aio-libs
janus
Blog
Docs
Changelog
Blog
Docs
Changelog
Overview
Branches
Benchmarks
Runs
Performance History
Latest Results
Bump wheel from 0.46.2 to 0.46.3 (#838) Bumps [wheel](https://github.com/pypa/wheel) from 0.46.2 to 0.46.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pypa/wheel/releases">wheel's releases</a>.</em></p> <blockquote> <h2>0.46.3</h2> <ul> <li>Fixed <code>ImportError: cannot import name '_setuptools_logging' from 'wheel'</code> when installed alongside an old version of setuptools and running the <code>bdist_wheel</code> command (<a href="https://redirect.github.com/pypa/wheel/issues/676">#676</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/wheel/blob/main/docs/news.rst">wheel's changelog</a>.</em></p> <blockquote> <h1>Release Notes</h1> <p><strong>0.46.3 (2026-01-22)</strong></p> <ul> <li>Fixed <code>ImportError: cannot import name '_setuptools_logging' from 'wheel'</code> when installed alongside an old version of setuptools and running the <code>bdist_wheel</code> command (<code>[#676](https://github.com/pypa/wheel/issues/676) <https://github.com/pypa/wheel/issues/676></code>_)</li> </ul> <p><strong>0.46.2 (2026-01-22)</strong></p> <ul> <li>Restored the <code>bdist_wheel</code> command for compatibility with <code>setuptools</code> older than v70.1</li> <li>Importing <code>wheel.bdist_wheel</code> now emits a <code>FutureWarning</code> instead of a <code>DeprecationWarning</code></li> <li>Fixed <code>wheel unpack</code> potentially altering the permissions of files outside of the destination tree with maliciously crafted wheels (CVE-2026-24049)</li> </ul> <p><strong>0.46.1 (2025-04-08)</strong></p> <ul> <li>Temporarily restored the <code>wheel.macosx_libfile</code> module (<code>[#659](https://github.com/pypa/wheel/issues/659) <https://github.com/pypa/wheel/issues/659></code>_)</li> </ul> <p><strong>0.46.0 (2025-04-03)</strong></p> <ul> <li>Dropped support for Python 3.8</li> <li>Removed the <code>bdist_wheel</code> setuptools command implementation and entry point. The <code>wheel.bdist_wheel</code> module is now just an alias to <code>setuptools.command.bdist_wheel</code>, emitting a deprecation warning on import.</li> <li>Removed vendored <code>packaging</code> in favor of a run-time dependency on it</li> <li>Made the <code>wheel.metadata</code> module private (with a deprecation warning if it's imported</li> <li>Made the <code>wheel.cli</code> package private (no deprecation warning)</li> <li>Fixed an exception when calling the <code>convert</code> command with an empty description field</li> </ul> <p><strong>0.45.1 (2024-11-23)</strong></p> <ul> <li>Fixed pure Python wheels converted from eggs and wininst files having the ABI tag in the file name</li> </ul> <p><strong>0.45.0 (2024-11-08)</strong></p> <ul> <li> <p>Refactored the <code>convert</code> command to not need setuptools to be installed</p> </li> <li> <p>Don't configure setuptools logging unless running <code>bdist_wheel</code></p> </li> <li> <p>Added a redirection from <code>wheel.bdist_wheel.bdist_wheel</code> to <code>setuptools.command.bdist_wheel.bdist_wheel</code> to improve compatibility with <code>setuptools</code>' latest fixes.</p> <p>Projects are still advised to migrate away from the deprecated module and import</p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/wheel/commit/8b6fa740a7101edacb42b0f8e83a1b659ff61033"><code>8b6fa74</code></a> Created a new release</li> <li><a href="https://github.com/pypa/wheel/commit/7445fb5bc13c91052021c40981fb0ec7172880bd"><code>7445fb5</code></a> Fixed an import of a removed module</li> <li>See full diff in <a href="https://github.com/pypa/wheel/compare/0.46.2...0.46.3">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
master
43 minutes ago
Bump wheel from 0.46.2 to 0.46.3 (#838) Bumps [wheel](https://github.com/pypa/wheel) from 0.46.2 to 0.46.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pypa/wheel/releases">wheel's releases</a>.</em></p> <blockquote> <h2>0.46.3</h2> <ul> <li>Fixed <code>ImportError: cannot import name '_setuptools_logging' from 'wheel'</code> when installed alongside an old version of setuptools and running the <code>bdist_wheel</code> command (<a href="https://redirect.github.com/pypa/wheel/issues/676">#676</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/wheel/blob/main/docs/news.rst">wheel's changelog</a>.</em></p> <blockquote> <h1>Release Notes</h1> <p><strong>0.46.3 (2026-01-22)</strong></p> <ul> <li>Fixed <code>ImportError: cannot import name '_setuptools_logging' from 'wheel'</code> when installed alongside an old version of setuptools and running the <code>bdist_wheel</code> command (<code>[#676](https://github.com/pypa/wheel/issues/676) <https://github.com/pypa/wheel/issues/676></code>_)</li> </ul> <p><strong>0.46.2 (2026-01-22)</strong></p> <ul> <li>Restored the <code>bdist_wheel</code> command for compatibility with <code>setuptools</code> older than v70.1</li> <li>Importing <code>wheel.bdist_wheel</code> now emits a <code>FutureWarning</code> instead of a <code>DeprecationWarning</code></li> <li>Fixed <code>wheel unpack</code> potentially altering the permissions of files outside of the destination tree with maliciously crafted wheels (CVE-2026-24049)</li> </ul> <p><strong>0.46.1 (2025-04-08)</strong></p> <ul> <li>Temporarily restored the <code>wheel.macosx_libfile</code> module (<code>[#659](https://github.com/pypa/wheel/issues/659) <https://github.com/pypa/wheel/issues/659></code>_)</li> </ul> <p><strong>0.46.0 (2025-04-03)</strong></p> <ul> <li>Dropped support for Python 3.8</li> <li>Removed the <code>bdist_wheel</code> setuptools command implementation and entry point. The <code>wheel.bdist_wheel</code> module is now just an alias to <code>setuptools.command.bdist_wheel</code>, emitting a deprecation warning on import.</li> <li>Removed vendored <code>packaging</code> in favor of a run-time dependency on it</li> <li>Made the <code>wheel.metadata</code> module private (with a deprecation warning if it's imported</li> <li>Made the <code>wheel.cli</code> package private (no deprecation warning)</li> <li>Fixed an exception when calling the <code>convert</code> command with an empty description field</li> </ul> <p><strong>0.45.1 (2024-11-23)</strong></p> <ul> <li>Fixed pure Python wheels converted from eggs and wininst files having the ABI tag in the file name</li> </ul> <p><strong>0.45.0 (2024-11-08)</strong></p> <ul> <li> <p>Refactored the <code>convert</code> command to not need setuptools to be installed</p> </li> <li> <p>Don't configure setuptools logging unless running <code>bdist_wheel</code></p> </li> <li> <p>Added a redirection from <code>wheel.bdist_wheel.bdist_wheel</code> to <code>setuptools.command.bdist_wheel.bdist_wheel</code> to improve compatibility with <code>setuptools</code>' latest fixes.</p> <p>Projects are still advised to migrate away from the deprecated module and import</p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/wheel/commit/8b6fa740a7101edacb42b0f8e83a1b659ff61033"><code>8b6fa74</code></a> Created a new release</li> <li><a href="https://github.com/pypa/wheel/commit/7445fb5bc13c91052021c40981fb0ec7172880bd"><code>7445fb5</code></a> Fixed an import of a removed module</li> <li>See full diff in <a href="https://github.com/pypa/wheel/compare/0.46.2...0.46.3">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
master
1 day ago
Bump wheel from 0.46.2 to 0.46.3 (#838) Bumps [wheel](https://github.com/pypa/wheel) from 0.46.2 to 0.46.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pypa/wheel/releases">wheel's releases</a>.</em></p> <blockquote> <h2>0.46.3</h2> <ul> <li>Fixed <code>ImportError: cannot import name '_setuptools_logging' from 'wheel'</code> when installed alongside an old version of setuptools and running the <code>bdist_wheel</code> command (<a href="https://redirect.github.com/pypa/wheel/issues/676">#676</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/wheel/blob/main/docs/news.rst">wheel's changelog</a>.</em></p> <blockquote> <h1>Release Notes</h1> <p><strong>0.46.3 (2026-01-22)</strong></p> <ul> <li>Fixed <code>ImportError: cannot import name '_setuptools_logging' from 'wheel'</code> when installed alongside an old version of setuptools and running the <code>bdist_wheel</code> command (<code>[#676](https://github.com/pypa/wheel/issues/676) <https://github.com/pypa/wheel/issues/676></code>_)</li> </ul> <p><strong>0.46.2 (2026-01-22)</strong></p> <ul> <li>Restored the <code>bdist_wheel</code> command for compatibility with <code>setuptools</code> older than v70.1</li> <li>Importing <code>wheel.bdist_wheel</code> now emits a <code>FutureWarning</code> instead of a <code>DeprecationWarning</code></li> <li>Fixed <code>wheel unpack</code> potentially altering the permissions of files outside of the destination tree with maliciously crafted wheels (CVE-2026-24049)</li> </ul> <p><strong>0.46.1 (2025-04-08)</strong></p> <ul> <li>Temporarily restored the <code>wheel.macosx_libfile</code> module (<code>[#659](https://github.com/pypa/wheel/issues/659) <https://github.com/pypa/wheel/issues/659></code>_)</li> </ul> <p><strong>0.46.0 (2025-04-03)</strong></p> <ul> <li>Dropped support for Python 3.8</li> <li>Removed the <code>bdist_wheel</code> setuptools command implementation and entry point. The <code>wheel.bdist_wheel</code> module is now just an alias to <code>setuptools.command.bdist_wheel</code>, emitting a deprecation warning on import.</li> <li>Removed vendored <code>packaging</code> in favor of a run-time dependency on it</li> <li>Made the <code>wheel.metadata</code> module private (with a deprecation warning if it's imported</li> <li>Made the <code>wheel.cli</code> package private (no deprecation warning)</li> <li>Fixed an exception when calling the <code>convert</code> command with an empty description field</li> </ul> <p><strong>0.45.1 (2024-11-23)</strong></p> <ul> <li>Fixed pure Python wheels converted from eggs and wininst files having the ABI tag in the file name</li> </ul> <p><strong>0.45.0 (2024-11-08)</strong></p> <ul> <li> <p>Refactored the <code>convert</code> command to not need setuptools to be installed</p> </li> <li> <p>Don't configure setuptools logging unless running <code>bdist_wheel</code></p> </li> <li> <p>Added a redirection from <code>wheel.bdist_wheel.bdist_wheel</code> to <code>setuptools.command.bdist_wheel.bdist_wheel</code> to improve compatibility with <code>setuptools</code>' latest fixes.</p> <p>Projects are still advised to migrate away from the deprecated module and import</p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/wheel/commit/8b6fa740a7101edacb42b0f8e83a1b659ff61033"><code>8b6fa74</code></a> Created a new release</li> <li><a href="https://github.com/pypa/wheel/commit/7445fb5bc13c91052021c40981fb0ec7172880bd"><code>7445fb5</code></a> Fixed an import of a removed module</li> <li>See full diff in <a href="https://github.com/pypa/wheel/compare/0.46.2...0.46.3">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
master
2 days ago
Bump wheel from 0.46.2 to 0.46.3 Bumps [wheel](https://github.com/pypa/wheel) from 0.46.2 to 0.46.3. - [Release notes](https://github.com/pypa/wheel/releases) - [Changelog](https://github.com/pypa/wheel/blob/main/docs/news.rst) - [Commits](https://github.com/pypa/wheel/compare/0.46.2...0.46.3) --- updated-dependencies: - dependency-name: wheel dependency-version: 0.46.3 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot/pip/wheel-0.46.3
2 days ago
Bump wheel from 0.46.1 to 0.46.2 in the pip group across 1 directory Bumps the pip group with 1 update in the / directory: [wheel](https://github.com/pypa/wheel). Updates `wheel` from 0.46.1 to 0.46.2 - [Release notes](https://github.com/pypa/wheel/releases) - [Changelog](https://github.com/pypa/wheel/blob/main/docs/news.rst) - [Commits](https://github.com/pypa/wheel/compare/0.46.1...0.46.2) --- updated-dependencies: - dependency-name: wheel dependency-version: 0.46.2 dependency-type: direct:development dependency-group: pip ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot/pip/pip-92131b0f06
2 days ago
Bump dependabot/fetch-metadata from 2.4.0 to 2.5.0 (#836) Bumps [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) from 2.4.0 to 2.5.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dependabot/fetch-metadata/releases">dependabot/fetch-metadata's releases</a>.</em></p> <blockquote> <h2>v2.5.0</h2> <h2>What's Changed</h2> <ul> <li>Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/628">dependabot/fetch-metadata#628</a></li> <li>Bump the dev-dependencies group with 11 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/629">dependabot/fetch-metadata#629</a></li> <li>Bump actions/create-github-app-token from 2.0.6 to 2.1.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/635">dependabot/fetch-metadata#635</a></li> <li>Bump actions/create-github-app-token from 2.1.1 to 2.1.4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/638">dependabot/fetch-metadata#638</a></li> <li>Bump actions/checkout from 4 to 5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/636">dependabot/fetch-metadata#636</a></li> <li>Bump actions/setup-node from 4 to 5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/637">dependabot/fetch-metadata#637</a></li> <li>Bump actions/setup-node from 5 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/639">dependabot/fetch-metadata#639</a></li> <li>Bump actions/create-github-app-token from 2.1.4 to 2.2.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/643">dependabot/fetch-metadata#643</a></li> <li>Bump actions/checkout from 5 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/642">dependabot/fetch-metadata#642</a></li> <li>Bump actions/create-github-app-token from 2.2.0 to 2.2.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/648">dependabot/fetch-metadata#648</a></li> <li>Bump js-yaml from 3.14.1 to 3.14.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/644">dependabot/fetch-metadata#644</a></li> <li>Bump express from 5.1.0 to 5.2.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/645">dependabot/fetch-metadata#645</a></li> <li>Bump <code>@modelcontextprotocol/sdk</code> from 1.11.2 to 1.24.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/647">dependabot/fetch-metadata#647</a></li> <li>v2.5.0 by <a href="https://github.com/fetch-metadata-action-automation"><code>@fetch-metadata-action-automation</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/631">dependabot/fetch-metadata#631</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/dependabot/fetch-metadata/compare/v2...v2.5.0">https://github.com/dependabot/fetch-metadata/compare/v2...v2.5.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dependabot/fetch-metadata/commit/21025c705c08248db411dc16f3619e6b5f9ea21a"><code>21025c7</code></a> v2.5.0</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/252291c4909623444d34d29176583b6bae564c4a"><code>252291c</code></a> Merge pull request <a href="https://redirect.github.com/dependabot/fetch-metadata/issues/647">#647</a> from dependabot/dependabot/npm_and_yarn/modelcontextp...</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/fa144c97df0d508a206af2a27295ecc2935effbd"><code>fa144c9</code></a> chore: Migrate jest expectation function</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/33c7a0bfc8c64c28af2c81b3431ef4c59ec496b4"><code>33c7a0b</code></a> bug: Mock PR body in test</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/99c27add52552e57615946e8e3e30bb1e06c907f"><code>99c27ad</code></a> Bump <code>@modelcontextprotocol/sdk</code> from 1.11.2 to 1.24.0</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/3837dcc013fa49857b3ce43e5e985c87b36856fe"><code>3837dcc</code></a> Merge pull request <a href="https://redirect.github.com/dependabot/fetch-metadata/issues/645">#645</a> from dependabot/dependabot/npm_and_yarn/express-5.2.1</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/d411582f801e564114e3c0e221a9301030b6b7dd"><code>d411582</code></a> Bump express from 5.1.0 to 5.2.1</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/186ccbbe83ea100061d2a4e5ad1e78372b949c3f"><code>186ccbb</code></a> Merge pull request <a href="https://redirect.github.com/dependabot/fetch-metadata/issues/644">#644</a> from dependabot/dependabot/npm_and_yarn/js-yaml-3.14.2</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/84c891ecc223caac49af317368a1df9d6fb72ff7"><code>84c891e</code></a> Bump js-yaml from 3.14.1 to 3.14.2</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/4542092e926ee0072c057475cbe8b76968714a21"><code>4542092</code></a> Merge pull request <a href="https://redirect.github.com/dependabot/fetch-metadata/issues/648">#648</a> from dependabot/dependabot/github_actions/actions/cre...</li> <li>Additional commits viewable in <a href="https://github.com/dependabot/fetch-metadata/compare/v2.4.0...v2.5.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
master
3 days ago
Bump dependabot/fetch-metadata from 2.4.0 to 2.5.0 (#836) Bumps [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) from 2.4.0 to 2.5.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dependabot/fetch-metadata/releases">dependabot/fetch-metadata's releases</a>.</em></p> <blockquote> <h2>v2.5.0</h2> <h2>What's Changed</h2> <ul> <li>Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/628">dependabot/fetch-metadata#628</a></li> <li>Bump the dev-dependencies group with 11 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/629">dependabot/fetch-metadata#629</a></li> <li>Bump actions/create-github-app-token from 2.0.6 to 2.1.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/635">dependabot/fetch-metadata#635</a></li> <li>Bump actions/create-github-app-token from 2.1.1 to 2.1.4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/638">dependabot/fetch-metadata#638</a></li> <li>Bump actions/checkout from 4 to 5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/636">dependabot/fetch-metadata#636</a></li> <li>Bump actions/setup-node from 4 to 5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/637">dependabot/fetch-metadata#637</a></li> <li>Bump actions/setup-node from 5 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/639">dependabot/fetch-metadata#639</a></li> <li>Bump actions/create-github-app-token from 2.1.4 to 2.2.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/643">dependabot/fetch-metadata#643</a></li> <li>Bump actions/checkout from 5 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/642">dependabot/fetch-metadata#642</a></li> <li>Bump actions/create-github-app-token from 2.2.0 to 2.2.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/648">dependabot/fetch-metadata#648</a></li> <li>Bump js-yaml from 3.14.1 to 3.14.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/644">dependabot/fetch-metadata#644</a></li> <li>Bump express from 5.1.0 to 5.2.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/645">dependabot/fetch-metadata#645</a></li> <li>Bump <code>@modelcontextprotocol/sdk</code> from 1.11.2 to 1.24.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/647">dependabot/fetch-metadata#647</a></li> <li>v2.5.0 by <a href="https://github.com/fetch-metadata-action-automation"><code>@fetch-metadata-action-automation</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/631">dependabot/fetch-metadata#631</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/dependabot/fetch-metadata/compare/v2...v2.5.0">https://github.com/dependabot/fetch-metadata/compare/v2...v2.5.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dependabot/fetch-metadata/commit/21025c705c08248db411dc16f3619e6b5f9ea21a"><code>21025c7</code></a> v2.5.0</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/252291c4909623444d34d29176583b6bae564c4a"><code>252291c</code></a> Merge pull request <a href="https://redirect.github.com/dependabot/fetch-metadata/issues/647">#647</a> from dependabot/dependabot/npm_and_yarn/modelcontextp...</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/fa144c97df0d508a206af2a27295ecc2935effbd"><code>fa144c9</code></a> chore: Migrate jest expectation function</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/33c7a0bfc8c64c28af2c81b3431ef4c59ec496b4"><code>33c7a0b</code></a> bug: Mock PR body in test</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/99c27add52552e57615946e8e3e30bb1e06c907f"><code>99c27ad</code></a> Bump <code>@modelcontextprotocol/sdk</code> from 1.11.2 to 1.24.0</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/3837dcc013fa49857b3ce43e5e985c87b36856fe"><code>3837dcc</code></a> Merge pull request <a href="https://redirect.github.com/dependabot/fetch-metadata/issues/645">#645</a> from dependabot/dependabot/npm_and_yarn/express-5.2.1</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/d411582f801e564114e3c0e221a9301030b6b7dd"><code>d411582</code></a> Bump express from 5.1.0 to 5.2.1</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/186ccbbe83ea100061d2a4e5ad1e78372b949c3f"><code>186ccbb</code></a> Merge pull request <a href="https://redirect.github.com/dependabot/fetch-metadata/issues/644">#644</a> from dependabot/dependabot/npm_and_yarn/js-yaml-3.14.2</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/84c891ecc223caac49af317368a1df9d6fb72ff7"><code>84c891e</code></a> Bump js-yaml from 3.14.1 to 3.14.2</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/4542092e926ee0072c057475cbe8b76968714a21"><code>4542092</code></a> Merge pull request <a href="https://redirect.github.com/dependabot/fetch-metadata/issues/648">#648</a> from dependabot/dependabot/github_actions/actions/cre...</li> <li>Additional commits viewable in <a href="https://github.com/dependabot/fetch-metadata/compare/v2.4.0...v2.5.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
master
4 days ago
Bump dependabot/fetch-metadata from 2.4.0 to 2.5.0 (#836) Bumps [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) from 2.4.0 to 2.5.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dependabot/fetch-metadata/releases">dependabot/fetch-metadata's releases</a>.</em></p> <blockquote> <h2>v2.5.0</h2> <h2>What's Changed</h2> <ul> <li>Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/628">dependabot/fetch-metadata#628</a></li> <li>Bump the dev-dependencies group with 11 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/629">dependabot/fetch-metadata#629</a></li> <li>Bump actions/create-github-app-token from 2.0.6 to 2.1.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/635">dependabot/fetch-metadata#635</a></li> <li>Bump actions/create-github-app-token from 2.1.1 to 2.1.4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/638">dependabot/fetch-metadata#638</a></li> <li>Bump actions/checkout from 4 to 5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/636">dependabot/fetch-metadata#636</a></li> <li>Bump actions/setup-node from 4 to 5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/637">dependabot/fetch-metadata#637</a></li> <li>Bump actions/setup-node from 5 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/639">dependabot/fetch-metadata#639</a></li> <li>Bump actions/create-github-app-token from 2.1.4 to 2.2.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/643">dependabot/fetch-metadata#643</a></li> <li>Bump actions/checkout from 5 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/642">dependabot/fetch-metadata#642</a></li> <li>Bump actions/create-github-app-token from 2.2.0 to 2.2.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/648">dependabot/fetch-metadata#648</a></li> <li>Bump js-yaml from 3.14.1 to 3.14.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/644">dependabot/fetch-metadata#644</a></li> <li>Bump express from 5.1.0 to 5.2.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/645">dependabot/fetch-metadata#645</a></li> <li>Bump <code>@modelcontextprotocol/sdk</code> from 1.11.2 to 1.24.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/647">dependabot/fetch-metadata#647</a></li> <li>v2.5.0 by <a href="https://github.com/fetch-metadata-action-automation"><code>@fetch-metadata-action-automation</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/631">dependabot/fetch-metadata#631</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/dependabot/fetch-metadata/compare/v2...v2.5.0">https://github.com/dependabot/fetch-metadata/compare/v2...v2.5.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dependabot/fetch-metadata/commit/21025c705c08248db411dc16f3619e6b5f9ea21a"><code>21025c7</code></a> v2.5.0</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/252291c4909623444d34d29176583b6bae564c4a"><code>252291c</code></a> Merge pull request <a href="https://redirect.github.com/dependabot/fetch-metadata/issues/647">#647</a> from dependabot/dependabot/npm_and_yarn/modelcontextp...</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/fa144c97df0d508a206af2a27295ecc2935effbd"><code>fa144c9</code></a> chore: Migrate jest expectation function</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/33c7a0bfc8c64c28af2c81b3431ef4c59ec496b4"><code>33c7a0b</code></a> bug: Mock PR body in test</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/99c27add52552e57615946e8e3e30bb1e06c907f"><code>99c27ad</code></a> Bump <code>@modelcontextprotocol/sdk</code> from 1.11.2 to 1.24.0</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/3837dcc013fa49857b3ce43e5e985c87b36856fe"><code>3837dcc</code></a> Merge pull request <a href="https://redirect.github.com/dependabot/fetch-metadata/issues/645">#645</a> from dependabot/dependabot/npm_and_yarn/express-5.2.1</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/d411582f801e564114e3c0e221a9301030b6b7dd"><code>d411582</code></a> Bump express from 5.1.0 to 5.2.1</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/186ccbbe83ea100061d2a4e5ad1e78372b949c3f"><code>186ccbb</code></a> Merge pull request <a href="https://redirect.github.com/dependabot/fetch-metadata/issues/644">#644</a> from dependabot/dependabot/npm_and_yarn/js-yaml-3.14.2</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/84c891ecc223caac49af317368a1df9d6fb72ff7"><code>84c891e</code></a> Bump js-yaml from 3.14.1 to 3.14.2</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/4542092e926ee0072c057475cbe8b76968714a21"><code>4542092</code></a> Merge pull request <a href="https://redirect.github.com/dependabot/fetch-metadata/issues/648">#648</a> from dependabot/dependabot/github_actions/actions/cre...</li> <li>Additional commits viewable in <a href="https://github.com/dependabot/fetch-metadata/compare/v2.4.0...v2.5.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
master
5 days ago
Active Branches
Bump coverage from 7.10.6 to 7.13.1
last run
19 days ago
#833
CodSpeed Performance Gauge
+3%
Bump bandit from 1.8.6 to 1.9.2
last run
19 days ago
#834
CodSpeed Performance Gauge
+3%
Bump black from 25.11.0 to 25.12.0
last run
19 days ago
#832
CodSpeed Performance Gauge
+3%
© 2026 CodSpeed Technology
Home
Terms
Privacy
Docs