Skip to content

chore(deps): bump the lockfile-minor-patch group with 9 updates#781

Open
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/uv/lockfile-minor-patch-bbe490d4ea
Open

chore(deps): bump the lockfile-minor-patch group with 9 updates#781
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/uv/lockfile-minor-patch-bbe490d4ea

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown
Contributor

Bumps the lockfile-minor-patch group with 9 updates:

Package From To
astropy 7.2.0 7.2.1
canfar 1.3.5 1.4.1
cs-util 0.2 0.2.1
matplotlib 3.10.9 3.11.0
reproject 0.19.0 0.20.0
tqdm 4.68.1 4.68.3
snakemake 9.22.0 9.23.0
hypothesis 6.155.2 6.155.3
pytest 9.0.3 9.1.0

Updates astropy from 7.2.0 to 7.2.1

Release notes

Sourced from astropy's releases.

v7.2.1

See https://docs.astropy.org/en/v7.2.1/changelog.html

Commits
  • 6754556 Merge pull request #19927 from astrofrog/v7.2.1-changelog
  • 4bcd839 Finalizing changelog for v7.2.1
  • a72cd47 Merge pull request #19905 from meeseeksmachine/auto-backport-of-pr-19904-on-v...
  • 32cf3db Backport PR #19904: Add MultiNorm to the nitpick exceptions
  • 69b52a8 Merge pull request #19889 from meeseeksmachine/auto-backport-of-pr-19141-on-v...
  • 680bd3d Backport PR #19141: Fix AttributeError when pickling unbound DataInfo ins...
  • 91e6e99 Merge pull request #19882 from meeseeksmachine/auto-backport-of-pr-19864-on-v...
  • c0b13f0 Backport PR #19871: DOC: Fix stretch parameter typo in docstrings (#19887)
  • 0299dd7 Backport PR #19871: DOC: Fix stretch parameter typo in docstrings
  • e08f734 Backport PR #19864: DOC: Update license year
  • Additional commits viewable in compare view

Updates canfar from 1.3.5 to 1.4.1

Release notes

Sourced from canfar's releases.

v1.4.1

1.4.1 (2026-06-11)

Bug Fixes

  • docs: updated compatibility notes (3eb0ee2)
  • typo and link fix (2fe2ec9)

Documentation

  • add latest to list of releases and add platform notes (440de9f)
  • add reference link (36f8afe)

v1.4.0

1.4.0 (2026-06-11)

Features

  • 2026.2: new login flow, manage identities & servers, script-friendly machine output, support for new ui (70441f2)
  • config: key servers by name and simplify config get/set (eb98a23)

Bug Fixes

  • ci: configure codecov coverage statuses (9539995)
  • ci: relaxed int tests (7fccadd)
  • ci: relaxing test coverage due to network instability (79366b9)
  • client: skip expiry hook when runtime credentials active (#115) (7250f9e)
  • deps: update (4a55ecc)
  • deps: updated dependabot and pre-commit (679d22f)
  • dockerfile: entrypoint (fa264d1)
  • parameter name from 'server' to 'url' (cda9af1)
  • security: token permissions (ba94fee)
  • style: lint (8853536)
  • syntax: improvement for if/else (48265d5)
  • test: use cross-platform isolated HOME for pytest (1132f82)

Documentation

  • add Server Name glossary and agent memory for dict-keyed config (bfaf6f8)
  • adr: record server name as configuration identity (a91ca7e)
  • agents: record runtime credential hook precedence (b7d3c61)
  • readme: href-fix (cd5946d)
  • release-notes: fix for deployment link (83aab54)
  • release-notes: note GH #115 runtime credential expiry fix (2bb6293)
  • release-notes: typos (11e5b3e)

... (truncated)

Changelog

Sourced from canfar's changelog.

1.4.1 (2026-06-11)

Bug Fixes

  • docs: updated compatibility notes (3eb0ee2)
  • typo and link fix (2fe2ec9)

Documentation

  • add latest to list of releases and add platform notes (440de9f)
  • add reference link (36f8afe)

1.4.0 (2026-06-11)

Features

  • 2026.2: new login flow, manage identities & servers, script-friendly machine output, support for new ui (70441f2)
  • config: key servers by name and simplify config get/set (eb98a23)

Bug Fixes

  • ci: configure codecov coverage statuses (9539995)
  • ci: relaxed int tests (7fccadd)
  • ci: relaxing test coverage due to network instability (79366b9)
  • client: skip expiry hook when runtime credentials active (#115) (7250f9e)
  • deps: update (4a55ecc)
  • deps: updated dependabot and pre-commit (679d22f)
  • dockerfile: entrypoint (fa264d1)
  • parameter name from 'server' to 'url' (cda9af1)
  • security: token permissions (ba94fee)
  • style: lint (8853536)
  • syntax: improvement for if/else (48265d5)
  • test: use cross-platform isolated HOME for pytest (1132f82)

Documentation

  • add Server Name glossary and agent memory for dict-keyed config (bfaf6f8)
  • adr: record server name as configuration identity (a91ca7e)
  • agents: record runtime credential hook precedence (b7d3c61)
  • readme: href-fix (cd5946d)
  • release-notes: fix for deployment link (83aab54)
  • release-notes: note GH #115 runtime credential expiry fix (2bb6293)
  • release-notes: typos (11e5b3e)
  • release: 2026.2 feedback (ee2aa39)
  • release: Draft version of the 2026.2 release notes (ef59d1c)
Commits
  • d47c78e Merge pull request #126 from opencadc/release-please--branches--main--compone...
  • 0577595 chore(main): release 1.4.1
  • 38e9b03 Merge pull request #127 from opencadc/docs/compatibility-notes
  • 3eb0ee2 fix(docs): updated compatibility notes
  • 272fec4 Merge pull request #125 from opencadc/2026-2-notes
  • 2fe2ec9 fix: typo and link fix
  • 36f8afe docs: add reference link
  • 440de9f docs: add latest to list of releases and add platform notes
  • 23c5296 Merge pull request #97 from opencadc/release-please--branches--main--componen...
  • aec2a36 chore(main): release 1.4.0
  • Additional commits viewable in compare view

Updates cs-util from 0.2 to 0.2.1

Updates matplotlib from 3.10.9 to 3.11.0

Release notes

Sourced from matplotlib's releases.

REL: v3.11.0

The largest change within this release is a complete overhaul of text and font processing. Through the use of libraqm, HarfBuzz, SheenBidi, and an updated release of FreeType, all text should now support modern font features, enabling full internationalization in all languages. Not all features of these libraries are supported yet, but we expect this work to enable further improvements in an easier manner.

Outside of text handling, there are several improvements to 3D Axes, performance, new accessible colour sequences, flexible figure management, and more. See the release notes for more information.

REL: v3.11.0rc2

This is the second release candidate for the meso release 3.11.0.

This release candidate fixes some problems with downstream packages, removes some missed deprecations, and corrects some additional minor bugs.

REL: v3.11.0rc1

After an extended development stretch, we are pleased to announce the first release candidate of Matplotlib 3.11.0.

The largest change within this release is a complete overhaul of text and font processing. Through the use of libraqm, HarfBuzz, SheenBidi, and an updated release of FreeType, all text should now support modern font features, enabling full internationalization in all languages. Not all features of these libraries are supported yet, but we expect this work to enable further improvements in an easier manner. Due to the update to the font rendering stack, we cannot guarantee that text will be bit-for-bit perfect with previous releases, so if you are using Matplotlib for testing, it may be necessary to introduce/raise a tolerance within your tests.

Outside of text handling, there are several improvements to 3D Axes, performance, new accessible colour sequences, flexible figure management, and more. Final release notes are still being curated, but you may browse the list of new features, API changes, and all issues/pull requests on the milestone.

As a note for downstream packagers, the font libraries have only been tested against the versions bundled with the wheels. It may be possible to expand the range of requirements, or that a requirement is too broad. Please report any issues you have building against external dependencies.

Commits
  • 69c7534 REL: v3.11.0
  • b7d912b DOC: Set 3.11 as preferred stable release
  • 7c3d502 Update Security Policy for 3.11
  • 964e73d DOC: Prepare GitHub stats for 3.11 final
  • bfa2633 Bump font manager version to final release
  • d0603b2 Merge pull request #31873 from meeseeksmachine/auto-backport-of-pr-31706-on-v...
  • edf5ebc Backport PR #31706: Fix clabel manual index
  • c0e80b7 Merge pull request #31872 from meeseeksmachine/auto-backport-of-pr-31868-on-v...
  • 2a14854 Backport PR #31868: DOC: Move errorbar examples to the statistics sections
  • ea43d96 Merge pull request #31871 from meeseeksmachine/auto-backport-of-pr-31870-on-v...
  • Additional commits viewable in compare view

Updates reproject from 0.19.0 to 0.20.0

Commits

Updates tqdm from 4.68.1 to 4.68.3

Release notes

Sourced from tqdm's releases.

tqdm v4.68.3 stable

  • utils: delay os.get_terminal_size (#1763 <- #1760)
  • autonotebook: support QtConsole, Spyder, JupyterLite (#1763, #1628, #1559 <- #1283, #1098, #512)
  • minor docs updates
    • fix typo (#1762)
    • use git-fame
  • misc minor framework updates
    • fix & update CI build
    • pre-commit: add docs & metadata generation
    • move tox.ini -> pyproject.toml, move tox-gh-actions -> tox-gh
    • add Python 3.14, drop 3.7 support

tqdm v4.68.2 stable

  • revert accidental change to ascii default (fixes #1760)
    • UnicodeEncodeError: 'charmap' codec can't encode characters in position 6-7: character maps to <undefined> can be fixed by installing tqdm!=4.68.0,!=4.68.1
  • misc docs updates
    • fix links
    • replace stray rst -> md syntax
    • consistent "progress bar" terminology (#1737)
  • tests: fix coverage (fixes #1760)
Commits
  • 9aff609 bump version, merge pull request #1763 from tqdm/jupyterlite
  • 9872f80 drop date from snap version str to fix pydantic
  • b829334 support QtConsole, Spyder, JupyterLite
  • 6fa4867 delay os.get_terminal_size
  • 748e107 lint
  • e6e29eb move tox.ini -> pyproject.toml
  • 617e4fa tox-gh-actions -> tox-gh
  • c49c50d add python 3.14, drop python 3.7 support
  • fa2bcdb pre-commit: tqdm.1
  • 1ec7988 auto git-fame
  • Additional commits viewable in compare view

Updates snakemake from 9.22.0 to 9.23.0

Release notes

Sourced from snakemake's releases.

v9.23.0

9.23.0 (2026-06-11)

Features

  • support remote snakefile via gh/gl shorthand (#4161) (ec2f12a)

Bug Fixes

  • remove leaked secrets in input source file display and ensure that wrapper scripts are properly fetched as GithubFile (including caching) (#4225) (6b06433)
  • set log level accordingly when debug dag is set (#3778) (eea0f41)

Documentation

  • add post-deploy example that ensures .Renviron is ignored for R package installations (#4140) (b64c39e)
  • note about quoting dynamic resource statements with python code, quotes in example (#4214) (66503de)
  • sort faq questions into sections (#4095) (d92f290)
Changelog

Sourced from snakemake's changelog.

9.23.0 (2026-06-11)

Features

  • support remote snakefile via gh/gl shorthand (#4161) (ec2f12a)

Bug Fixes

  • remove leaked secrets in input source file display and ensure that wrapper scripts are properly fetched as GithubFile (including caching) (#4225) (6b06433)
  • set log level accordingly when debug dag is set (#3778) (eea0f41)

Documentation

  • add post-deploy example that ensures .Renviron is ignored for R package installations (#4140) (b64c39e)
  • note about quoting dynamic resource statements with python code, quotes in example (#4214) (66503de)
  • sort faq questions into sections (#4095) (d92f290)
Commits
  • 4990340 chore(main): release 9.23.0 (#4222)
  • eea0f41 fix: set log level accordingly when debug dag is set (#3778)
  • ec2f12a feat: support remote snakefile via gh/gl shorthand (#4161)
  • 6b06433 fix: remove leaked secrets in input source file display and ensure that wrapp...
  • d92f290 docs: sort faq questions into sections (#4095)
  • b64c39e docs: add post-deploy example that ensures .Renviron is ignored for R packa...
  • e576ca6 build(deps): bump actions/checkout from 6 to 6.0.2 in the dependencies group ...
  • 66503de docs: note about quoting dynamic resource statements with python code, quotes...
  • See full diff in compare view

Updates hypothesis from 6.155.2 to 6.155.3

Commits
  • 8497a82 Bump hypothesis version to 6.155.3 and update changelog
  • 1ac02e3 Merge pull request #4767 from pschanely/suppress-observations
  • 814a0ef Merge branch 'master' into suppress-observations
  • ef41ab2 Fix two crosshair-backend test failures + a spurious empty observation
  • 1084b33 claude: fix link preview dark styling in furo auto theme mode
  • caa15d0 Bump hypothesis version to 6.155.2 and update changelog
  • 41f16b2 format
  • e4ce59e rewrite comments and improve test
  • b3d84f5 fixed flake
  • 47b6f0f Update pinned dependencies
  • Additional commits viewable in compare view

Updates pytest from 9.0.3 to 9.1.0

Release notes

Sourced from pytest's releases.

9.1.0

pytest 9.1.0 (2026-06-13)

Removals and backward incompatible breaking changes

  • #14533: When using --doctest-modules, autouse fixtures with module, package or session scope that are defined inline in Python test modules (not plugins or conftests) will now possibly execute twice.

    If this is undesirable, move the fixture definition to a conftest.py file if possible.

    Technical explanation for those interested: When using --doctest-modules, pytest possibly collects Python modules twice, once as pytest.Module and once as a DoctestModule (depending on the configuration). Due to improvements in pytest's fixture implementation, if e.g. the DoctestModule collects a fixture, it is now visible to it only, and not to the Module. This means that both need to register the fixtures independently.

Deprecations (removal in next major release)

  • #10819: Added a deprecation warning for class-scoped fixtures defined as instance methods (without @classmethod). Such fixtures set attributes on a different instance than the test methods use, leading to unexpected behavior. Use @classmethod decorator instead -- by yastcher.

    See 10819 and 14011.

  • #12882: Calling request.getfixturevalue() <pytest.FixtureRequest.getfixturevalue> during teardown to request a fixture that was not already requested is now deprecated and will become an error in pytest 10.

    See dynamic-fixture-request-during-teardown for details.

  • #13409: Using non-~collections.abc.Collection iterables (such as generators, iterators, or custom iterable objects) for the argvalues parameter in @pytest.mark.parametrize <pytest.mark.parametrize ref> and metafunc.parametrize <pytest.Metafunc.parametrize> is now deprecated.

    These iterables get exhausted after the first iteration, leading to tests getting unexpectedly skipped in cases such as running pytest.main() multiple times, using class-level parametrize decorators, or collecting tests multiple times.

    See parametrize-iterators for details and suggestions.

  • #13946: The private config.inicfg attribute is now deprecated. Use config.getini() <pytest.Config.getini> to access configuration values instead.

    See config-inicfg for more details.

  • #14004: Passing baseid to ~pytest.FixtureDef or nodeid strings to fixture registration APIs is now deprecated. These are internal pytest APIs that are used by some plugins.

    Use the node parameter instead for fixture scoping. This enables more robust node-based matching instead of string prefix matching. If you've used nodeid=None, pass node=session instead.

    This will be removed in pytest 10.

  • #14335: The method of configuring hooks using markers, deprecated since pytest 7.2, is now scheduled to be removed in pytest 10. See hook-markers for more details.

  • #14434: The --pastebin option is now deprecated.

... (truncated)

Commits
  • b2522cf Prepare release version 9.1.0
  • 368d2fc [refactor] Tighten SetComparisonFunction to Iterator[str] (#14587)
  • ff77cd8 [refactor] Make base assertion comparisons return an iterator instead of a li...
  • 0d8491a build(deps): Bump actions/stale from 10.2.0 to 10.3.0
  • 4a809d9 Merge pull request #14568 from pytest-dev/register-fixture
  • 5dfa385 Fix recursion traceback test to cover all styles (#14582)
  • f52ff0c Add pytest.register_fixture
  • a8ac094 Merge pull request #14567 from pytest-dev/more-visibility-deprecate
  • e5620cd [pre-commit.ci] pre-commit autoupdate (#14577)
  • 2ce9c6d Merge pull request #14540 from minbang930/fix-14533-doctest-module-fixtures
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the lockfile-minor-patch group with 9 updates:

| Package | From | To |
| --- | --- | --- |
| [astropy](https://github.com/astropy/astropy) | `7.2.0` | `7.2.1` |
| [canfar](https://github.com/opencadc/canfar) | `1.3.5` | `1.4.1` |
| cs-util | `0.2` | `0.2.1` |
| [matplotlib](https://github.com/matplotlib/matplotlib) | `3.10.9` | `3.11.0` |
| [reproject](https://github.com/astrofrog/reproject) | `0.19.0` | `0.20.0` |
| [tqdm](https://github.com/tqdm/tqdm) | `4.68.1` | `4.68.3` |
| [snakemake](https://github.com/snakemake/snakemake) | `9.22.0` | `9.23.0` |
| [hypothesis](https://github.com/HypothesisWorks/hypothesis) | `6.155.2` | `6.155.3` |
| [pytest](https://github.com/pytest-dev/pytest) | `9.0.3` | `9.1.0` |


Updates `astropy` from 7.2.0 to 7.2.1
- [Release notes](https://github.com/astropy/astropy/releases)
- [Changelog](https://github.com/astropy/astropy/blob/main/docs/changelog.rst)
- [Commits](astropy/astropy@v7.2.0...v7.2.1)

Updates `canfar` from 1.3.5 to 1.4.1
- [Release notes](https://github.com/opencadc/canfar/releases)
- [Changelog](https://github.com/opencadc/canfar/blob/main/CHANGELOG.md)
- [Commits](opencadc/canfar@v1.3.5...v1.4.1)

Updates `cs-util` from 0.2 to 0.2.1

Updates `matplotlib` from 3.10.9 to 3.11.0
- [Release notes](https://github.com/matplotlib/matplotlib/releases)
- [Commits](matplotlib/matplotlib@v3.10.9...v3.11.0)

Updates `reproject` from 0.19.0 to 0.20.0
- [Changelog](https://github.com/astrofrog/reproject/blob/master/CHANGES.md)
- [Commits](https://github.com/astrofrog/reproject/commits)

Updates `tqdm` from 4.68.1 to 4.68.3
- [Release notes](https://github.com/tqdm/tqdm/releases)
- [Commits](tqdm/tqdm@v4.68.1...v4.68.3)

Updates `snakemake` from 9.22.0 to 9.23.0
- [Release notes](https://github.com/snakemake/snakemake/releases)
- [Changelog](https://github.com/snakemake/snakemake/blob/main/CHANGELOG.md)
- [Commits](snakemake/snakemake@v9.22.0...v9.23.0)

Updates `hypothesis` from 6.155.2 to 6.155.3
- [Release notes](https://github.com/HypothesisWorks/hypothesis/releases)
- [Commits](HypothesisWorks/hypothesis@v6.155.2...v6.155.3)

Updates `pytest` from 9.0.3 to 9.1.0
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](pytest-dev/pytest@9.0.3...9.1.0)

---
updated-dependencies:
- dependency-name: astropy
  dependency-version: 7.2.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: lockfile-minor-patch
- dependency-name: canfar
  dependency-version: 1.4.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: lockfile-minor-patch
- dependency-name: cs-util
  dependency-version: 0.2.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: lockfile-minor-patch
- dependency-name: matplotlib
  dependency-version: 3.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: lockfile-minor-patch
- dependency-name: reproject
  dependency-version: 0.20.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: lockfile-minor-patch
- dependency-name: tqdm
  dependency-version: 4.68.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: lockfile-minor-patch
- dependency-name: snakemake
  dependency-version: 9.23.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: lockfile-minor-patch
- dependency-name: hypothesis
  dependency-version: 6.155.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: lockfile-minor-patch
- dependency-name: pytest
  dependency-version: 9.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: lockfile-minor-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jul 1, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants