Skip to content

Comments

Bump the pip-minor-patch group with 2 updates#406

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/pip-minor-patch-a0b470ba44
Open

Bump the pip-minor-patch group with 2 updates#406
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/pip-minor-patch-a0b470ba44

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 13, 2026
edited
Loading

Bumps the pip-minor-patch group with 2 updates: pip-tools and mypy.

Updates pip-tools from 7.4.1 to 7.5.3

Release notes

Sourced from pip-tools's releases.

v7.5.3

2026-02-11

Bug fixes

  • The option --unsafe-package is now normalized -- by @​shifqu.

    PRs and issues: #2150

  • Fixed a bug in which pip-compile lost any index URL options when looking up hashes -- by @​sirosen.

    This caused errors when a package was only available from an extra index, and caused pip-compile to incorrectly drop index URL options from output, even when they were present in the input requirements.

    PRs and issues: #2220, #2294, #2305

  • Fixed removal of temporary files used when reading requirements from stdin -- by @​sirosen.

Features

  • pip-tools is now tested against Python 3.14 and 3.14t in CI, and marks them as supported in the core packaging metadata -- by @​webknjaz.

    PRs and issues: #2255

  • pip-tools is now compatible with pip 26.0 -- by @​sirosen.

    PRs and issues: #2319, #2320

Removals and backward incompatible breaking changes

Improved documentation

  • The change log management infra now allows the maintainers to add notes before and after the regular categories -- by @​webknjaz.

    PRs and issues: #2287, #2322

  • Added documentation clarifying that pip-compile reads the existing output file as a constraint source, and how to use --upgrade to refresh dependencies -- by @​maliktafheem.

    PRs and issues: #2307

... (truncated)

Changelog

Sourced from pip-tools's changelog.

v7.5.3

2026-02-09

Bug fixes

  • The option --unsafe-package is now normalized -- by {user}shifqu.

    PRs and issues: {issue}2150

  • Fixed a bug in which pip-compile lost any index URL options when looking up hashes -- by {user}sirosen.

    This caused errors when a package was only available from an extra index, and caused pip-compile to incorrectly drop index URL options from output, even when they were present in the input requirements.

    PRs and issues: {issue}2220, {issue}2294, {issue}2305

  • Fixed removal of temporary files used when reading requirements from stdin -- by {user}sirosen.

Features

  • pip-tools is now tested against Python 3.14 and 3.14t in CI, and marks them as supported in the core packaging metadata -- by {user}webknjaz.

    PRs and issues: {issue}2255

  • pip-tools is now compatible with pip 26.0 -- by {user}sirosen.

    PRs and issues: {issue}2319, {issue}2320

Removals and backward incompatible breaking changes

  • Removed support for Python 3.8 -- by {user}sirosen.

Improved documentation

  • The change log management infra now allows the maintainers to add notes before and after the regular categories -- by {user}webknjaz.

    PRs and issues: {issue}2287, {issue}2322

  • Added documentation clarifying that pip-compile reads the existing output file as a constraint source, and how to use --upgrade to refresh dependencies -- by {user}maliktafheem.

    PRs and issues: {issue}2307

... (truncated)

Commits
  • 5f31d8a Merge pull request #2332 from sirosen/fix-release-version-normalization
  • 106f1d6 Fix CI workflow to normalize versions (for release)
  • 3a0f5ed Merge pull request #2329 from sirosen/release/v7.5.3
  • e4bd31d Merge pull request #2328 from jazzband/pre-commit-ci-update-config
  • 08107ab Update changelog for version 7.5.3
  • 5b4d130 Merge pull request #2325 from sirosen/ensure-tmpfile-cleanup
  • cc6a2b9 Apply feedback/suggestions from review
  • fc53265 [pre-commit.ci] pre-commit autoupdate
  • 6c27507 Add 'tempfile_compat' to handle windows tmp files
  • 9ac94db Fix leak of temp files when reading from stdin
  • Additional commits viewable in compare view

Updates mypy from 1.15.0 to 1.19.1

Changelog

Sourced from mypy's changelog.

Mypy 1.19.1

  • Fix noncommutative joins with bounded TypeVars (Shantanu, PR 20345)
  • Respect output format for cached runs by serializing raw errors in cache metas (Ivan Levkivskyi, PR 20372)
  • Allow types.NoneType in match cases (A5rocks, PR 20383)
  • Fix mypyc generator regression with empty tuple (BobTheBuidler, PR 20371)
  • Fix crash involving Unpack-ed TypeVarTuple (Shantanu, PR 20323)
  • Fix crash on star import of redefinition (Ivan Levkivskyi, PR 20333)
  • Fix crash on typevar with forward ref used in other module (Ivan Levkivskyi, PR 20334)
  • Fail with an explicit error on PyPy (Ivan Levkivskyi, PR 20389)

Acknowledgements

Thanks to all mypy contributors who contributed to this release:

  • A5rocks
  • BobTheBuidler
  • bzoracler
  • Chainfire
  • Christoph Tyralla
  • David Foster
  • Frank Dana
  • Guo Ci
  • iap
  • Ivan Levkivskyi
  • James Hilton-Balfe
  • jhance
  • Joren Hammudoglu
  • Jukka Lehtosalo
  • KarelKenens
  • Kevin Kannammalil
  • Marc Mueller
  • Michael Carlstrom
  • Michael J. Sullivan
  • Piotr Sawicki
  • Randolf Scholz
  • Shantanu
  • Sigve Sebastian Farstad
  • sobolevn
  • Stanislav Terliakov
  • Stephen Morton
  • Theodore Ando
  • Thiago J. Barbalho
  • wyattscarpenter

I’d also like to thank my employer, Dropbox, for supporting mypy development.

Mypy 1.18

We’ve just uploaded mypy 1.18.1 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features, performance

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added debt Technical debt or repo cleanup dependencies Pull requests that update a dependency file labels Feb 13, 2026
@github-actions github-actions bot enabled auto-merge (squash) February 13, 2026 20:01
@dependabot dependabot bot force-pushed the dependabot/pip/pip-minor-patch-a0b470ba44 branch from 1eb5822 to 61aaadf Compare February 13, 2026 23:06
@dependabot
Bump the pip-minor-patch group with 2 updates
f24c1bb 
Bumps the pip-minor-patch group with 2 updates: [pip-tools](https://github.com/jazzband/pip-tools) and [mypy](https://github.com/python/mypy).


Updates `pip-tools` from 7.4.1 to 7.5.3
- [Release notes](https://github.com/jazzband/pip-tools/releases)
- [Changelog](https://github.com/jazzband/pip-tools/blob/main/CHANGELOG.md)
- [Commits](jazzband/pip-tools@7.4.1...v7.5.3)

Updates `mypy` from 1.15.0 to 1.19.1
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](python/mypy@v1.15.0...v1.19.1)

---
updated-dependencies:
- dependency-name: pip-tools
  dependency-version: 7.5.3
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: pip-minor-patch
- dependency-name: mypy
  dependency-version: 1.19.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-minor-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/pip/pip-minor-patch-a0b470ba44 branch from 61aaadf to f24c1bb Compare February 19, 2026 02:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

debt Technical debt or repo cleanup dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants