName and conceptID to TROPOProduct properties
  • Additional commits viewable in compare view

Updates flask from 3.1.2 to 3.1.3

Release notes

Sourced from flask's releases.

3.1.3

This is the Flask 3.1.3 security fix release, which fixes a security issue but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/Flask/3.1.3/ Changes: https://flask.palletsprojects.com/page/changes/#version-3-1-3

  • The session is marked as accessed for operations that only access the keys but not the values, such as in and len. GHSA-68rp-wp8r-4726
Changelog

Sourced from flask's changelog.

Version 3.1.3

Released 2026-02-18

  • The session is marked as accessed for operations that only access the keys but not the values, such as in and len. :ghsa:68rp-wp8r-4726
Commits
  • 22d9247 release version 3.1.3
  • 089cb86 Merge commit from fork
  • c17f379 request context tracks session access
  • 27be933 start version 3.1.3
  • 4e652d3 Abort if the instance folder cannot be created (#5903)
  • 3d03098 Abort if the instance folder cannot be created
  • 407eb76 document using gevent for async (#5900)
  • ac5664d document using gevent for async
  • 4f79d5b Increase required flit_core version to 3.11 (#5865)
  • fe3b215 Increase required flit_core version to 3.11
  • Additional commits viewable in compare view

Updates boto3 from 1.42.46 to 1.42.64

Commits
  • 12c6ff2 Merge branch 'release-1.42.64'
  • e006a9a Bumping version to 1.42.64
  • e4935ee Add changelog entries from botocore
  • 3cb7506 Fix typo in CONTRIBUTING.rst: codstyle to codestyle (#4731)
  • 5e8adc5 Merge branch 'release-1.42.63'
  • 1c19e8c Merge branch 'release-1.42.63' into develop
  • ab9feea Bumping version to 1.42.63
  • ea37886 Add changelog entries from botocore
  • 1e80b23 Merge branch 'release-1.42.62'
  • e36ca90 Merge branch 'release-1.42.62' into develop
  • Additional commits viewable in compare view

Updates moto[dynamodb] from 5.1.21 to 5.1.22

Changelog

Sourced from moto[dynamodb]'s changelog.

5.1.22

Docker Digest for 5.1.22: sha256:1e3802c95726373544967b428201c548f0247c15b00db2d96a5ba0a77d8643b8

New Methods:
    * APIGateway:
        * delete_model()

* Athena:
    * tag_resource()
    * untag_resource()

    

  • 

    Pipes:
    

      

    • list_tags_for_resource()
      • 

    

    • 

  • 

    OSIS:
    

      

    • delete_resource_policy()
      • 

    • get_resource_policy()
      • 

    • put_resource_policy()
      • 

    

    • 

  • 

    RDS:
    

      

    • copy_db_cluster_parameter_group()
      • 

    

    • 

  • 

    STS:
    

      

    • get_access_key_info()
      • 

    

    • 

  • 

    Transfer:
    

      

    • list_servers()
      






Miscellaneous:
* CloudFormation now supports the creation/update/deletion of AWS::CloudWatch::Dashboard resources
* CloudFormation now supports the creation/update/deletion of AWS::KMS::Alias resources
* CloudFormation now supports the creation/update/deletion of AWS::SSM::Document resources
* EC2: create_fleet() now supports the parameters DryRun and LaunchTemplateConfigs.Overrides
* EC2: describe_network_interfaces() now supports the 'attachment.attachment-id'-filter
* EC2: Instances created from a LaunchTemplate now have the 'aws:ec2launchtemplate:id' and 'aws:ec2launchtemplate:version' tags
* RDS: create_db_cluster_parameter_group() now validates the provided group name/description/familiy
* RDS: delete_db_cluster_parameter_group() now validates that the provided group exists
* S3: delete_object() now supports IfMatch
* SecretsManager: create-secret() now throw ResourceExistsException for duplicate requests with different token (broken since 5.1.11)
* SQS: send_message() now returns the SequenceNumber-attribute
* VPCLattice: list_access_log_subscriptions() now also supports arns as resourceIdentifiers

Commits

Updates responses from 0.25.8 to 0.26.0

Release notes

Sourced from responses's releases.

0.26.0

  • When using assert_all_requests_are_fired=True, assertions about unfired requests are now raised even when an exception occurs in the context manager or decorated function. Previously, these assertions were suppressed when exceptions occurred. This new behavior provides valuable debugging context about which mocked requests were or weren't called.
  • Consider the Retry-After header when handling retries
Changelog

Sourced from responses's changelog.

0.26.0

  • When using assert_all_requests_are_fired=True, assertions about unfired requests are now raised even when an exception occurs in the context manager or decorated function. Previously, these assertions were suppressed when exceptions occurred. This new behavior provides valuable debugging context about which mocked requests were or weren't called.
  • Consider the Retry-After header when handling retries
Commits
  • 94913d0 release: 0.26.0
  • 051b79e Make assert_all_requests_are_fired always assert on exception (#782)
  • 0905cb8 Fix query_param_matcher not matching empty query parameter values (#787)
  • e0c6faa ci(release): Switch from action-prepare-release to Craft (#785)
  • 1be3a73 fix: Consider the Retry-After header when handling retries (#784)
  • c6730fb Merge branch 'release/0.25.8'
  • See full diff in compare view

Updates ruff from 0.15.0 to 0.15.5

Release notes

Sourced from ruff's releases.

0.15.5

Release Notes

Released on 2026-03-05.

Preview features

  • Discover Markdown files by default in preview mode (#23434)
  • [perflint] Extend PERF102 to comprehensions and generators (#23473)
  • [refurb] Fix FURB101 and FURB103 false positives when I/O variable is used later (#23542)
  • [ruff] Add fix for none-not-at-end-of-union (RUF036) (#22829)
  • [ruff] Fix false positive for re.split with empty string pattern (RUF055) (#23634)

Bug fixes

  • [fastapi] Handle callable class dependencies with __call__ method (FAST003) (#23553)
  • [pydocstyle] Fix numpy section ordering (D420) (#23685)
  • [pyflakes] Fix false positive for names shadowing re-exports (F811) (#23356)
  • [pyupgrade] Avoid inserting redundant None elements in UP045 (#23459)

Documentation

  • Document extension mapping for Markdown code formatting (#23574)
  • Update default Python version examples (#23605)

Other changes

  • Publish releases to Astral mirror (#23616)

Contributors

Install ruff 0.15.5

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/ruff/releases/download/0.15.5/ruff-installer.sh | sh

Install prebuilt binaries via powershell script

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.5

Released on 2026-03-05.

Preview features

  • Discover Markdown files by default in preview mode (#23434)
  • [perflint] Extend PERF102 to comprehensions and generators (#23473)
  • [refurb] Fix FURB101 and FURB103 false positives when I/O variable is used later (#23542)
  • [ruff] Add fix for none-not-at-end-of-union (RUF036) (#22829)
  • [ruff] Fix false positive for re.split with empty string pattern (RUF055) (#23634)

Bug fixes

  • [fastapi] Handle callable class dependencies with __call__ method (FAST003) (#23553)
  • [pydocstyle] Fix numpy section ordering (D420) (#23685)
  • [pyflakes] Fix false positive for names shadowing re-exports (F811) (#23356)
  • [pyupgrade] Avoid inserting redundant None elements in UP045 (#23459)

Documentation

  • Document extension mapping for Markdown code formatting (#23574)
  • Update default Python version examples (#23605)

Other changes

  • Publish releases to Astral mirror (#23616)

Contributors

0.15.4

Released on 2026-02-26.

This is a follow-up release to 0.15.3 that resolves a panic when the new rule PLR1712 was enabled with any rule that analyzes definitions, such as many of the ANN or D rules.

Bug fixes

  • Fix panic on access to definitions after analyzing definitions (#23588)
  • [pyflakes] Suppress false positive in F821 for names used before del in stub files (#23550)

... (truncated)

Commits
  • 5e4a3d9 Bump 0.15.5 (#23743)
  • 69c23cc [ty] Render all changed diagnostics in conformance.py (#23613)
  • 4926bd5 [ty] Split deferred checks out of types/infer/builder.rs (#23740)
  • 9a70f5e Discover markdown files by default in preview mode (#23434)
  • 3dc78b0 [ty] Use HasOptionalDefinition for except handlers (#23739)
  • a6a5e8d [ty] Fix precedence of all selector in TOML configurations (#23723)
  • 2a5384b [ty] Make all selector case sensitive (#23713)
  • db77d7b [ty] Add a diagnostic if a TypeVar is used to specialize a ParamSpec, or ...
  • db28490 [ty] Override home directory in ty tests (#23724)
  • 5f0fd91 [ty] More type-variable default validation (#23639)
  • Additional commits viewable in compare view

Updates setuptools from 82.0.0 to 82.0.1

Changelog

Sourced from setuptools's changelog.

v82.0.1

Bugfixes

  • Fix the loading of launcher manifest.xml file. (#5047)
  • Replaced deprecated json.__version__ with fixture in tests. (#5186)

Improved Documentation

  • Add advice about how to improve predictability when installing sdists. (#5168)

Misc

Commits
  • 5a13876 Bump version: 82.0.0 → 82.0.1
  • 51ab8f1 Avoid using (deprecated) 'json.version' in tests (#5194)
  • f9c37b2 Docs/CI: Fix intersphinx references (#5195)
  • 8173db2 Docs: Fix intersphinx references
  • 09bafbc Fix past tense on newsfragment
  • 461ea56 Add news fragment
  • c4ffe53 Avoid using (deprecated) 'json.version' in tests
  • 749258b Cleanup pkg_resources dependencies and configuration (#5175)
  • 2019c16 Parse ext-module.define-macros from pyproject.toml as list of tuples (#5169)
  • b809c86 Sync setuptools schema with validate-pyproject (#5157)
  • Additional commits viewable in compare view

Updates openapi-spec-validator from 0.7.2 to 0.8.4

Release notes

Sourced from openapi-spec-validator's releases.

0.8.4

Features

  • Jsonschema-rs backend #478

0.8.3

Features

  • Use resolved cache feature of jsonschema-path #479

0.8.2

Features

  • OpenAPI 3.2 support #472
  • Add OAS 3.1 jsonSchemaDialect-aware schema meta-validation #471

0.8.1

Features

  • CLI version option #466
  • Split CLI error controls into validation and subschema modes #469

Fixes

  • Fix malformed schema traversal to report validation errors instead of internal exceptions #467
  • Validate declared path parameters against path template #470

Deprecations

  • Deprecates --error/--errors CLI options #469

0.8.0

Upgrades

  • Jsonschema-path 0.4 and openapi-schema-validator 0.7 upgrades #459
  • Python 3.13 and 3.14 support #392 #457

Fixes

  • Update openapi-schema-validator version constraint #439

Backward incompatibilities

0.8.0b3

Upgrades

  • Jsonschema-path 0.4.0b8 upgrade #455

... (truncated)

Commits
  • cca400f Version 0.8.4
  • 33585ea Merge pull request #478 from python-openapi/poc/rust-backend
  • a10dfe6 Merge pull request #480 from python-openapi/copilot/sub-pr-478
  • da9c9cb Address review feedback: fix docstring, trailing whitespace, f-string, instal...
  • 629f4e2 Initial plan
  • df9ba9b Rust backend
  • a093f9c Version 0.8.3
  • 0d757b5 Merge pull request #479 from python-openapi/feature/upgrade-jsonschema-path-0...
  • 0bbd761 Expose resolved cache
  • 023da95 Upgrade jsonschema-path 0.4.3
  • Additional commits viewable in compare view

Updates cfn-lint from 1.44.0 to 1.46.0

Release notes

Sourced from cfn-lint's releases.

Release v1.46.0

What's Changed

New Contributors

Full Changelog: aws-cloudformation/cfn-lint@v1.45.0...v1.46.0

Release v1.45.0

What's Changed

New Contributors

Full Changelog: aws-cloudformation/cfn-lint@v1.44.0...v1.45.0

Changelog

Sourced from cfn-lint's changelog.

v1.46.0

What's Changed

New Contributors

Full Changelog: aws-cloudformation/cfn-lint@v1.45.0...v1.46.0

v1.45.0

What's Changed

New Contributors

Full Changelog: aws-cloudformation/cfn-lint@v1.44.0...v1.45.0

Commits
  • e934090 Release v1.46.0 (#4380)
  • 0baeac8 Update CloudFormation schemas to 2026-03-02 (#4375)
  • 8740131 feat: add rule E3063 to validate GuardDuty Detector property exclusivity (#4364)
  • 596a08b Release v1.45.0 (#4374)
  • 8f85b91 Update CloudFormation schemas to 2026-02-23 (#4362)
  • 718a23a Accept any SSM parameter and List types with warning for undocumented types (...
  • a46657d Fix E3009 false positive for Fn::Transform in additional properties (#4368)
  • 599b0fa Pin cfn-lint version to 1.44.0 in Dockerfile (#4365)
  • f8a00aa chore(deps): bump pyinstaller from 6.18.0 to 6.19.0 in /requirements (#4370)
  • e987bd8 Add lambda schema extensions (#4372)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the pip-deps group across 1 directory with 9 updates
7dc9dcd 
Bumps the pip-deps group with 9 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [asf-search](https://github.com/asfadmin/Discovery-asf_search) | `11.0.3` | `12.0.2` |
| [flask](https://github.com/pallets/flask) | `3.1.2` | `3.1.3` |
| [boto3](https://github.com/boto/boto3) | `1.42.46` | `1.42.64` |
| [moto[dynamodb]](https://github.com/getmoto/moto) | `5.1.21` | `5.1.22` |
| [responses](https://github.com/getsentry/responses) | `0.25.8` | `0.26.0` |
| [ruff](https://github.com/astral-sh/ruff) | `0.15.0` | `0.15.5` |
| [setuptools](https://github.com/pypa/setuptools) | `82.0.0` | `82.0.1` |
| [openapi-spec-validator](https://github.com/python-openapi/openapi-spec-validator) | `0.7.2` | `0.8.4` |
| [cfn-lint](https://github.com/aws-cloudformation/cfn-lint) | `1.44.0` | `1.46.0` |



Updates `asf-search` from 11.0.3 to 12.0.2
- [Release notes](https://github.com/asfadmin/Discovery-asf_search/releases)
- [Changelog](https://github.com/asfadmin/Discovery-asf_search/blob/master/CHANGELOG.md)
- [Commits](asfadmin/Discovery-asf_search@v11.0.3...v12.0.2)

Updates `flask` from 3.1.2 to 3.1.3
- [Release notes](https://github.com/pallets/flask/releases)
- [Changelog](https://github.com/pallets/flask/blob/main/CHANGES.rst)
- [Commits](pallets/flask@3.1.2...3.1.3)

Updates `boto3` from 1.42.46 to 1.42.64
- [Release notes](https://github.com/boto/boto3/releases)
- [Commits](boto/boto3@1.42.46...1.42.64)

Updates `moto[dynamodb]` from 5.1.21 to 5.1.22
- [Release notes](https://github.com/getmoto/moto/releases)
- [Changelog](https://github.com/getmoto/moto/blob/master/CHANGELOG.md)
- [Commits](getmoto/moto@5.1.21...5.1.22)

Updates `responses` from 0.25.8 to 0.26.0
- [Release notes](https://github.com/getsentry/responses/releases)
- [Changelog](https://github.com/getsentry/responses/blob/master/CHANGES)
- [Commits](getsentry/responses@0.25.8...0.26.0)

Updates `ruff` from 0.15.0 to 0.15.5
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.0...0.15.5)

Updates `setuptools` from 82.0.0 to 82.0.1
- [Release notes](https://github.com/pypa/setuptools/releases)
- [Changelog](https://github.com/pypa/setuptools/blob/main/NEWS.rst)
- [Commits](pypa/setuptools@v82.0.0...v82.0.1)

Updates `openapi-spec-validator` from 0.7.2 to 0.8.4
- [Release notes](https://github.com/python-openapi/openapi-spec-validator/releases)
- [Commits](python-openapi/openapi-spec-validator@0.7.2...0.8.4)

Updates `cfn-lint` from 1.44.0 to 1.46.0
- [Release notes](https://github.com/aws-cloudformation/cfn-lint/releases)
- [Changelog](https://github.com/aws-cloudformation/cfn-lint/blob/main/CHANGELOG.md)
- [Commits](aws-cloudformation/cfn-lint@v1.44.0...v1.46.0)

---
updated-dependencies:
- dependency-name: asf-search
  dependency-version: 12.0.2
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: pip-deps
- dependency-name: flask
  dependency-version: 3.1.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-deps
- dependency-name: boto3
  dependency-version: 1.42.64
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-deps
- dependency-name: moto[dynamodb]
  dependency-version: 5.1.22
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-deps
- dependency-name: responses
  dependency-version: 0.26.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-deps
- dependency-name: ruff
  dependency-version: 0.15.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-deps
- dependency-name: setuptools
  dependency-version: 82.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-deps
- dependency-name: openapi-spec-validator
  dependency-version: 0.8.4
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-deps
- dependency-name: cfn-lint
  dependency-version: 1.46.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added bumpless Changes to documentation, CI/CD pipelines, etc that don't affect the project's version major Bump the major version number of this project labels Mar 9, 2026
@dependabot dependabot bot requested review from a team as code owners March 9, 2026 20:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

bumpless Changes to documentation, CI/CD pipelines, etc that don't affect the project's version major Bump the major version number of this project

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants