Bump the non-breaking-changes group with 11 updates

[dependabot]

Bumps the non-breaking-changes group with 11 updates:

Package	From	To
brotli	0.3.2	0.3.3
cachex	4.1.0	4.1.1
credo	1.7.14	1.7.16
lazy_html	0.1.8	0.1.10
phoenix	1.8.2	1.8.4
phoenix_live_view	1.1.18	1.1.25
plug_cowboy	2.7.5	2.8.0
reverse_proxy_plug	3.0.2	3.0.4
scholar	0.4.0	0.4.1
tesla	1.15.3	1.16.0
ua_parser	1.9.3	1.10.0

Updates brotli from 0.3.2 to 0.3.3

Changelog

Sourced from brotli's changelog.

[Unreleased]

Bug Fixes

• decode error

Commits

• See full diff in compare view

Updates cachex from 4.1.0 to 4.1.1

Release notes

Sourced from cachex's releases.

v4.1.1

Cachex v4.1.1 is a patch release to resolve a couple of issues with the recent prune/3:

Fixes:

• Fixes an issue with prune/3 running on remote notes
• Fixes an incorrect interval in the pruning documentation

Improvements:

• Updated repository and CI/CD builds to target latest Elixir and OTP versions

Please do not hesitate to file issues and/or provide your feedback/suggestions!

Commits

• d363ae1 Bump to v4.1.1
• ae7cfab Ensure that prune actions are fully local (#419)
• db448c9 Update default pruning frequency in documentation (#415)
• fe25568 Fix minor typo in documentation
• ed1e57c Update migration guide to include information about changed return value (#413)
• See full diff in compare view

Updates credo from 1.7.14 to 1.7.16

Release notes

Sourced from credo's releases.

v1.7.16

Check it out on Hex: https://hex.pm/packages/credo/1.7.16

• Fix compatibility & compiler warnings with Elixir 1.20.0-rc.1
• Credo.Check.Refactor.PassAsyncInTestCases add new param :force_comment_on_explicit_false (defaults to false)
• Credo.Check.Warning.Dbg add new param :allow_captures (defaults to false)
• New Check: Credo.Check.Warning.UnusedMapOperation
• New Check: Credo.Check.Warning.UnusedOperation

v1.7.15

Check it out on Hex: https://hex.pm/packages/credo/1.7.15

• Improve performance on large projects
• Parse token_metadata for source files
• Credo.Check.Warning.ExpensiveEmptyEnumCheck have better issue messages
• Credo.Check.Refactor.MatchInCondition add new param :allow_operators
• Credo.Check.Refactor.MatchInCondition fix false positive
• Credo.Check.Readability.AliasOrder fix false positive
• Credo.Check.Readability.FunctionNames fix false positive
• Credo.Check.Readability.SinglePipe add new param :allow_blocks (defaults to true)
• Credo.Check.Refactor.ModuleDependencies fix false positive

Changelog

Sourced from credo's changelog.

1.7.16

• Fix compatibility & compiler warnings with Elixir 1.20.0-rc.1
• Credo.Check.Refactor.PassAsyncInTestCases add new param :force_comment_on_explicit_false (defaults to false)
• Credo.Check.Warning.Dbg add new param :allow_captures (defaults to false)
• New Check: Credo.Check.Warning.UnusedMapOperation
• New Check: Credo.Check.Warning.UnusedOperation

1.7.15

• Improve performance on large projects
• Parse token_metadata for source files
• Credo.Check.Warning.ExpensiveEmptyEnumCheck have better issue messages
• Credo.Check.Refactor.MatchInCondition add new param :allow_operators
• Credo.Check.Refactor.MatchInCondition fix false positive
• Credo.Check.Readability.AliasOrder fix false positive
• Credo.Check.Readability.FunctionNames fix false positive
• Credo.Check.Readability.SinglePipe add new param :allow_blocks (defaults to true)
• Credo.Check.Refactor.ModuleDependencies fix false positive

Commits

• df52d23 Bump version to 1.7.16
• 3d7a39d Update CHANGELOG
• 8787f8a Upgrade to Elixir 1.20.0-rc.1
• 27f14b2 Rename param to :allow_captures
• 7b80669 Add :allow_capture param to Credo.Check.Warning.Dbg
• b10673d Merge branch 'fix-dbg-ampeprsand-usage' of github.com:Nezteb/credo into 1158-...
• 2f9a47c Merge pull request #1245 from whatyouhide/andrea-expand-docs
• 23c7dce FIXUP
• 2bd5d14 FIXUP
• 276f0a7 Expand compile-time strings in "use Credo.Check" options
• Additional commits viewable in compare view

Updates lazy_html from 0.1.8 to 0.1.10

Release notes

Sourced from lazy_html's releases.

v0.1.10

Fixed

• LazyHTML.query/2 and LazyHTML.query_by_id/2 returning duplicate nodes (#31)

v0.1.9

Added

• LazyHTML.parent_node/1 and LazyHTML.nth_child/1 (#25)

Fixed

• Segmentation fault when calling LazyHTML.from_tree/1 with highly nested trees (#30)

Changelog

Sourced from lazy_html's changelog.

v0.1.10 (2026-02-09)

Fixed

• LazyHTML.query/2 and LazyHTML.query_by_id/2 returning duplicate nodes (#31)

v0.1.9 (2026-02-09)

Added

• LazyHTML.parent_node/1 and LazyHTML.nth_child/1 (#25)

Fixed

• Segmentation fault when calling LazyHTML.from_tree/1 with highly nested trees (#30)

Commits

• 7440172 Release v0.1.10
• 6b32061 Ensure unique nodes in query and query_by_id (#31)
• 66a9947 Update version
• 4b596f4 Fix changelog links
• 585314c Release v0.1.9
• ce4ce17 Rewrite recursions into explicit stack (#30)
• ff538ee Update CI (#28)
• 900d649 Fix typespec of LazyHTML.attributes (#27)
• ab877f2 Implement parent_nodes + nth_child (#25)
• 7d43d42 Format
• See full diff in compare view

Updates phoenix from 1.8.2 to 1.8.4

Changelog

Sourced from phoenix's changelog.

1.8.4 (2026-2-23)

JavaScript Client Bug Fixes

• Fix bug reconnecting connections when close was gracefully initiated by server
• Fix LongPoll transport name in sessionStorage and logs

Enhancements

• Adds guards support in assert_push, assert_broadcast, and assert_reply
• Enable purging in Phoenix code server for Elixir 1.20

1.8.3 (2025-12-8)

Enhancements

• Add top-level phoenix config: sort_verified_routes_query_params to enable sorting query params in verified routes during tests

Bug fixes

• Fix endpoint port config in an umbrella application. (#6549)
• Drop incoming channel messages with stale join refs

Commits

• 5c0f19f Release 1.8.4
• 22ac56e Update assets
• 72192e3 Bump lodash from 4.17.21 to 4.17.23 (#6584)
• 92a79b0 Adds guards support in assert_push, assert_broadcast and assert_reply (#6595)
• ac12eec Fix concurrent socket teardown (#6602)
• 0f6a26f Update umbrella link
• 2dda4b0 Fix @​stream typo in usage-rules liveview streams example (#6601)
• 7c37fa7 Fix bad link (#6597)
• dadf946 followup for phoenixframework/phoenix#6563
• 666dcae Revert "autocomplete with email in email fields (#6502)" (#6574)
• Additional commits viewable in compare view

Updates phoenix_live_view from 1.1.18 to 1.1.25

Release notes

Sourced from phoenix_live_view's releases.

v1.1.25

Bug fixes

• Fix phx-click-away when clicked element is teleported (#4141)
• Handle phx-hook outside of LiveViews when reconnecting (#4147)

Changelog

Sourced from phoenix_live_view's changelog.

v1.1.25 (2026-02-26)

Bug fixes

• Fix phx-click-away when clicked element is teleported (#4141)
• Handle phx-hook outside of LiveViews when reconnecting (#4147)

v1.1.24 (2026-02-16)

Bug fixes

• Prevent map access on assigns (@foo.bar.baz) being expanded when used in root attributes causing an invalid warning

v1.1.23 (2026-02-12)

Enhancements

• If a macro is used in HEEx root attributes (<div {@root_attr} />), it is now expanded at compile time (#4145)

v1.1.22 (2026-01-28)

Bug fixes

• Fix live component container patch throwing a JavaScript error when container is locked (#4088)

v1.1.21 (2026-01-27)

Bug fixes

• Fix stream reset and deletes not working if stream is teleported using Phoenix.Component.portal/1 (#4121)

Enhancements

• Mark LiveView template code as generated to prevent warnings on Elixir 1.20
• Allow unused function warnings for function components to be emitted
• Add Phoenix.LiveView.TagEngine.compile/2 as an official entrypoint for compiling templates in favor of relying on the EEx.Engine behaviour

v1.1.20 (2026-01-14)

Bug fixes

• Fix redirect in handle_params for client-initiated patches causing a JS exception (#4094)
• Fix events initiated from elements teleported outside of a LiveComponent being sent to the LiveView instead of the LiveComponent (#4101)
• Ensure HooksOptions accepts non-default typed hooks (#4099)
• Prevent portal content from disappearing in rare cases (#4095)
• Fix <form> submission to a controller from inside a portal not working (#4107)
• Prevent JS crash when debouncing inputs attached to a form with the form="..." attribute (#4102)
• Fix UploadClient (from LiveViewTest) crashing when receiving a :socket_close message (#4079)
• Allow live_file_input to update attributes (#4078)
• Fix invalid HTML when setting LiveView :container option to :body (#3932)

... (truncated)

Commits

• e592ce8 Release v1.1.25
• 3eaaa41 click-away portal handling (#4154)
• 1613bff fix type warning
• 9f36807 Mention auto_upload in uploads guide (#4130)
• 9a34784 Create GitHub releases with changelog (#4135)
• a6921d9 Document phx-value- event "value" precendence
• 42c790a add missing file for 46fb6dc
• 8765d24 Fix flaky async tests relying on monitor
• af2c40f handle deadview hooks (#4151)
• 72442bb fix flaky upload tests
• Additional commits viewable in compare view

Updates plug_cowboy from 2.7.5 to 2.8.0

Changelog

Sourced from plug_cowboy's changelog.

v2.8.0

Enhancements

• Remove supported for deprecated next_protocols_advertised

Commits

• 5a4771c Release v2.8.0
• 33095a9 Remove deprecated :next_protocols_advertised from ranch_ssl socket_opts (#111...
• See full diff in compare view

Updates reverse_proxy_plug from 3.0.2 to 3.0.4

Release notes

Sourced from reverse_proxy_plug's releases.

v3.0.4

What's Changed

• support true async streaming with req 0.5 by @​mwhitworth in tallarium/reverse_proxy_plug#251

Full Changelog: tallarium/reverse_proxy_plug@v3.0.3...v3.0.4

v3.0.3

Fixes

• do not merge set-cookie response headers by @​mwhitworth in tallarium/reverse_proxy_plug#242
• Fix httpoison version requirements by @​edennis in tallarium/reverse_proxy_plug#246
• preserve host header port by @​mwhitworth in tallarium/reverse_proxy_plug#248

New Contributors

• @​edennis made their first contribution in tallarium/reverse_proxy_plug#246

Full Changelog: tallarium/reverse_proxy_plug@v3.0.2...v3.0.3

Commits

• 9ffd011 3.0.4
• a920db4 Merge pull request #251 from tallarium/truly-async-streaming
• 289aa5d support true async streaming with req 0.5
• 17a187a Merge pull request #250 from tallarium/v3.0.3
• c5c917f 3.0.3
• 3b9b874 Merge pull request #249 from tallarium/websocket-proxy-readme-note
• 9fbaba5 add note about reverse_proxy_plug_websocket
• da80daa Merge pull request #248 from tallarium/test-preserve-host-header-port
• cb37395 test cases for preserving host header with port number appropriately
• 2d0d998 fix: preserve_host_header option omits port number from the original header
• Additional commits viewable in compare view

Updates scholar from 0.4.0 to 0.4.1

Changelog

Sourced from scholar's changelog.

v0.4.1 (2026-01-20)

• Add Scholar.FeatureExtraction.CountVectorizer
• Add Scholar.NaiveBayes.Categorical
• Add Scholar.Optimize.Brent
• Add Scholar.Optimize.GoldenSection
• Improve Scholar.Cluster.DBSCAN's performance
• General fixes to Scholar.Linear.LinearRegression

Commits

• c54e9a6 Release v0.4.1
• 76de8c3 Logistic regression fix (#329)
• 7c69c26 Clean up AGENTS.md a bit
• 4c7a699 Create agents.md‎ (#330)
• e369861 Remove unimplemented test
• 9dc9a6f Fix warnings
• e285ad6 Add Brent's method optimization algorithm (#328)
• 9e9cd5c Update Elixir on CI
• def856c Add CategoricalNB (#313)
• 7f0369a Add Golden Section optimization algorithm (#327)
• Additional commits viewable in compare view

Updates tesla from 1.15.3 to 1.16.0

Release notes

Sourced from tesla's releases.

v1.16.0

1.16.0 (2026-01-01)

Features

• add strict policy option for enforcing base URL (#817) (e476093)
• support function streams in multipart handling (#801) (dd8b206), closes #648

Bug Fixes

• DecompressResponse middleware for multiple encodings and keep updated content-length header (#809) (288699e)
• Handle breaking change in Finch.stream API (#813) (ce5ea80)
• Handle errors in streaming responses (#819) (e7806bf)
• Use Version module to check finch version (#814) (56f9568)

Changelog

Sourced from tesla's changelog.

1.16.0 (2026-01-01)

Features

• add strict policy option for enforcing base URL (#817) (e476093)
• support function streams in multipart handling (#801) (dd8b206), closes #648

Bug Fixes

• DecompressResponse middleware for multiple encodings and keep updated content-length header (#809) (288699e)
• Handle breaking change in Finch.stream API (#813) (ce5ea80)
• Handle errors in streaming responses (#819) (e7806bf)
• Use Version module to check finch version (#814) (56f9568)

Commits

• 23062c4 chore(master): release 1.16.0 (#802)
• 6b79eea chore(deps): bump actions/cache from 4 to 5 (#820)
• 2e45acb chore(deps-dev): bump the dev group with 5 updates (#822)
• e7806bf fix: Handle errors in streaming responses (#819)
• e476093 feat: add strict policy option for enforcing base URL (#817)
• 0178c14 chore(deps): bump actions/checkout from 5 to 6 (#815)
• 56f9568 fix: Use Version module to check finch version (#814)
• ce5ea80 fix: Handle breaking change in Finch.stream API (#813)
• 8e39f97 chore(deps): bump googleapis/release-please-action from 4.3.0 to 4.4.0 (#810)
• 288699e fix: DecompressResponse middleware for multiple encodings and keep updated co...
• Additional commits viewable in compare view

Updates ua_parser from 1.9.3 to 1.10.0

Release notes

Sourced from ua_parser's releases.

v1.10.0

1.10.0 (2025-12-09)

Features

• Use persistent_term to store patterns in memory (#130) (c254b18)

Bug Fixes

• Manifest version and config (e038b1c)

Changelog

Sourced from ua_parser's changelog.

1.10.0 (2025-12-09)

Features

• Use persistent_term to store patterns in memory (#130) (c254b18)

Bug Fixes

• Manifest version and config (e038b1c)

Commits

• c439f5f chore(main): release 1.10.0 (#127)
• f791b0a chore(deps): bump the dev group with 2 updates (#131)
• ce697d2 chore: Test for 1.19 + OTP 28 (#133)
• c254b18 feat: Use persistent_term to store patterns in memory (#130)
• ba4248d chore(deps): bump actions/checkout from 5 to 6 (#128)
• e684295 chore(deps): bump the dev group across 1 directory with 3 updates (#125)
• 2701589 chore(deps): bump actions/setup-node from 5 to 6 (#121)
• d1ef8e0 chore: sync files with beam-community/common-config (#126)
• e038b1c fix: manifest version and config
• e663140 chore: sync files with beam-community/common-config (#124)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions