Skip to content

build(deps-dev): bump the dev-dependencies group with 4 updates#84

Merged
github-actions[bot] merged 1 commit intodevelopfrom
dependabot/pip/dev-dependencies-0155fa5318
Feb 16, 2026
Merged

build(deps-dev): bump the dev-dependencies group with 4 updates#84
github-actions[bot] merged 1 commit intodevelopfrom
dependabot/pip/dev-dependencies-0155fa5318

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 16, 2026

Bumps the dev-dependencies group with 4 updates: pytest-httpserver, ruff, petname and boto3.

Updates pytest-httpserver from 1.1.3 to 1.1.5

Release notes

Sourced from pytest-httpserver's releases.

1.1.5

What's Changed

Full Changelog: csernazs/pytest-httpserver@1.1.4...1.1.5

1.1.4

What's Changed

Full Changelog: csernazs/pytest-httpserver@1.1.3...1.1.4

Changelog

Sourced from pytest-httpserver's changelog.

1.1.5

.. _Release Notes_1.1.5_New Features:

New Features

  • Add bake() method to HTTPServer for creating pre-configured request expectation proxies (BakedHTTPServer). This allows sharing common keyword arguments (e.g. method, headers) across multiple expect_request() calls with last-wins merging semantics. [#470](https://github.com/csernazs/pytest-httpserver/issues/470) <https://github.com/csernazs/pytest-httpserver/pull/470>_ Contributed by @HayaoSuzuki <https://github.com/HayaoSuzuki>_

.. _Release Notes_1.1.4:

1.1.4

.. _Release Notes_1.1.4_New Features:

New Features

  • More robust server startup by checking server readiness (disabled by default). [#462](https://github.com/csernazs/pytest-httpserver/issues/462) <https://github.com/csernazs/pytest-httpserver/pull/462>_

.. _Release Notes_1.1.4_Deprecation Notes:

Deprecation Notes

  • Python 3.9 has been deprecated as it reached EOL 2025-10-31. While the code may work on this version, there will be no CI tests running on it.

.. _Release Notes_1.1.3:

Commits
  • 840c7d1 CHANGES.rst: add release notes for 1.1.5
  • 7c7be88 Version bump to 1.1.5
  • f1971ce fix-release: remove release notes
  • ae956c0 release.py: fix check order
  • c880480 Make release.py more robust
  • 310529c Add bake() method for pre-configured request expectations
  • 7716cda [pre-commit.ci] pre-commit autoupdate
  • 98fe77c CHANGES.rst: add release notes for 1.1.4
  • dd070b2 Version bump to 1.1.4
  • cb65a6f releasenotes: add release note for readiness check
  • Additional commits viewable in compare view

Updates ruff from 0.15.0 to 0.15.1

Release notes

Sourced from ruff's releases.

0.15.1

Release Notes

Released on 2026-02-12.

Preview features

  • [airflow] Add ruff rules to catch deprecated Airflow imports for Airflow 3.1 (AIR321) (#22376)
  • [airflow] Third positional parameter not named ti_key should be flagged for BaseOperatorLink.get_link (AIR303) (#22828)
  • [flake8-gettext] Fix false negatives for plural argument of ngettext (INT001, INT002, INT003) (#21078)
  • [pyflakes] Fix infinite loop in preview fix for unused-import (F401) (#23038)
  • [pygrep-hooks] Detect non-existent mock methods in standalone expressions (PGH005) (#22830)
  • [pylint] Allow dunder submodules and improve diagnostic range (PLC2701) (#22804)
  • [pyupgrade] Improve diagnostic range for tuples (UP024) (#23013)
  • [refurb] Check subscripts in tuple do not use lambda parameters in reimplemented-operator (FURB118) (#23079)
  • [ruff] Detect mutable defaults in field calls (RUF008) (#23046)
  • [ruff] Ignore std cmath.inf (RUF069) (#23120)
  • [ruff] New rule float-equality-comparison (RUF069) (#20585)
  • Don't format unlabeled Markdown code blocks (#23106)
  • Markdown formatting support in LSP (#23063)
  • Support Quarto Markdown language markers (#22947)
  • Support formatting pycon Markdown code blocks (#23112)
  • Use extension mapping to select Markdown code block language (#22934)

Bug fixes

  • Avoid false positive for undefined variables in FAST001 (#23224)
  • Avoid introducing syntax errors for FAST003 autofix (#23227)
  • Avoid suggesting InitVar for __post_init__ that references PEP 695 type parameters (#23226)
  • Deduplicate type variables in generic functions (#23225)
  • Fix exception handler parenthesis removal for Python 3.14+ (#23126)
  • Fix f-string middle panic when parsing t-strings (#23232)
  • Wrap RUF020 target for multiline fixes (#23210)
  • Wrap UP007 target for multiline fixes (#23208)
  • Fix missing diagnostics for last range suppression in file (#23242)
  • [pyupgrade] Fix syntax error on string with newline escape and comment (UP037) (#22968)

Rule changes

  • Use ruff instead of Ruff as the program name in GitHub output format (#23240)
  • [PT006] Fix syntax error when unpacking nested tuples in parametrize fixes (#22441) (#22464)
  • [airflow] Catch deprecated attribute access from context key for Airflow 3.0 (AIR301) (#22850)
  • [airflow] Capture deprecated arguments and a decorator (AIR301) (#23170)
  • [flake8-boolean-trap] Add multiprocessing.Value to excluded functions for FBT003 (#23010)
  • [flake8-bugbear] Add a secondary annotation showing the previous occurrence (B033) (#22634)
  • [flake8-type-checking] Add sub-diagnostic showing the runtime use of an annotation (TC004) (#23091)
  • [isort] Support configurable import section heading comments (#23151)
  • [ruff] Improve the diagnostic for RUF012 (#23202)

Formatter

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.1

Released on 2026-02-12.

Preview features

  • [airflow] Add ruff rules to catch deprecated Airflow imports for Airflow 3.1 (AIR321) (#22376)
  • [airflow] Third positional parameter not named ti_key should be flagged for BaseOperatorLink.get_link (AIR303) (#22828)
  • [flake8-gettext] Fix false negatives for plural argument of ngettext (INT001, INT002, INT003) (#21078)
  • [pyflakes] Fix infinite loop in preview fix for unused-import (F401) (#23038)
  • [pygrep-hooks] Detect non-existent mock methods in standalone expressions (PGH005) (#22830)
  • [pylint] Allow dunder submodules and improve diagnostic range (PLC2701) (#22804)
  • [pyupgrade] Improve diagnostic range for tuples (UP024) (#23013)
  • [refurb] Check subscripts in tuple do not use lambda parameters in reimplemented-operator (FURB118) (#23079)
  • [ruff] Detect mutable defaults in field calls (RUF008) (#23046)
  • [ruff] Ignore std cmath.inf (RUF069) (#23120)
  • [ruff] New rule float-equality-comparison (RUF069) (#20585)
  • Don't format unlabeled Markdown code blocks (#23106)
  • Markdown formatting support in LSP (#23063)
  • Support Quarto Markdown language markers (#22947)
  • Support formatting pycon Markdown code blocks (#23112)
  • Use extension mapping to select Markdown code block language (#22934)

Bug fixes

  • Avoid false positive for undefined variables in FAST001 (#23224)
  • Avoid introducing syntax errors for FAST003 autofix (#23227)
  • Avoid suggesting InitVar for __post_init__ that references PEP 695 type parameters (#23226)
  • Deduplicate type variables in generic functions (#23225)
  • Fix exception handler parenthesis removal for Python 3.14+ (#23126)
  • Fix f-string middle panic when parsing t-strings (#23232)
  • Wrap RUF020 target for multiline fixes (#23210)
  • Wrap UP007 target for multiline fixes (#23208)
  • Fix missing diagnostics for last range suppression in file (#23242)
  • [pyupgrade] Fix syntax error on string with newline escape and comment (UP037) (#22968)

Rule changes

  • Use ruff instead of Ruff as the program name in GitHub output format (#23240)
  • [PT006] Fix syntax error when unpacking nested tuples in parametrize fixes (#22441) (#22464)
  • [airflow] Catch deprecated attribute access from context key for Airflow 3.0 (AIR301) (#22850)
  • [airflow] Capture deprecated arguments and a decorator (AIR301) (#23170)
  • [flake8-boolean-trap] Add multiprocessing.Value to excluded functions for FBT003 (#23010)
  • [flake8-bugbear] Add a secondary annotation showing the previous occurrence (B033) (#22634)
  • [flake8-type-checking] Add sub-diagnostic showing the runtime use of an annotation (TC004) (#23091)
  • [isort] Support configurable import section heading comments (#23151)
  • [ruff] Improve the diagnostic for RUF012 (#23202)

Formatter

... (truncated)

Commits
  • a2f11d2 Prepare for 0.15.1 (#23253)
  • d29628e Remove docker-run-action (#23254)
  • 8a04266 [ty] Allow discovering dependencies in system Python environments (#22994)
  • 55d06c8 Ensure pending suppression diagnostics are reported (#23242)
  • d056a9f [isort] support for configurable import section heading comments (#23151)
  • e22fa4f [ty] Fix method calls on subclasses of Any (#23248)
  • fa56c15 [ty] Fix bound method access on None (#23246)
  • 4fd07d0 Make range suppression test snapshot actually useful (#23251)
  • 8c63bce [ty] Include conditional symbols (like datetime.UTC) in auto-import in more...
  • 46be943 Exclude WASM artifacts from GitHub releases (#23221)
  • Additional commits viewable in compare view

Updates petname from 2.6 to 2.9

Release notes

Sourced from petname's releases.

python-petname 2.9 - CRITICAL SECURITY RELEASE

🚨 CRITICAL SECURITY RELEASE - python-petname 2.9

ALL USERS SHOULD UPGRADE IMMEDIATELY due to critical DoS vulnerabilities.

🔒 Security Fixes

CRITICAL: Infinite Loop DoS Vulnerability (CVE Candidate)

Issue: Word selection functions could hang indefinitely when the letters parameter was smaller than the shortest word in the list, causing 100% CPU usage and denial of service.

Affected Functions:

  • petname.adverb(letters) - hung when letters < 4
  • petname.adjective(letters) - hung when letters < 2
  • petname.name(letters) - hung when letters < 2

Fix: Added minimum length validation to prevent infinite loops:

# Before: Could hang forever
petname.adverb(1)  # ❌ HUNG INDEFINITELY
After: Returns immediately
petname.adverb(1)  # ✅ Returns 'duly' in <0.001s

Impact:

  • Prevents CPU-based DoS attacks
  • Eliminates process hangs
  • Protects services using petname library

HIGH: CLI Input Validation

Issue: CLI crashed with unhandled exceptions on invalid input.

Fix: Added proper error handling with user-friendly messages:

# Before: Cryptic traceback
$ python -m petname --letters abc
ValueError: invalid literal for int()...
After: Clear error message
$ python -m petname --letters abc
Error: --words and --letters must be valid integers

... (truncated)

Commits

Updates boto3 from 1.42.44 to 1.42.49

Commits
  • 5afca39 Merge branch 'release-1.42.49'
  • aa389d7 Bumping version to 1.42.49
  • 5a257bd Add changelog entries from botocore
  • 62a5985 Merge branch 'release-1.42.48'
  • 227e890 Merge branch 'release-1.42.48' into develop
  • 15a15f3 Bumping version to 1.42.48
  • ecbbc9c Add changelog entries from botocore
  • f53c2a4 Start testing Python 3.15 Alpha (#4720)
  • 069d2c1 Merge branch 'release-1.42.47'
  • f0327fb Merge branch 'release-1.42.47' into develop
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps-dev): bump the dev-dependencies group with 4 updates
9b95c71 
Bumps the dev-dependencies group with 4 updates: [pytest-httpserver](https://github.com/csernazs/pytest-httpserver), [ruff](https://github.com/astral-sh/ruff), [petname](https://github.com/dustinkirkland/python-petname) and [boto3](https://github.com/boto/boto3).


Updates `pytest-httpserver` from 1.1.3 to 1.1.5
- [Release notes](https://github.com/csernazs/pytest-httpserver/releases)
- [Changelog](https://github.com/csernazs/pytest-httpserver/blob/master/CHANGES.rst)
- [Commits](csernazs/pytest-httpserver@1.1.3...1.1.5)

Updates `ruff` from 0.15.0 to 0.15.1
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.0...0.15.1)

Updates `petname` from 2.6 to 2.9
- [Release notes](https://github.com/dustinkirkland/python-petname/releases)
- [Commits](https://github.com/dustinkirkland/python-petname/commits/2.9)

Updates `boto3` from 1.42.44 to 1.42.49
- [Release notes](https://github.com/boto/boto3/releases)
- [Commits](boto/boto3@1.42.44...1.42.49)

---
updated-dependencies:
- dependency-name: pytest-httpserver
  dependency-version: 1.1.5
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: ruff
  dependency-version: 0.15.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: petname
  dependency-version: '2.9'
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: boto3
  dependency-version: 1.42.49
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Feb 16, 2026
@sonarqubecloud
Copy link

sonarqubecloud bot commented Feb 16, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@github-actions github-actions bot merged commit 09ceff8 into develop Feb 16, 2026
6 checks passed
@github-actions github-actions bot deleted the dependabot/pip/dev-dependencies-0155fa5318 branch February 16, 2026 03:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants