Skip to content

chore(deps): bump the minor-and-patch group across 1 directory with 7 updates#48

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/minor-and-patch-b38fd5fc47
Open

chore(deps): bump the minor-and-patch group across 1 directory with 7 updates#48
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/minor-and-patch-b38fd5fc47

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 1, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Bumps the minor-and-patch group with 7 updates in the / directory:

Package From To
fastapi 0.136.1 0.136.3
uvicorn 0.46.0 0.49.0
tavily-python 0.7.23 0.7.25
yfinance 1.3.0 1.4.1
pydantic 2.13.3 2.13.4
langsmith 0.7.37 0.8.9
pytest-asyncio 1.3.0 1.4.0

Updates fastapi from 0.136.1 to 0.136.3

Release notes

Sourced from fastapi's releases.

0.136.3

Refactors

  • ♻️ Do not accept underscore headers when using convert_underscores=True (the default). PR #15589 by @​tiangolo.

0.136.2

Refactors

  • ♻️ Validate Server Sent Event fields to avoid applications from sending broken data. PR #15588 by @​tiangolo.

Docs

Translations

Internal

... (truncated)

Commits
  • 8206485 🔖 Release version 0.136.3
  • c910e01 📝 Update release notes
  • 063b5bf ♻️ Do not accept underscore headers when using convert_underscores=True (th...
  • 22b02e2 🔖 Release version 0.136.2
  • 3b252a2 📝 Update release notes
  • c7fb785 ♻️ Validate Server Sent Event fields to avoid applications from sending broke...
  • cb83b83 📝 Update release notes
  • 00f805c ✅ Update tests, don't double dispose the engine (#15587)
  • 3675137 📝 Update release notes
  • 7b57e42 📝 Document --entrypoint CLI option (#15464)
  • Additional commits viewable in compare view

Updates uvicorn from 0.46.0 to 0.49.0

Release notes

Sourced from uvicorn's releases.

Version 0.49.0

What's Changed

Full Changelog: Kludex/uvicorn@0.48.0...0.49.0

Version 0.48.0

What's Changed

Full Changelog: Kludex/uvicorn@0.47.0...0.48.0

Version 0.47.0

What's Changed

Full Changelog: Kludex/uvicorn@0.46.0...0.47.0

Changelog

Sourced from uvicorn's changelog.

0.49.0 (June 3, 2026)

Changed

  • Bump httptools minimum version to 0.8.0 (#2962)
  • Consume duplicate forwarding headers in ProxyHeadersMiddleware (reverses the 0.48.0 behavior of ignoring them) (#2971)

0.48.0 (May 24, 2026)

Changed

  • Default ssl_ciphers to None and use OpenSSL defaults (#2940)

Fixed

  • Ignore duplicate forwarding headers in ProxyHeadersMiddleware (#2944)

0.47.0 (May 14, 2026)

Added

  • Add ssl_context_factory for custom SSLContext configuration (#2920)

Changed

  • Eagerly import the ASGI app in the parent process (#2919)

Fixed

  • Treat fd=0 as a valid file descriptor with reload/workers (#2927)
Commits
  • 3ef2e3e Version 0.49.0 (#2973)
  • eeb64b1 Consume duplicate forwarding headers in ProxyHeadersMiddleware (#2971)
  • 630f4ac Make the watchfiles reload tests deterministic (#2972)
  • 9154922 chore(deps): bump the github-actions group across 1 directory with 6 updates ...
  • 739727a Migrate docs deploy from Cloudflare Pages to Workers (#2967)
  • be4a240 Gate docs preview deploy on Cloudflare token presence (#2966)
  • c489d7e Bump httptools minimum version to 0.8.0 (#2962)
  • 9f547bd Skip docs preview deploy for Dependabot PRs (#2961)
  • 44446b8 Migrate documentation from MkDocs Material to Zensical (#2959)
  • cfd659c Bump pymdown-extensions to 10.21.3 (#2958)
  • Additional commits viewable in compare view

Updates tavily-python from 0.7.23 to 0.7.25

Commits

Updates yfinance from 1.3.0 to 1.4.1

Release notes

Sourced from yfinance's releases.

1.4.1

Patches

  • Preserve Date/Datetime index name in yf.download() output #2832

Thanks @​dokson

1.4.0

Minor changes

  • Login Yahoo account with yf.Auth link
  • Region scoping on Sector and Industry link
  • Support curl_cffi fallback to requests package link

Patches

  • Lots of fixes big and small.

Full changelog #2828

Thanks @​etbala @​dokson @​a-drenaline @​gottostartsomewhere @​Jaypatel1511

Changelog

Sourced from yfinance's changelog.

1.4.1

Fix

  • Preserve Date/Datetime index name in yf.download() output #2832

1.4.0

Features

  • Add Auth class for Logging In #2761
  • Allow region scoping for Sector and Industry (closes #2601) #2803
  • Make curl_cffi optional with fallback to requests (closes #2692) #2802 Fixes
  • Add 'repair' to get_history_metadata() #2777
  • Adding try block for added protection to "meta" data #2778
  • Fix: _dts_in_same_interval("1mo") ignored year #2780
  • Fix TypeError when data['chart'] is None in history.py (#2670) #2794
  • Fix dividends error on unlisted tickers #2797
  • Fix #2784: validate Market region and stop returning misleading status #2801
  • Make yf.download() reentrant by removing shared module globals #2805
  • Allow lang and region scoping for Ticker (closes #2582) #2804
  • Fix localized intraday download() always returning UTC #2825 Maintenance
  • chore: fix typos (prividing -> providing, Reponse -> Response) #2779
  • Fix Failing Tests #2792
  • Simplify phantom-dividend repair branch + drive-by typo/lint fixes #2810
  • Drop frozendict hard dependency in favour of an internal fallback #2821
Commits
  • 125b12e Version 1.4.1
  • 15ba022 Merge pull request #2836 from ranaroussi/dev
  • 0940e44 docs: changelog entry for 1df338c
  • 863f0a0 docs: changelog entry for c3db565
  • 1df338c Merge pull request #2832 from dokson/fix/download-index-name
  • c3db565 Preserve Date/Datetime index name in yf.download() output
  • 6b84cde docs: changelog entry for 754346f
  • 6f0525b docs: changelog entry for e005d2d
  • 0118573 docs: changelog entry for ff36bd7
  • cfb1799 docs: changelog entry for 44cc9ba
  • Additional commits viewable in compare view

Updates pydantic from 2.13.3 to 2.13.4

Release notes

Sourced from pydantic's releases.

v2.13.4 2026-05-06

v2.13.4 (2026-05-06)

What's Changed

Packaging

Fixes

Full Changelog: pydantic/pydantic@v2.13.3...v2.13.4

Changelog

Sourced from pydantic's changelog.

v2.13.4 (2026-05-06)

GitHub release

What's Changed

Packaging

Fixes

Commits
  • cf67d4b Fix linting
  • f0d8a21 Prepare release v2.13.4
  • 5e3fe1d Check for pydantic tag pattern in CI
  • 7f9edcc Document tagging conventions
  • b46a0c9 Adapt pydantic-core linker flags on macOS
  • 50629c8 Update to PyPy 7.3.22
  • 8522ebb Preserve RootModel core metadata
  • a37f3af Adapt MISSING sentinel test to work with unreleased typing_extensions ver...
  • 909259a Remove Logfire example in documentation
  • 2c4174c Bump libc from 0.2.155 to 0.2.185
  • See full diff in compare view

Updates langsmith from 0.7.37 to 0.8.9

Release notes

Sourced from langsmith's releases.

v0.8.9

What's Changed

Full Changelog: langchain-ai/langsmith-sdk@v0.8.8...v0.8.9

v0.8.8

What's Changed

Full Changelog: langchain-ai/langsmith-sdk@v0.8.7...v0.8.8

v0.8.7

What's Changed

Full Changelog: langchain-ai/langsmith-sdk@v0.8.6...v0.8.7

v0.8.6

What's Changed

... (truncated)

Commits
  • 1eda04b feat(sandbox): size the dockerfile-build sandbox via vcpus/mem_bytes (python)...
  • 5960910 test(python): deflake test_tracing_queue_limit_drops_when_full (#2964)
  • 846d4c5 chore: update dependabot.yml to comply with posture checks (#2966)
  • 48b66b3 ci: add minimum workflow permissions (#2967)
  • d0a93ac chore(deps-dev): bump types-tqdm from 4.67.3.20260408 to 4.67.3.20260518 in /...
  • fc9ba74 chore(deps-dev): bump the py-minor-and-patch group in /python with 6 updates ...
  • d54e69b chore(deps-dev): bump wrapt from 1.17.3 to 2.2.1 in /python (#2961)
  • 1d21258 chore(deps-dev): bump google-adk from 1.10.0 to 2.1.0 in /python (#2960)
  • b66d791 chore(deps-dev): bump typescript from 5.9.3 to 6.0.3 in /js (#2839)
  • a0f9eff chore(deps): bump the py-minor-and-patch group across 1 directory with 19 upd...
  • Additional commits viewable in compare view

Updates pytest-asyncio from 1.3.0 to 1.4.0

Release notes

Sourced from pytest-asyncio's releases.

pytest-asyncio v1.4.0

1.4.0 - 2026-05-26

Deprecated

  • Overriding the event_loop_policy fixture is deprecated. Use the pytest_asyncio_loop_factories hook instead. (#1419)

Added

  • Added the pytest_asyncio_loop_factories hook to parametrize asyncio tests with custom event loop factories.

    The hook returns a mapping of factory names to loop factories, and pytest.mark.asyncio(loop_factories=[...]) selects a subset of configured factories per test. When a single factory is configured, test names are unchanged.

    Synchronous @pytest_asyncio.fixture functions now see the correct event loop when custom loop factories are configured, even when test code disrupts the current event loop (e.g., via asyncio.run() or asyncio.set_event_loop(None)). (#1164)

Changed

  • Improved the readability of the warning message that is displayed when asyncio_default_fixture_loop_scope is unset (#1298)
  • Only import asyncio.AbstractEventLoopPolicy for type checking to avoid raising a DeprecationWarning. (#1394)
  • Updated minimum supported pytest version to v8.4.0. (#1397)

Fixed

  • Fixed a ResourceWarning: unclosed event loop warning that could occur when a synchronous test called asyncio.run() or otherwise unset the current event loop after pytest-asyncio had run an async test or fixture. (#724)

Notes for Downstream Packagers

  • Added dependency on sphinx-tabs >= 3.5 to organize documentation examples into tabs. (#1395)

pytest-asyncio v1.4.0a2

1.4.0a2 - 2026-05-02

Deprecated

  • Overriding the event_loop_policy fixture is deprecated. Use the pytest_asyncio_loop_factories hook instead. (#1419)

Added

  • Added the pytest_asyncio_loop_factories hook to parametrize asyncio tests with custom event loop factories.

    The hook returns a mapping of factory names to loop factories, and pytest.mark.asyncio(loop_factories=[...]) selects a subset of configured factories per test. When a single factory is configured, test names are unchanged on pytest 8.4+.

    Synchronous @pytest_asyncio.fixture functions now see the correct event loop when custom loop factories are configured, even when test code disrupts the current event loop (e.g., via asyncio.run() or asyncio.set_event_loop(None)). (#1164)

Changed

  • Improved the readability of the warning message that is displayed when asyncio_default_fixture_loop_scope is unset (#1298)
  • Only import asyncio.AbstractEventLoopPolicy for type checking to avoid raising a DeprecationWarning. (#1394)

... (truncated)

Commits
  • 6e14cd2 chore: Prepare release of v1.4.0.
  • 4b900fb Build(deps): Bump codecov/codecov-action from 6.0.0 to 6.0.1
  • ab9f632 Build(deps): Bump zipp from 3.23.1 to 4.1.0
  • a56fc77 Build(deps): Bump hypothesis from 6.152.6 to 6.152.8
  • e8bae9b Build(deps): Bump requests from 2.34.0 to 2.34.2
  • fc43340 Build(deps): Bump idna from 3.14 to 3.15
  • 762eaf5 Build(deps): Bump jaraco-functools from 4.4.0 to 4.5.0
  • b62e222 Build(deps): Bump click from 8.3.3 to 8.4.0
  • 9190447 Build(deps): Bump pydantic from 2.13.3 to 2.13.4
  • 82a393c ci: Remove unnecessary debug output.
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Jun 1, 2026
@vercel

vercel Bot commented Jun 1, 2026
edited
Loading

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
analyst-agent Ready Ready Preview, Comment Jun 8, 2026 12:17am

@dependabot
chore(deps): bump the minor-and-patch group across 1 directory with 7…
c2e885d 
… updates

Bumps the minor-and-patch group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [fastapi](https://github.com/fastapi/fastapi) | `0.136.1` | `0.136.3` |
| [uvicorn](https://github.com/Kludex/uvicorn) | `0.46.0` | `0.49.0` |
| [tavily-python](https://github.com/tavily-ai/tavily-python) | `0.7.23` | `0.7.25` |
| [yfinance](https://github.com/ranaroussi/yfinance) | `1.3.0` | `1.4.1` |
| [pydantic](https://github.com/pydantic/pydantic) | `2.13.3` | `2.13.4` |
| [langsmith](https://github.com/langchain-ai/langsmith-sdk) | `0.7.37` | `0.8.9` |
| [pytest-asyncio](https://github.com/pytest-dev/pytest-asyncio) | `1.3.0` | `1.4.0` |



Updates `fastapi` from 0.136.1 to 0.136.3
- [Release notes](https://github.com/fastapi/fastapi/releases)
- [Commits](fastapi/fastapi@0.136.1...0.136.3)

Updates `uvicorn` from 0.46.0 to 0.49.0
- [Release notes](https://github.com/Kludex/uvicorn/releases)
- [Changelog](https://github.com/Kludex/uvicorn/blob/main/docs/release-notes.md)
- [Commits](Kludex/uvicorn@0.46.0...0.49.0)

Updates `tavily-python` from 0.7.23 to 0.7.25
- [Commits](https://github.com/tavily-ai/tavily-python/commits)

Updates `yfinance` from 1.3.0 to 1.4.1
- [Release notes](https://github.com/ranaroussi/yfinance/releases)
- [Changelog](https://github.com/ranaroussi/yfinance/blob/main/CHANGELOG.rst)
- [Commits](ranaroussi/yfinance@1.3.0...1.4.1)

Updates `pydantic` from 2.13.3 to 2.13.4
- [Release notes](https://github.com/pydantic/pydantic/releases)
- [Changelog](https://github.com/pydantic/pydantic/blob/main/HISTORY.md)
- [Commits](pydantic/pydantic@v2.13.3...v2.13.4)

Updates `langsmith` from 0.7.37 to 0.8.9
- [Release notes](https://github.com/langchain-ai/langsmith-sdk/releases)
- [Commits](langchain-ai/langsmith-sdk@v0.7.37...v0.8.9)

Updates `pytest-asyncio` from 1.3.0 to 1.4.0
- [Release notes](https://github.com/pytest-dev/pytest-asyncio/releases)
- [Commits](pytest-dev/pytest-asyncio@v1.3.0...v1.4.0)

---
updated-dependencies:
- dependency-name: fastapi
  dependency-version: 0.136.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: langsmith
  dependency-version: 0.8.8
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: pydantic
  dependency-version: 2.13.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: pytest-asyncio
  dependency-version: 1.4.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: tavily-python
  dependency-version: 0.7.25
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: uvicorn
  dependency-version: 0.48.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: yfinance
  dependency-version: 1.4.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/pip/minor-and-patch-b38fd5fc47 branch from 0ca6b53 to c2e885d Compare June 8, 2026 00:17
@sonarqubecloud

sonarqubecloud Bot commented Jun 8, 2026

Copy link
Copy Markdown

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants