Skip to content

Bump the uv group across 1 directory with 10 updates #3656

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump the uv group across 1 directory with 10 updates #3656

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 7, 2026

Bumps the uv group with 10 updates in the / directory:

Package From To
flask-cors 4.0.1 6.0.0
nltk 3.6.6 3.9
redis 4.3.3 4.4.4
requests 2.32.0 2.32.4
tornado 6.4.1 6.5
filelock 3.18.0 3.20.3
fonttools 4.58.4 4.60.2
pillow 11.2.1 11.3.0
pyasn1 0.6.1 0.6.2
virtualenv 20.31.2 20.36.1

Updates flask-cors from 4.0.1 to 6.0.0

Release notes

Sourced from flask-cors's releases.

6.0.0

Breaking

Path specificity ordering has changed to improve specificity. This may break users who expected the previous incorrect ordering.

What's Changed

Full Changelog: corydolphin/flask-cors@5.0.1...6.0.0

5.0.1

What's Changed

This primarily changes packaging to use uv and a new release pipeline, along with some small documentation improvements

New Contributors

Full Changelog: corydolphin/flask-cors@5.0.0...5.0.01

5.0.0

What's Changed

Full Changelog: corydolphin/flask-cors@4.0.2...5.0.0

4.0.2

What's Changed

New Contributors

Full Changelog: corydolphin/flask-cors@4.0.1...4.0.2

Changelog

Sourced from flask-cors's changelog.

Change Log

Commits

Updates nltk from 3.6.6 to 3.9

Changelog

Sourced from nltk's changelog.

Version 3.9.2 2025-10-01

  • Update download checksums to use SHA256 in built index
  • Fix percentage escape in new-style string formatting
  • replace shortened URLs using goo.gl
  • Make Wordnet interoperable with various taggers and tagged corpora
  • Fix saving PerceptronTagger
  • Document how to reproduce old Wordnet studies
  • properly initialize Portuguese corpus reader
  • support for mixed rules conversion into Chomsky Normal Form
  • only import tkinter if a GUI is needed
  • issue #2112 with Corenlp
  • new environment variable NLTK_DOWNLOADER_FORCE_INTERACTIVE_SHELL
  • Lesk defaults to most frequent sense in case of ties

Thanks to the following contributors to 3.9.2: Jose Cols, Peter de Blanc, GeneralPoxter, Eric Kafe, William LaCroix, Jason Liu, Samer Masterson, Mike014, purificant, Andrew Ernest Ritz, samertm, Ikram Ul Haq, Christopher Smith, Ryan Mannion

Version 3.9.1 2024-08-19

  • Fixed bug that prevented wordnet from loading

Version 3.9 2024-08-18

  • Fix security vulnerability CVE-2024-39705 (breaking change)
  • Replace pickled models (punkt, chunker, taggers) by new pickle-free "_tab" packages
  • No longer sort Wordnet synsets and relations (sort in calling function when required)
  • Only strip the last suffix in Wordnet Morphy, thus restricting synsets() results
  • Add Python 3.12 support
  • Many other minor fixes

Thanks to the following contributors to 3.8.2: Tom Aarsen, Cat Lee Ball, Veralara Bernhard, Carlos Brandt, Konstantin Chernyshev, Michael Higgins, Eric Kafe, Vivek Kalyan, David Lukes, Rob Malouf, purificant, Alex Rudnick, Liling Tan, Akihiro Yamazaki.

Version 3.8.1 2023-01-02

  • Resolve RCE vulnerability in localhost WordNet Browser (#3100)
  • Remove unused tool scripts (#3099)
  • Resolve XSS vulnerability in localhost WordNet Browser (#3096)
  • Add Python 3.11 support (#3090)

Thanks to the following contributors to 3.8.1: Francis Bond, John Vandenberg, Tom Aarsen

Version 3.8 2022-12-12

  • Refactor dispersion plot (#3082)
  • Provide type hints for LazyCorpusLoader variables (#3081)
  • Throw warning when LanguageModel is initialized with incorrect vocabulary (#3080)

... (truncated)

Commits

Updates redis from 4.3.3 to 4.4.4

Release notes

Sourced from redis's releases.

4.4.4

Changes

Upgrade urgency: SECURITY, contains fixes to security issues.

  • (CVE-2023-28859) - Cancelling an async future does not, properly trigger, leading to a potential data leak in specific cases.
  • (CVE-2023-28858) - Cancelling an async future does not, properly trigger, leading to a potential data leak in specific cases.

🐛 Bug Fixes

  • Fixing cancelled async futures (#2671 )

4.4.3

Changes

Update urgency: HIGH: There is a critical bug that may affect a subset of users. Upgrade!

🐛 Bug Fixes

4.4.2

Changes

Note: this release include #2548 and it is suggested that users upgrade immediately.

🧪 Experimental Features

  • Add support for BF.CARD (#2545)

🚀 New Features

  • Add support for custom connection pool class in NodesManager (#2547)

🐛 Bug Fixes

  • Allow replica to master promotion in nodes_cache (#2549)
  • Security Fix: Updating graph parser for potential injection cases (#2548)

Contributors

We'd like to thank all the contributors who worked on this release!

@​Threated, @​dvora-h, @​shacharPash and @​zakaf

4.4.1

Changes

🚀 New Features

  • Add dialect to FT.AGGREGATE (#2537)

... (truncated)

Commits

Updates requests from 2.32.0 to 2.32.4

Release notes

Sourced from requests's releases.

v2.32.4

2.32.4 (2025-06-10)

Security

  • CVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted environment will retrieve credentials for the wrong hostname/machine from a netrc file. (#6965)

Improvements

  • Numerous documentation improvements

Deprecations

  • Added support for pypy 3.11 for Linux and macOS. (#6926)
  • Dropped support for pypy 3.9 following its end of support. (#6926)

v2.32.3

2.32.3 (2024-05-29)

Bugfixes

  • Fixed bug breaking the ability to specify custom SSLContexts in sub-classes of HTTPAdapter. (#6716)
  • Fixed issue where Requests started failing to run on Python versions compiled without the ssl module. (#6724)

v2.32.2

2.32.2 (2024-05-21)

Deprecations

  • To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing custom HTTPAdapters will need to migrate their code to use this new API. get_connection is considered deprecated in all versions of Requests>=2.32.0.

    A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (#6710)

v2.32.1

2.32.1 (2024-05-20)

Bugfixes

  • Add missing test certs to the sdist distributed on PyPI.
Changelog

Sourced from requests's changelog.

2.32.4 (2025-06-10)

Security

  • CVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted environment will retrieve credentials for the wrong hostname/machine from a netrc file.

Improvements

  • Numerous documentation improvements

Deprecations

  • Added support for pypy 3.11 for Linux and macOS.
  • Dropped support for pypy 3.9 following its end of support.

2.32.3 (2024-05-29)

Bugfixes

  • Fixed bug breaking the ability to specify custom SSLContexts in sub-classes of HTTPAdapter. (#6716)
  • Fixed issue where Requests started failing to run on Python versions compiled without the ssl module. (#6724)

2.32.2 (2024-05-21)

Deprecations

  • To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing custom HTTPAdapters will need to migrate their code to use this new API. get_connection is considered deprecated in all versions of Requests>=2.32.0.

    A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (#6710)

2.32.1 (2024-05-20)

Bugfixes

  • Add missing test certs to the sdist distributed on PyPI.
Commits
  • 021dc72 Polish up release tooling for last manual release
  • 821770e Bump version and add release notes for v2.32.4
  • 59f8aa2 Add netrc file search information to authentication documentation (#6876)
  • 5b4b64c Add more tests to prevent regression of CVE 2024 47081
  • 7bc4587 Add new test to check netrc auth leak (#6962)
  • 96ba401 Only use hostname to do netrc lookup instead of netloc
  • 7341690 Merge pull request #6951 from tswast/patch-1
  • 6716d7c remove links
  • a7e1c74 Update docs/conf.py
  • c799b81 docs: fix dead links to kenreitz.org
  • Additional commits viewable in compare view

Updates tornado from 6.4.1 to 6.5

Changelog

Sourced from tornado's changelog.

Release notes

.. toctree:: :maxdepth: 2

releases/v6.5.3 releases/v6.5.2 releases/v6.5.1 releases/v6.5.0 releases/v6.4.2 releases/v6.4.1 releases/v6.4.0 releases/v6.3.3 releases/v6.3.2 releases/v6.3.1 releases/v6.3.0 releases/v6.2.0 releases/v6.1.0 releases/v6.0.4 releases/v6.0.3 releases/v6.0.2 releases/v6.0.1 releases/v6.0.0 releases/v5.1.1 releases/v5.1.0 releases/v5.0.2 releases/v5.0.1 releases/v5.0.0 releases/v4.5.3 releases/v4.5.2 releases/v4.5.1 releases/v4.5.0 releases/v4.4.3 releases/v4.4.2 releases/v4.4.1 releases/v4.4.0 releases/v4.3.0 releases/v4.2.1 releases/v4.2.0 releases/v4.1.0 releases/v4.0.2 releases/v4.0.1 releases/v4.0.0 releases/v3.2.2 releases/v3.2.1 releases/v3.2.0 releases/v3.1.1 releases/v3.1.0 releases/v3.0.2

... (truncated)

Commits
  • ab5f354 Merge pull request #3498 from bdarnell/final-6.5
  • 3623024 Final release notes for 6.5.0
  • b39b892 Merge pull request #3497 from bdarnell/multipart-log-spam
  • cc61050 httputil: Raise errors instead of logging in multipart/form-data parsing
  • ae4a4e4 asyncio: Preserve contextvars across SelectorThread on Windows (#3479)
  • 197ff13 Merge pull request #3496 from bdarnell/undeprecate-set-event-loop
  • c3d906c requirements: Upgrade tox to 4.26.0
  • a838977 testing: Remove deprecation warning filter for set_event_loop
  • d8e0d36 build: Fix free-threaded build, mark speedups module as no-GIL
  • bfe7489 Merge pull request #3492 from bdarnell/relnotes-6.5
  • Additional commits viewable in compare view

Updates filelock from 3.18.0 to 3.20.3

Release notes

Sourced from filelock's releases.

3.20.3

What's Changed

Full Changelog: tox-dev/filelock@3.20.2...3.20.3

3.20.2

What's Changed

New Contributors

Full Changelog: tox-dev/filelock@3.20.1...3.20.2

3.20.1

What's Changed

Full Changelog: tox-dev/filelock@3.20.0...3.20.1

3.20.0

What's Changed

New Contributors

Full Changelog: tox-dev/filelock@3.19.1...3.20.0

3.19.1

What's Changed

... (truncated)

Commits

Updates fonttools from 4.58.4 to 4.60.2

Release notes

Sourced from fonttools's releases.

4.60.2

  • Backport release Same as 4.61.0 but without "Drop support for EOL Python 3.9" change to allow downstream projects still on Python 3.9 to avail of the security fix for CVE-2025-66034 (#3994, #3999).

4.60.1

  • [ufoLib] Reverted accidental method name change in UFOReader.getKerningGroupConversionRenameMaps that broke compatibility with downstream projects like defcon (#3948, #3947, robotools/defcon#478).
  • [ufoLib] Added test coverage for getKerningGroupConversionRenameMaps method (#3950).
  • [subset] Don't try to subset BASE table; pass it through by default instead (#3949).
  • [subset] Remove empty BaseRecord entries in MarkBasePos lookups (#3897, #3892).
  • [subset] Add pruning for MarkLigPos and MarkMarkPos lookups (#3946).
  • [subset] Remove duplicate features when subsetting (#3945).
  • [Docs] Added documentation for the visitor module (#3944).

4.60.0

  • [pointPen] Allow reverseFlipped parameter of DecomposingPointPen to take a ReverseFlipped enum value to control whether/how to reverse contour direction of flipped components, in addition to the existing True/False. This allows to set ReverseFlipped.ON_CURVE_FIRST to ensure that the decomposed outline starts with an on-curve point before being reversed, for better consistency with other segment-oriented contour transformations. The change is backward compatible, and the default behavior hasn't changed (#3934).

  • [filterPen] Added ContourFilterPointPen, base pen for buffered contour operations, and OnCurveStartPointPen filter to ensure contours start with an on-curve point (#3934).

  • [cu2qu] Fixed difference in cython vs pure-python complex division by real number (#3930).

  • [varLib.avar] Refactored and added some new sub-modules and scripts (#3926).

    • varLib.avar.build module to build avar (and a missing fvar) binaries into a possibly empty TTFont,
    • varLib.avar.unbuild module to print a .designspace snippet that would generate the same avar binary,
    • varLib.avar.map module to take TTFont and do the mapping, in user/normalized space,
    • varLib.avar.plan module moved from varLib.avarPlanner.

    The bare fonttools varLib.avar script is deprecated, in favour of fonttools varLib.avar.build (or unbuild).

  • [interpolatable] Clarify linear_sum_assignment backend options and minimal dependency usage (#3927).

  • [post] Speed up build_psNameMapping (#3923).

  • [ufoLib] Added typing annotations to fontTools.ufoLib (#3875).

4.59.2

  • [varLib] Clear USE_MY_METRICS component flags when inconsistent across masters (#3912).
  • [varLib.instancer] Avoid negative advance width/height values when instatiating HVAR/VVAR, (unlikely in well-behaved fonts) (#3918).
  • [subset] Fix shaping behaviour when pruning empty mark sets (#3915, harfbuzz/harfbuzz#5499).
  • [cu2qu] Fixed dot() product of perpendicular vectors not always returning exactly 0.0 in all Python implementations (#3911)
  • [varLib.instancer] Implemented fully-instantiating avar2 fonts (#3909).
  • [feaLib] Allow float values in VariableScalar's axis locations (#3906, #3907).
  • [cu2qu] Handle special case in calc_intersect for degenerate cubic curves where 3 to 4 control points are equal (#3904).

4.59.1

  • [featureVars] Update OS/2.usMaxContext if possible after addFeatureVariationsRaw (#3894).
  • [vhmtx] raise TTLibError('not enough data...') when hmtx/vmtx are truncated (#3843, #3901).
  • [feaLib] Combine duplicate features that have the same set of lookups regardless of the order in which those lookups are added to the feature (#3895).
  • [varLib] Deprecate varLib.mutator in favor of varLib.instancer. The latter provides equivalent full (static font) instancing in addition to partial VF instancing.
    CLI users should replace fonttools varLib.mutator with fonttools varLib.instancer. API users should migrate to fontTools.varLib.instancer.instantiateVariableFont (#2680).

4.59.0

  • Removed hard-dependency on pyfilesystem2 (fs package) from fonttools[ufo] extra. This is replaced by the fontTools.misc.filesystem package, a stdlib-only, drop-in replacement for the subset of the pyfilesystem2's API used by fontTools.ufoLib. The latter should continue to work with the upstream fs (we even test with/without). However, clients who wish to continue using fs can do so by depending on it directly instead of via the fonttools[ufo] extra (#3885, #3620).
  • [xmlWriter] Replace illegal XML characters (e.g. control or non-characters) with "?" when dumping to ttx (#3868, #71).
  • [varLib.hvar] Fixed vertical metrics fields copy/pasta error (#3884).
  • Micro optimizations in ttLib and sstruct modules (#3878, #3879).
  • [unicodedata] Add Garay script to RTL_SCRIPTS (#3882).

... (truncated)

Changelog

Sourced from fonttools's changelog.

4.60.2 (released 2025-12-09)

  • Backport release Same as 4.61.0 but without "Drop support for EOL Python 3.9" change to allow downstream projects still on Python 3.9 to avail of the security fix for CVE-2025-66034 (#3994, #3999).

4.61.0 (released 2025-11-28)

  • [varLib.main]: SECURITY Only use basename(vf.filename) to prevent path traversal attacks when running fonttools varLib command, or code which invokes fonttools.varLib.main(). Fixes CVE-2025-66034, see: GHSA-768j-98cg-p3fv.
  • [feaLib] Sort BaseLangSysRecords by tag (#3986).
  • Drop support for EOL Python 3.9 (#3982).
  • [instancer] Support --remove-overlaps for fonts with CFF2 table (#3975).
  • [CFF2ToCFF] Add --remove-overlaps option (#3976).
  • [feaLib] Raise an error for rsub with NULL target (#3979).
  • [bezierTools] Fix logic bug in curveCurveIntersections (#3963).
  • [feaLib] Error when condition sets have the same name (#3958).
  • [cu2qu.ufo] skip processing empty glyphs to support sparse kerning masters (#3956).
  • [unicodedata] Update to Unicode 17. Require unicodedata2 >= 17.0.0 when installed with 'unicode' extra.

4.60.1 (released 2025-09-29)

  • [ufoLib] Reverted accidental method name change in UFOReader.getKerningGroupConversionRenameMaps that broke compatibility with downstream projects like defcon (#3948, #3947, robotools/defcon#478).
  • [ufoLib] Added test coverage for getKerningGroupConversionRenameMaps method (#3950).
  • [subset] Don't try to subset BASE table; pass it through by default instead (#3949).
  • [subset] Remove empty BaseRecord entries in MarkBasePos lookups (#3897, #3892).
  • [subset] Add pruning for MarkLigPos and MarkMarkPos lookups (#3946).
  • [subset] Remove duplicate features when subsetting (#3945).
  • [Docs] Added documentation for the visitor module (#3944).

4.60.0 (released 2025-09-17)

  • [pointPen] Allow reverseFlipped parameter of DecomposingPointPen to take a ReverseFlipped enum value to control whether/how to reverse contour direction of flipped components, in addition to the existing True/False. This allows to set ReverseFlipped.ON_CURVE_FIRST to ensure that the decomposed outline starts with an on-curve point before being reversed, for better consistency with other segment-oriented contour transformations. The change is backward compatible, and the default behavior hasn't changed (#3934).
  • [filterPen] Added ContourFilterPointPen, base pen for buffered contour operations, and OnCurveStartPointPen filter to ensure contours start with an on-curve point (#3934).
  • [cu2qu] Fixed difference in cython vs pure-python complex division by real number (#3930).
  • [varLib.avar] Refactored and added some new sub-modules and scripts (#3926).
    • varLib.avar.build module to build avar (and a missing fvar) binaries into a possibly empty TTFont,
    • varLib.avar.unbuild module to print a .designspace snippet that would generate the same avar binary,

... (truncated)

Commits

Updates pillow from 11.2.1 to 11.3.0

Release notes

Sourced from pillow's releases.

11.3.0

https://pillow.readthedocs.io/en/stable/releasenotes/11.3.0.html

Deprecations

Documentation

Dependencies

Testing

... (truncated)

Commits

Updates pyasn1 from 0.6.1 to 0.6.2

Release notes

Sourced from pyasn1's releases.

Release 0.6.2

It's a minor release.

  • Fixed continuation octet limits in OID/RELATIVE-OID decoder (CVE-2026-23490).
  • Added support for Python 3.14.
  • Added SECURITY.md policy.
  • Migrated to pyproject.toml packaging.

All changes are noted in the CHANGELOG.

Changelog

Sourced from pyasn1's changelog.

Revision 0.6.2, released 16-01-2026

Commits

@dependabot
Bump the uv group across 1 directory with 10 updates
3ec3471 
Bumps the uv group with 10 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [flask-cors](https://github.com/corydolphin/flask-cors) | `4.0.1` | `6.0.0` |
| [nltk](https://github.com/nltk/nltk) | `3.6.6` | `3.9` |
| [redis](https://github.com/redis/redis-py) | `4.3.3` | `4.4.4` |
| [requests](https://github.com/psf/requests) | `2.32.0` | `2.32.4` |
| [tornado](https://github.com/tornadoweb/tornado) | `6.4.1` | `6.5` |
| [filelock](https://github.com/tox-dev/py-filelock) | `3.18.0` | `3.20.3` |
| [fonttools](https://github.com/fonttools/fonttools) | `4.58.4` | `4.60.2` |
| [pillow](https://github.com/python-pillow/Pillow) | `11.2.1` | `11.3.0` |
| [pyasn1](https://github.com/pyasn1/pyasn1) | `0.6.1` | `0.6.2` |
| [virtualenv](https://github.com/pypa/virtualenv) | `20.31.2` | `20.36.1` |



Updates `flask-cors` from 4.0.1 to 6.0.0
- [Release notes](https://github.com/corydolphin/flask-cors/releases)
- [Changelog](https://github.com/corydolphin/flask-cors/blob/main/CHANGELOG.md)
- [Commits](corydolphin/flask-cors@4.0.1...6.0.0)

Updates `nltk` from 3.6.6 to 3.9
- [Changelog](https://github.com/nltk/nltk/blob/develop/ChangeLog)
- [Commits](nltk/nltk@3.6.6...3.9)

Updates `redis` from 4.3.3 to 4.4.4
- [Release notes](https://github.com/redis/redis-py/releases)
- [Changelog](https://github.com/redis/redis-py/blob/master/CHANGES)
- [Commits](redis/redis-py@v4.3.3...v4.4.4)

Updates `requests` from 2.32.0 to 2.32.4
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](psf/requests@v2.32.0...v2.32.4)

Updates `tornado` from 6.4.1 to 6.5
- [Changelog](https://github.com/tornadoweb/tornado/blob/master/docs/releases.rst)
- [Commits](tornadoweb/tornado@v6.4.1...v6.5.0)

Updates `filelock` from 3.18.0 to 3.20.3
- [Release notes](https://github.com/tox-dev/py-filelock/releases)
- [Changelog](https://github.com/tox-dev/filelock/blob/main/docs/changelog.rst)
- [Commits](tox-dev/filelock@3.18.0...3.20.3)

Updates `fonttools` from 4.58.4 to 4.60.2
- [Release notes](https://github.com/fonttools/fonttools/releases)
- [Changelog](https://github.com/fonttools/fonttools/blob/main/NEWS.rst)
- [Commits](fonttools/fonttools@4.58.4...4.60.2)

Updates `pillow` from 11.2.1 to 11.3.0
- [Release notes](https://github.com/python-pillow/Pillow/releases)
- [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst)
- [Commits](python-pillow/Pillow@11.2.1...11.3.0)

Updates `pyasn1` from 0.6.1 to 0.6.2
- [Release notes](https://github.com/pyasn1/pyasn1/releases)
- [Changelog](https://github.com/pyasn1/pyasn1/blob/main/CHANGES.rst)
- [Commits](pyasn1/pyasn1@v0.6.1...v0.6.2)

Updates `virtualenv` from 20.31.2 to 20.36.1
- [Release notes](https://github.com/pypa/virtualenv/releases)
- [Changelog](https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst)
- [Commits](pypa/virtualenv@20.31.2...20.36.1)

---
updated-dependencies:
- dependency-name: flask-cors
  dependency-version: 6.0.0
  dependency-type: direct:production
  dependency-group: uv
- dependency-name: nltk
  dependency-version: '3.9'
  dependency-type: direct:production
  dependency-group: uv
- dependency-name: redis
  dependency-version: 4.4.4
  dependency-type: direct:production
  dependency-group: uv
- dependency-name: requests
  dependency-version: 2.32.4
  dependency-type: direct:production
  dependency-group: uv
- dependency-name: tornado
  dependency-version: '6.5'
  dependency-type: direct:production
  dependency-group: uv
- dependency-name: filelock
  dependency-version: 3.20.3
  dependency-type: indirect
  dependency-group: uv
- dependency-name: fonttools
  dependency-version: 4.60.2
  dependency-type: indirect
  dependency-group: uv
- dependency-name: pillow
  dependency-version: 11.3.0
  dependency-type: indirect
  dependency-group: uv
- dependency-name: pyasn1
  dependency-version: 0.6.2
  dependency-type: indirect
  dependency-group: uv
- dependency-name: virtualenv
  dependency-version: 20.36.1
  dependency-type: indirect
  dependency-group: uv
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Feb 7, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants