deps: bump the prod-deps group across 1 directory with 6 updates #215

dependabot · 2025-10-20T01:04:23Z

Bumps the prod-deps group with 6 updates in the / directory:

Package	From	To
psycopg2-binary	`2.9.7`	`2.9.11`
xmlschema	`4.1.0`	`4.2.0`
jellyfish	`1.2.0`	`1.2.1`
uwsgi	`2.0.30`	`2.0.31`
coverage	`7.10.7`	`7.11.0`
tox	`4.30.3`	`4.31.0`

Updates psycopg2-binary from 2.9.7 to 2.9.11

Changelog

Sourced from psycopg2-binary's changelog.

Current release

What's new in psycopg 2.9.11 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Add support for Python 3.14.

Avoid a segfault passing more arguments than placeholders if Python is built with assertions enabled (:ticket:[#1791](https://github.com/psycopg/psycopg2/issues/1791)).

~psycopg2.errorcodes map and ~psycopg2.errors classes updated to PostgreSQL 18.

Drop support for Python 3.8.

What's new in psycopg 2.9.10 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Add support for Python 3.13.

Receive notifications on commit (:ticket:[#1728](https://github.com/psycopg/psycopg2/issues/1728)).

~psycopg2.errorcodes map and ~psycopg2.errors classes updated to PostgreSQL 17.

Drop support for Python 3.7.

What's new in psycopg 2.9.9 ^^^^^^^^^^^^^^^^^^^^^^^^^^^

Add support for Python 3.12.

Drop support for Python 3.6.

What's new in psycopg 2.9.8 ^^^^^^^^^^^^^^^^^^^^^^^^^^^

Wheel package bundled with PostgreSQL 16 libpq in order to add support for recent features, such as sslcertmode.

What's new in psycopg 2.9.7 ^^^^^^^^^^^^^^^^^^^^^^^^^^^

Fix propagation of exceptions raised during module initialization (:ticket:[#1598](https://github.com/psycopg/psycopg2/issues/1598)).

Fix building when pg_config returns an empty string (:ticket:[#1599](https://github.com/psycopg/psycopg2/issues/1599)).

Wheel package bundled with OpenSSL 1.1.1v.

What's new in psycopg 2.9.6 ^^^^^^^^^^^^^^^^^^^^^^^^^^^

... (truncated)

Commits

fd9ae8c chore: bump to version 2.9.11
d923840 chore: update docs requirements
d42dc71 Merge branch 'fix-1791'
4fde656 fix: avoid failed assert passing more arguments than placeholders
8308c19 fix: drop warning about the use of deprecated PyWeakref_GetObject function
1a1eabf build(deps): bump actions/github-script from 7 to 8
897af8b build(deps): bump peter-evans/repository-dispatch from 3 to 4
ceefd30 build(deps): bump actions/checkout from 4 to 5
4dc5854 build(deps): bump actions/setup-python from 5 to 6
1945788 Merge pull request #1802 from edgarrmondragon/cp314-wheels
Additional commits viewable in compare view

Updates xmlschema from 4.1.0 to 4.2.0

Release notes

Sourced from xmlschema's releases.

v4.2.0 (2025-10-14)

Add arguments validation for schemas and validation methods (by validation contexts)

Add SchemaSettings dataclass for storing read-only settings for schema instances and for managing package default settings

Add block argument to XMLResource class (issue #464)

Add MAX_SCHEMA_SOURCES package limit (1000, applied to XsdGlobals global maps instances)

Add MAX_XML_ELEMENTS package limit (1,000,000, applied to non-lazy XMLResource instances)

Reduce MAX_XML_DEPTH limit to 1000 and apply it to all XMLResource instances

Fix for substitute match in case of unexpected child (issue #461)

Changelog

Sourced from xmlschema's changelog.

v4.2.0_ (2025-10-14)

Add arguments validation for schemas and validation methods (by validation contexts)

Add SchemaSettings dataclass for storing read-only settings for schema instances and for managing package default settings

Add block argument to XMLResource class (issue #464)

Add MAX_SCHEMA_SOURCES package limit (1000, applied to XsdGlobals global maps instances)

Add MAX_XML_ELEMENTS package limit (1,000,000, applied to non-lazy XMLResource instances)

Reduce MAX_XML_DEPTH limit to 1000 and apply it to all XMLResource instances

Fix for substitute match in case of unexpected child (issue #461)

Commits

2783030 Bump minor release
7c77a12 Include publiccode.yml validation workflow for CI and README changes
04c19d5 Fix XsdGroup.match_element (issue #461)
dd4f279 Merge pull request #463 from publiccode-pr-bot/chore/add-publiccode-parser-ac...
1bd7aa6 Update GitHub workflow for CI
76b0f67 Patch mypy tests with protocols
28727bb Update docs and release info
e4131ea Add from_settings() class method to schemas
0aea8de Rewrite validation contexts as normal classes
d443d7b Full validation of context arguments
Additional commits viewable in compare view

Updates jellyfish from 1.2.0 to 1.2.1

Updates uwsgi from 2.0.30 to 2.0.31

Updates coverage from 7.10.7 to 7.11.0

Changelog

Sourced from coverage's changelog.

Version 7.11.0 — 2025-10-15

Dropped support for Python 3.9, declared support for Python 3.15 alpha.

.. _changes_7-10-7:

Commits

20ef00b docs: sample HTML for 7.11.0
5edf8eb docs: prep for 7.11.0
2c023ae build: 3.15 is supported
2f1b95b refactor: no need for _BaseCoverageException
72b1bcc build: test light-threads on all versions of Python
16e9379 refactor: move core tests to their own file
bc8875d test: change a test to be in-process so metacov can capture its work
8e5d5b1 build: tweak some version info
b0236df test: more tests for core selection, and some refactoring of them
56edde6 build: next version will be 7.11.0
Additional commits viewable in compare view

Updates tox from 4.30.3 to 4.31.0

Release notes

Sourced from tox's releases.

4.31.0

What's Changed

Address a type-conversion noted during doc builds by @kurtmckee in tox-dev/tox#3623

Add 3.14, drop 3.9 and support | union style by @gaborbernat in tox-dev/tox#3624

Full Changelog: tox-dev/tox@4.30.3...4.31.0

Changelog

Sourced from tox's changelog.

v4.31.0 (2025-10-09)

No significant changes.

Commits

eac78c1 release 4.31.0
733f5aa Add 3.14, drop 3.9 and support | union style (#3624)
b5f1cd8 Address a type-conversion noted during doc builds (#3623)
1f28422 Bump astral-sh/setup-uv from 6 to 7 (#3620)
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the prod-deps group with 6 updates in the / directory: | Package | From | To | | --- | --- | --- | | [psycopg2-binary](https://github.com/psycopg/psycopg2) | `2.9.7` | `2.9.11` | | [xmlschema](https://github.com/sissaschool/xmlschema) | `4.1.0` | `4.2.0` | | [jellyfish](https://jellyfish.jpt.sh/) | `1.2.0` | `1.2.1` | | [uwsgi](https://uwsgi-docs.readthedocs.io/en/latest/) | `2.0.30` | `2.0.31` | | [coverage](https://github.com/nedbat/coveragepy) | `7.10.7` | `7.11.0` | | [tox](https://github.com/tox-dev/tox) | `4.30.3` | `4.31.0` | Updates `psycopg2-binary` from 2.9.7 to 2.9.11 - [Changelog](https://github.com/psycopg/psycopg2/blob/master/NEWS) - [Commits](psycopg/psycopg2@2.9.7...2.9.11) Updates `xmlschema` from 4.1.0 to 4.2.0 - [Release notes](https://github.com/sissaschool/xmlschema/releases) - [Changelog](https://github.com/sissaschool/xmlschema/blob/master/CHANGELOG.rst) - [Commits](sissaschool/xmlschema@v4.1.0...v4.2.0) Updates `jellyfish` from 1.2.0 to 1.2.1 Updates `uwsgi` from 2.0.30 to 2.0.31 Updates `coverage` from 7.10.7 to 7.11.0 - [Release notes](https://github.com/nedbat/coveragepy/releases) - [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) - [Commits](coveragepy/coveragepy@7.10.7...7.11.0) Updates `tox` from 4.30.3 to 4.31.0 - [Release notes](https://github.com/tox-dev/tox/releases) - [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst) - [Commits](tox-dev/tox@4.30.3...4.31.0) --- updated-dependencies: - dependency-name: psycopg2-binary dependency-version: 2.9.11 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-deps - dependency-name: xmlschema dependency-version: 4.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-deps - dependency-name: jellyfish dependency-version: 1.2.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-deps - dependency-name: uwsgi dependency-version: 2.0.31 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-deps - dependency-name: coverage dependency-version: 7.11.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-deps - dependency-name: tox dependency-version: 4.31.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-deps ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2025-11-10T01:01:08Z

Looks like these dependencies are updatable in another way, so this is no longer needed.

dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Oct 20, 2025

dependabot bot closed this Nov 10, 2025

dependabot bot deleted the dependabot/pip/prod-deps-a2d24152f3 branch November 10, 2025 01:01

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

deps: bump the prod-deps group across 1 directory with 6 updates #215

deps: bump the prod-deps group across 1 directory with 6 updates #215

Uh oh!

dependabot bot commented on behalf of github Oct 20, 2025 •

edited

Loading

Uh oh!

dependabot bot commented on behalf of github Nov 10, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

deps: bump the prod-deps group across 1 directory with 6 updates #215

deps: bump the prod-deps group across 1 directory with 6 updates #215

Uh oh!

Conversation

dependabot bot commented on behalf of github Oct 20, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Current release

v4.2.0 (2025-10-14)

v4.2.0_ (2025-10-14)

Version 7.11.0 — 2025-10-15

4.31.0

What's Changed

v4.31.0 (2025-10-09)

Uh oh!

dependabot bot commented on behalf of github Nov 10, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

dependabot bot commented on behalf of github Oct 20, 2025 •

edited

Loading

`v4.2.0`_ (2025-10-14)