[pull] master from aio-libs:master #395
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Bumps [cython](https://github.com/cython/cython) from 3.1.6 to 3.2.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/cython/cython/releases">cython's releases</a>.</em></p> <blockquote> <h2>3.2.0</h2> <p>No release notes provided.</p> <h2>3.2.0b3</h2> <p>No release notes provided.</p> <h2>3.2.0b2</h2> <p>No release notes provided.</p> <h2>3.2.0b1-3</h2> <p>No release notes provided.</p> <h2>3.2.0b1</h2> <p>Not released due to package metadata problems.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/cython/cython/blob/master/CHANGES.rst">cython's changelog</a>.</em></p> <blockquote> <h1>3.2.0 (2025-11-05)</h1> <p>(Complete changelog for the 3.2.0 release, including pre-releases.)</p> <h2>Features added</h2> <ul> <li> <p>Builtin exception types are now inferred. (Github issue :issue:<code>6908</code>)</p> </li> <li> <p>The list of known, inferred and optimised Python builtins was updated. <code>range</code> is now considered a type. <code>ascii</code>, <code>bin</code>, <code>format</code>, <code>hex</code>, <code>oct</code> were added as functions. (Github issue :issue:<code>6931</code>)</p> </li> <li> <p>The f-string syntax was extended according to PEP-701. (Github issue :issue:<code>5452</code>)</p> </li> <li> <p>t-strings are implemented according to PEP-750. The implementation backports the template classes but prefers existing backports if installed separately. (Github issue :issue:<code>6811</code>)</p> </li> <li> <p>Unknown return type annotations with <code>-></code> are no longer rejected but produce warnings. This allows better integration with Python type hints that are not always usable for Cython. <code>-> None</code> is also allowed now. Patch by jpe. (Github issue :issue:<code>6946</code>)</p> </li> <li> <p>The runtime Python dispatch for fused functions is substantially faster. (Github issues :issue:<code>1385</code>, :issue:<code>6996</code>)</p> </li> <li> <p>Freelists (via cdef class decorator and for internally used types such as <code>async</code>) are now also used in the Limited API and with extension type specs enabled. (Github issue :issue:<code>7151</code>)</p> </li> <li> <p>Module imports now quickly check for an already imported module to speed up reimports. Patch by Lysandros Nikolaou. (Github issue :issue:<code>7035</code>)</p> </li> <li> <p>Type checks on PEP-604 union types (<code>int | None</code>) are optimised into separate checks. (Github issue :issue:<code>6935</code>)</p> </li> <li> <p>Assignments to the PEP-604 union type <code>float | None</code> allow any suitable Python number as input and convert it to a Python <code>float</code> automatically. (Github issue :issue:<code>5750</code>)</p> </li> <li> <p>Item type inference was improved for looping over literals. (Github issue :issue:<code>6912</code>)</p> </li> <li> <p>Looping over literal sequences and strings now uses efficient C array looping if possible. (Github issue :issue:<code>6926</code>)</p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/cython/cython/commit/e6533f887fbde09d265ea85765d2e2fa235b38e5"><code>e6533f8</code></a> Prepare release of 3.2.0.</li> <li><a href="https://github.com/cython/cython/commit/3748286bc1ffd5e74a91a8eefb56206ef2a5bb42"><code>3748286</code></a> Update changelog.</li> <li><a href="https://github.com/cython/cython/commit/404f2268893f6f6e536b0063a5dc00e2c1b94823"><code>404f226</code></a> Docs: Add a note that the Limited API is currently only supported in CPython.</li> <li><a href="https://github.com/cython/cython/commit/f216cfb30e82af5a46ef2f522dfc97a4eb23c24a"><code>f216cfb</code></a> Fix path building in cygdb script for Windows usage (<a href="https://redirect.github.com/cython/cython/issues/7285">GH-7285</a>)</li> <li><a href="https://github.com/cython/cython/commit/ae782736986935746b7100a68162f832bce81b4d"><code>ae78273</code></a> Add PyPy 3.11 to test matrix (<a href="https://redirect.github.com/cython/cython/issues/7284">#7284</a>)</li> <li><a href="https://github.com/cython/cython/commit/b3528ac248ce1e05b6f33e344acd7b51e72bec51"><code>b3528ac</code></a> Bump the github-actions group with 2 updates (<a href="https://redirect.github.com/cython/cython/issues/7278">#7278</a>)</li> <li><a href="https://github.com/cython/cython/commit/1e2102362036a1872e4ca0d6a9acff7fe97c03d6"><code>1e21023</code></a> Expand isolated limited API tests to cover more versions (<a href="https://redirect.github.com/cython/cython/issues/7280">#7280</a>)</li> <li><a href="https://github.com/cython/cython/commit/e2ef20c527c7d0b1b01d2cbb486c0db92d54d323"><code>e2ef20c</code></a> Move memoryview acquisition counting out of generic atomics code (<a href="https://redirect.github.com/cython/cython/issues/7277">GH-7277</a>)</li> <li><a href="https://github.com/cython/cython/commit/15f5864c2811bbd4b29b9dad9ac5425aca18c8b8"><code>15f5864</code></a> Docs: Fix C++ wrapping example in user guide (<a href="https://redirect.github.com/cython/cython/issues/7195">GH-7195</a>)</li> <li><a href="https://github.com/cython/cython/commit/730a05b38a517180be7ec9b627c76d89d160cd55"><code>730a05b</code></a> Prepare release of 3.2.0b3.</li> <li>Additional commits viewable in <a href="https://github.com/cython/cython/compare/3.1.6...3.2.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [pytest](https://github.com/pytest-dev/pytest) from 8.4.2 to 9.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pytest-dev/pytest/releases">pytest's releases</a>.</em></p> <blockquote> <h2>9.0.0</h2> <h1>pytest 9.0.0 (2025-11-05)</h1> <h2>New features</h2> <ul> <li> <p><a href="https://redirect.github.com/pytest-dev/pytest/issues/1367">#1367</a>: <strong>Support for subtests</strong> has been added.</p> <p><code>subtests <subtests></code> are an alternative to parametrization, useful in situations where the parametrization values are not all known at collection time.</p> <p>Example:</p> <pre lang="python"><code>def contains_docstring(p: Path) -> bool: """Return True if the given Python file contains a top-level docstring.""" ... <p>def test_py_files_contain_docstring(subtests: pytest.Subtests) -> None: for path in Path.cwd().glob("*.py"): with subtests.test(path=str(path)): assert contains_docstring(path) </code></pre></p> <p>Each assert failure or error is caught by the context manager and reported individually, giving a clear picture of all files that are missing a docstring.</p> <p>In addition, <code>unittest.TestCase.subTest</code> is now also supported.</p> <p>This feature was originally implemented as a separate plugin in <a href="https://github.com/pytest-dev/pytest-subtests">pytest-subtests</a>, but since then has been merged into the core.</p> <blockquote> <p>[!NOTE] This feature is experimental and will likely evolve in future releases. By that we mean that we might change how subtests are reported on failure, but the functionality and how to use it are stable.</p> </blockquote> </li> <li> <p><a href="https://redirect.github.com/pytest-dev/pytest/issues/13743">#13743</a>: Added support for <strong>native TOML configuration files</strong>.</p> <p>While pytest, since version 6, supports configuration in <code>pyproject.toml</code> files under <code>[tool.pytest.ini_options]</code>, it does so in an "INI compatibility mode", where all configuration values are treated as strings or list of strings. Now, pytest supports the native TOML data model.</p> <p>In <code>pyproject.toml</code>, the native TOML configuration is under the <code>[tool.pytest]</code> table.</p> <pre lang="toml"><code># pyproject.toml [tool.pytest] minversion = "9.0" addopts = ["-ra", "-q"] testpaths = [ "tests", "integration", ] </code></pre> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pytest-dev/pytest/commit/f4b0fd2294a0b2f89bf308d513d574e1e2e01ad5"><code>f4b0fd2</code></a> Prepare release version 9.0.0</li> <li><a href="https://github.com/pytest-dev/pytest/commit/52d8e6812667880b523d285b95c53af73b7866e3"><code>52d8e68</code></a> Merge pull request <a href="https://redirect.github.com/pytest-dev/pytest/issues/13889">#13889</a> from bluetech/regendoc-restore</li> <li><a href="https://github.com/pytest-dev/pytest/commit/d6d3e4a4760bcdc9c2078b015d5967937b1df602"><code>d6d3e4a</code></a> doc: fixes for regendoc</li> <li><a href="https://github.com/pytest-dev/pytest/commit/7cb397413f3d8270fad4de1004039d45cb1a841d"><code>7cb3974</code></a> doc: restore missing "# content of pytest.toml" regendoc commands</li> <li><a href="https://github.com/pytest-dev/pytest/commit/5ae9e4761b42a7c84d53486733d6ea8567dedccb"><code>5ae9e47</code></a> build(deps): Bump django in /testing/plugins_integration (<a href="https://redirect.github.com/pytest-dev/pytest/issues/13881">#13881</a>)</li> <li><a href="https://github.com/pytest-dev/pytest/commit/adb3658f091b8f3c4e0948298b1aefd16b6ce372"><code>adb3658</code></a> Merge pull request <a href="https://redirect.github.com/pytest-dev/pytest/issues/13864">#13864</a> from bluetech/config-cleanups-2</li> <li><a href="https://github.com/pytest-dev/pytest/commit/a28c08efc6af57b94875c517dee0da0d9c201d7e"><code>a28c08e</code></a> Merge pull request <a href="https://redirect.github.com/pytest-dev/pytest/issues/13875">#13875</a> from bluetech/ci-tweaks</li> <li><a href="https://github.com/pytest-dev/pytest/commit/a250954723eda5ae2cb60396a516762b08fa0644"><code>a250954</code></a> ci: split publish-to-pypi and push-tag jobs</li> <li><a href="https://github.com/pytest-dev/pytest/commit/ebc152f84e40796ae88fadb71e4fd95c2946bfc3"><code>ebc152f</code></a> ci: update setup python's from 3.11 or 3.* to 3.13</li> <li><a href="https://github.com/pytest-dev/pytest/commit/dfd796fb2ff6356af116f76d307f853dc11a10b2"><code>dfd796f</code></a> ci: move running update-plugin-list script to tox</li> <li>Additional commits viewable in <a href="https://github.com/pytest-dev/pytest/compare/8.4.2...9.0.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [brotli](https://github.com/google/brotli) from 1.1.0 to 1.2.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/google/brotli/releases">brotli's releases</a>.</em></p> <blockquote> <h2>v1.2.0</h2> <h3>SECURITY</h3> <ul> <li>python: added <code>Decompressor::can_accept_more_data</code> method and optional <code>output_buffer_limit</code> argument <code>Decompressor::process</code>; that allows mitigation of unexpectedly large output; reported by Charles Chan (<a href="https://github.com/charleswhchan">https://github.com/charleswhchan</a>)</li> </ul> <h3>Added</h3> <ul> <li><strong>decoder / encoder: added static initialization to reduce binary size</strong></li> <li>python: allow limiting decoder output (see SECURITY section)</li> <li>CLI: <code>brcat</code> alias; allow decoding concatenated brotli streams</li> <li>kt: pure Kotlin decoder</li> <li>cgo: support "raw" dictionaries</li> <li>build: Bazel modules</li> </ul> <h3>Removed</h3> <ul> <li>java: dropped <code>finalize()</code> for native entities</li> </ul> <h3>Fixed</h3> <ul> <li>java: in <code>compress</code> pass correct length to native encoder</li> </ul> <h3>Improved</h3> <ul> <li>build: install man pages</li> <li>build: updated / fixed / refined Bazel buildfiles</li> <li>encoder: faster encoding</li> <li>cgo: link via pkg-config</li> <li>python: modernize extension / allow multi-phase module initialization</li> </ul> <h3>Changed</h3> <ul> <li>decoder / encoder: static tables use "small" model (allows 2GiB+ binaries)</li> </ul> <h2>v1.2.0 RC2</h2> <h2>What's Changed (compared to RC1)</h2> <ul> <li>pick changes from Debian patch by <a href="https://github.com/copybara-service"><code>@copybara-service</code></a>[bot] in <a href="https://redirect.github.com/google/brotli/pull/1349">google/brotli#1349</a></li> <li>pick changes from Alpine patch by <a href="https://github.com/copybara-service"><code>@copybara-service</code></a>[bot] in <a href="https://redirect.github.com/google/brotli/pull/1348">google/brotli#1348</a></li> <li>pick VCPKG patches by <a href="https://github.com/copybara-service"><code>@copybara-service</code></a>[bot] in <a href="https://redirect.github.com/google/brotli/pull/1350">google/brotli#1350</a></li> <li>fix copy-paste in Java decoder by <a href="https://github.com/copybara-service"><code>@copybara-service</code></a>[bot] in <a href="https://redirect.github.com/google/brotli/pull/1357">google/brotli#1357</a></li> </ul> <h2>v1.2.0 RC1</h2> <p><strong>IMPORTANT</strong>: though this is a pre-release for v1.2.0, it is expected that some changes will be added before release; most notably concerning build files: patches applied by Alpine, Debian, Conan, VCPKG will be partially/fully integrated.</p> <h3>SECURITY</h3> <ul> <li>python: added <code>Decompressor::can_accept_more_data</code> method and optional <code>output_buffer_limit</code> argument <code>Decompressor::process</code>; that allows mitigation of unexpectedly large output; reported by Charles Chan (<a href="https://github.com/charleswhchan">https://github.com/charleswhchan</a>)</li> </ul> <h3>Added</h3> <ul> <li><strong>decoder / encoder: added static initialization to reduce binary size</strong></li> <li>python: allow limiting decoder output (see SECURITY section)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/google/brotli/blob/master/CHANGELOG.md">brotli's changelog</a>.</em></p> <blockquote> <h2>[1.2.0] - 2025-10-27</h2> <h3>SECURITY</h3> <ul> <li>python: added <code>Decompressor::can_accept_more_data</code> method and optional <code>output_buffer_limit</code> argument <code>Decompressor::process</code>; that allows mitigation of unexpectedly large output; reported by Charles Chan (<a href="https://github.com/charleswhchan">https://github.com/charleswhchan</a>)</li> </ul> <h3>Added</h3> <ul> <li><strong>decoder / encoder: added static initialization to reduce binary size</strong></li> <li>python: allow limiting decoder output (see SECURITY section)</li> <li>CLI: <code>brcat</code> alias; allow decoding concatenated brotli streams</li> <li>kt: pure Kotlin decoder</li> <li>cgo: support "raw" dictionaries</li> <li>build: Bazel modules</li> </ul> <h3>Removed</h3> <ul> <li>java: dropped <code>finalize()</code> for native entities</li> </ul> <h3>Fixed</h3> <ul> <li>java: in <code>compress</code> pass correct length to native encoder</li> </ul> <h3>Improved</h3> <ul> <li>build: install man pages</li> <li>build: updated / fixed / refined Bazel buildfiles</li> <li>encoder: faster encoding</li> <li>cgo: link via pkg-config</li> <li>python: modernize extension / allow multi-phase module initialization</li> </ul> <h3>Changed</h3> <ul> <li>decoder / encoder: static tables use "small" model (allows 2GiB+ binaries)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/google/brotli/commit/028fb5a23661f123017c060daa546b55cf4bde29"><code>028fb5a</code></a> release v1.2.0</li> <li><a href="https://github.com/google/brotli/commit/390de5b472ec8c40a7b8e5029e47fd6493f7a755"><code>390de5b</code></a> build and test csharp decoder</li> <li><a href="https://github.com/google/brotli/commit/3499acbb7ac7818c1b929a8c9c5c5f8a634751da"><code>3499acb</code></a> regenerate go/kt/js/ts</li> <li><a href="https://github.com/google/brotli/commit/8ca2312c61f1f5853be0708f9b1d6a6ad002d2a4"><code>8ca2312</code></a> fix release workflow</li> <li><a href="https://github.com/google/brotli/commit/ee771daf20bab6533cbc629407c50cff1c87d9f1"><code>ee771da</code></a> fix copy-paste in Java decoder</li> <li><a href="https://github.com/google/brotli/commit/42aee3289154cb3e8db1c7a8ebfa639c857578b9"><code>42aee32</code></a> try to fix release workflow</li> <li><a href="https://github.com/google/brotli/commit/392c06bac05cc1d098ab105cbbda766f19853d92"><code>392c06b</code></a> redesign release resource uploading</li> <li><a href="https://github.com/google/brotli/commit/1964cdb1b9e16a2a0c27fbd3b2a3bccb2c1a8294"><code>1964cdb</code></a> ramp up all GH actions plugins</li> <li><a href="https://github.com/google/brotli/commit/61605b1cb34ba84ae71c13b383d850a59cac85b2"><code>61605b1</code></a> pick VCPKG patches</li> <li><a href="https://github.com/google/brotli/commit/4b0f27b6f985b4301ad5cec4a31b9792ecf252bc"><code>4b0f27b</code></a> pick changes from Alpine patch</li> <li>Additional commits viewable in <a href="https://github.com/google/brotli/compare/go/cbrotli/v1.1.0...v1.2.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 5 to 6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/download-artifact/releases">actions/download-artifact's releases</a>.</em></p> <blockquote> <h2>v6.0.0</h2> <h2>What's Changed</h2> <p><strong>BREAKING CHANGE:</strong> this update supports Node <code>v24.x</code>. This is not a breaking change per-se but we're treating it as such.</p> <ul> <li>Update README for download-artifact v5 changes by <a href="https://github.com/yacaovsnc"><code>@yacaovsnc</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/417">actions/download-artifact#417</a></li> <li>Update README with artifact extraction details by <a href="https://github.com/yacaovsnc"><code>@yacaovsnc</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/424">actions/download-artifact#424</a></li> <li>Readme: spell out the first use of GHES by <a href="https://github.com/danwkennedy"><code>@danwkennedy</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/431">actions/download-artifact#431</a></li> <li>Bump <code>@actions/artifact</code> to <code>v4.0.0</code></li> <li>Prepare <code>v6.0.0</code> by <a href="https://github.com/danwkennedy"><code>@danwkennedy</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/438">actions/download-artifact#438</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/danwkennedy"><code>@danwkennedy</code></a> made their first contribution in <a href="https://redirect.github.com/actions/download-artifact/pull/431">actions/download-artifact#431</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/download-artifact/compare/v5...v6.0.0">https://github.com/actions/download-artifact/compare/v5...v6.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/download-artifact/commit/018cc2cf5baa6db3ef3c5f8a56943fffe632ef53"><code>018cc2c</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/438">#438</a> from actions/danwkennedy/prepare-6.0.0</li> <li><a href="https://github.com/actions/download-artifact/commit/815651c680ffe1c95719d0ed08aba1a2f9d5c177"><code>815651c</code></a> Revert "Remove <code>github.dep.yml</code>"</li> <li><a href="https://github.com/actions/download-artifact/commit/bb3a066a8babc8ed7b3e4218896c548fe34e7115"><code>bb3a066</code></a> Remove <code>github.dep.yml</code></li> <li><a href="https://github.com/actions/download-artifact/commit/fa1ce46bbd11b8387539af12741055a76dfdf804"><code>fa1ce46</code></a> Prepare <code>v6.0.0</code></li> <li><a href="https://github.com/actions/download-artifact/commit/4a24838f3d5601fd639834081e118c2995d51e1c"><code>4a24838</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/431">#431</a> from danwkennedy/patch-1</li> <li><a href="https://github.com/actions/download-artifact/commit/5e3251c4ff5a32e4cf8dd4adaee0e692365237ae"><code>5e3251c</code></a> Readme: spell out the first use of GHES</li> <li><a href="https://github.com/actions/download-artifact/commit/abefc31eafcfbdf6c5336127c1346fdae79ff41c"><code>abefc31</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/424">#424</a> from actions/yacaovsnc/update_readme</li> <li><a href="https://github.com/actions/download-artifact/commit/ac43a6070aa7db8a41e756e7a2846221edca7027"><code>ac43a60</code></a> Update README with artifact extraction details</li> <li><a href="https://github.com/actions/download-artifact/commit/de96f4613b77ec03b5cf633e7c350c32bd3c5660"><code>de96f46</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/417">#417</a> from actions/yacaovsnc/update_readme</li> <li><a href="https://github.com/actions/download-artifact/commit/7993cb44e9052f2f08f9b828ae5ef3ecca7d2ac7"><code>7993cb4</code></a> Remove migration guide for artifact download changes</li> <li>Additional commits viewable in <a href="https://github.com/actions/download-artifact/compare/v5...v6">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [pydantic](https://github.com/pydantic/pydantic) from 2.12.3 to 2.12.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pydantic/pydantic/releases">pydantic's releases</a>.</em></p> <blockquote> <h2>v2.12.4 2025-11-05</h2> <h2>v2.12.4 (2025-11-05)</h2> <p>This is the fourth 2.12 patch release, fixing more regressions, and reverting a change in the <code>build()</code> method of the <a href="https://docs.pydantic.dev/latest/api/networks/"><code>AnyUrl</code> and Dsn types</a>.</p> <p>This patch release also fixes an issue with the serialization of IP address types, when <code>serialize_as_any</code> is used. The next patch release will try to address the remaining issues with <em>serialize as any</em> behavior by introducing a new <em>polymorphic serialization</em> feature, that should be used in most cases in place of <em>serialize as any</em>.</p> <ul> <li> <p>Fix issue with forward references in parent <code>TypedDict</code> classes by <a href="https://github.com/Viicos"><code>@Viicos</code></a> in <a href="https://redirect.github.com/pydantic/pydantic/pull/12427">#12427</a>.</p> <p>This issue is only relevant on Python 3.14 and greater.</p> </li> <li> <p>Exclude fields with <code>exclude_if</code> from JSON Schema required fields by <a href="https://github.com/Viicos"><code>@Viicos</code></a> in <a href="https://redirect.github.com/pydantic/pydantic/pull/12430">#12430</a></p> </li> <li> <p>Revert URL percent-encoding of credentials in the <code>build()</code> method of the <a href="https://docs.pydantic.dev/latest/api/networks/"><code>AnyUrl</code> and Dsn types</a> by <a href="https://github.com/davidhewitt"><code>@davidhewitt</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-core/pull/1833">pydantic-core#1833</a>.</p> <p>This was initially considered as a bugfix, but caused regressions and as such was fully reverted. The next release will include an opt-in option to percent-encode components of the URL.</p> </li> <li> <p>Add type inference for IP address types by <a href="https://github.com/davidhewitt"><code>@davidhewitt</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-core/pull/1868">pydantic-core#1868</a>.</p> <p>The 2.12 changes to the <code>serialize_as_any</code> behavior made it so that IP address types could not properly serialize to JSON.</p> </li> <li> <p>Avoid getting default values from defaultdict by <a href="https://github.com/davidhewitt"><code>@davidhewitt</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-core/pull/1853">pydantic-core#1853</a>.</p> <p>This fixes a subtle regression in the validation behavior of the <a href="https://docs.python.org/3/library/collections.html#collections.defaultdict"><code>collections.defaultdict</code></a> type.</p> </li> <li> <p>Fix issue with field serializers on nested typed dictionaries by <a href="https://github.com/davidhewitt"><code>@davidhewitt</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-core/pull/1879">pydantic-core#1879</a>.</p> </li> <li> <p>Add more <code>pydantic-core</code> builds for the three-threaded version of Python 3.14 by <a href="https://github.com/davidhewitt"><code>@davidhewitt</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-core/pull/1864">pydantic-core#1864</a>.</p> </li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/pydantic/pydantic/compare/v2.12.3...v2.12.4">https://github.com/pydantic/pydantic/compare/v2.12.3...v2.12.4</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pydantic/pydantic/blob/v2.12.4/HISTORY.md">pydantic's changelog</a>.</em></p> <blockquote> <h2>v2.12.4 (2025-11-05)</h2> <p><a href="https://github.com/pydantic/pydantic/releases/tag/v2.12.4">GitHub release</a></p> <p>This is the fourth 2.12 patch release, fixing more regressions, and reverting a change in the <code>build()</code> method of the <a href="https://docs.pydantic.dev/latest/api/networks/"><code>AnyUrl</code> and Dsn types</a>.</p> <p>This patch release also fixes an issue with the serialization of IP address types, when <code>serialize_as_any</code> is used. The next patch release will try to address the remaining issues with <em>serialize as any</em> behavior by introducing a new <em>polymorphic serialization</em> feature, that should be used in most cases in place of <em>serialize as any</em>.</p> <ul> <li> <p>Fix issue with forward references in parent <code>TypedDict</code> classes by <a href="https://github.com/Viicos"><code>@Viicos</code></a> in <a href="https://redirect.github.com/pydantic/pydantic/pull/12427">#12427</a>.</p> <p>This issue is only relevant on Python 3.14 and greater.</p> </li> <li> <p>Exclude fields with <code>exclude_if</code> from JSON Schema required fields by <a href="https://github.com/Viicos"><code>@Viicos</code></a> in <a href="https://redirect.github.com/pydantic/pydantic/pull/12430">#12430</a></p> </li> <li> <p>Revert URL percent-encoding of credentials in the <code>build()</code> method of the <a href="https://docs.pydantic.dev/latest/api/networks/"><code>AnyUrl</code> and Dsn types</a> by <a href="https://github.com/davidhewitt"><code>@davidhewitt</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-core/pull/1833">pydantic-core#1833</a>.</p> <p>This was initially considered as a bugfix, but caused regressions and as such was fully reverted. The next release will include an opt-in option to percent-encode components of the URL.</p> </li> <li> <p>Add type inference for IP address types by <a href="https://github.com/davidhewitt"><code>@davidhewitt</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-core/pull/1868">pydantic-core#1868</a>.</p> <p>The 2.12 changes to the <code>serialize_as_any</code> behavior made it so that IP address types could not properly serialize to JSON.</p> </li> <li> <p>Avoid getting default values from defaultdict by <a href="https://github.com/davidhewitt"><code>@davidhewitt</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-core/pull/1853">pydantic-core#1853</a>.</p> <p>This fixes a subtle regression in the validation behavior of the <a href="https://docs.python.org/3/library/collections.html#collections.defaultdict"><code>collections.defaultdict</code></a> type.</p> </li> <li> <p>Fix issue with field serializers on nested typed dictionaries by <a href="https://github.com/davidhewitt"><code>@davidhewitt</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-core/pull/1879">pydantic-core#1879</a>.</p> </li> <li> <p>Add more <code>pydantic-core</code> builds for the three-threaded version of Python 3.14 by <a href="https://github.com/davidhewitt"><code>@davidhewitt</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-core/pull/1864">pydantic-core#1864</a>.</p> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pydantic/pydantic/commit/5c842dfc9c245fb37aa1f5ec5b55c1aed10bd7e6"><code>5c842df</code></a> Prepare release v2.12.4</li> <li><a href="https://github.com/pydantic/pydantic/commit/c678a710e8b8bb2ff4dce6233c6d5c88dc579136"><code>c678a71</code></a> Bump <code>pydantic-core</code> to v2.41.5</li> <li><a href="https://github.com/pydantic/pydantic/commit/a7cd29254b2611c5768beb86e7ffd2c1c130a19a"><code>a7cd292</code></a> Bump <code>cloudpickle</code> to v3.1.2</li> <li><a href="https://github.com/pydantic/pydantic/commit/21f627801b5eedfa87bed55925f73cf329cc9c2c"><code>21f6278</code></a> Bump actions/setup-node from 5 to 6</li> <li><a href="https://github.com/pydantic/pydantic/commit/8d6be8fea9662203977b95758d97ec298edcd54a"><code>8d6be8f</code></a> Bump astral-sh/setup-uv from 6 to 7</li> <li><a href="https://github.com/pydantic/pydantic/commit/17865ea3a1fd389ba697990b762f82a419a48221"><code>17865ea</code></a> Bump actions/upload-artifact from 4 to 5</li> <li><a href="https://github.com/pydantic/pydantic/commit/90ad0af6b9340f72dde77997ed18fc180771e69f"><code>90ad0af</code></a> Bump actions/download-artifact from 5 to 6</li> <li><a href="https://github.com/pydantic/pydantic/commit/18e6672b6fdeaeb75ccbbcb3c7883509b1f56cb3"><code>18e6672</code></a> Drop testing under PyPy 3.9</li> <li><a href="https://github.com/pydantic/pydantic/commit/650215be2d2336a72af481b724b368fed356d7e8"><code>650215b</code></a> Document workaround for <code>MongoDsn</code> default port</li> <li><a href="https://github.com/pydantic/pydantic/commit/e3267902272d8290ed6d1ae06f43052b2968ef14"><code>e326790</code></a> Fix example of for <code>bytes_invalid_encoding</code> validation error</li> <li>Additional commits viewable in <a href="https://github.com/pydantic/pydantic/compare/v2.12.3...v2.12.4">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot] (v2.0.0-alpha.4)
Can you help keep this open source service alive? 💖 Please sponsor : )