Skip to content

build(deps): bump the all-dependencies group across 1 directory with 6 updates#81

Merged
github-actions[bot] merged 1 commit into
mainfrom
dependabot/uv/all-dependencies-b69fc72bb2
Jun 7, 2026
Merged

build(deps): bump the all-dependencies group across 1 directory with 6 updates#81
github-actions[bot] merged 1 commit into
mainfrom
dependabot/uv/all-dependencies-b69fc72bb2

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 3, 2026

Copy link
Copy Markdown
Contributor

Bumps the all-dependencies group with 6 updates in the / directory:

Package From To
portage 3.0.77 3.0.78
ruff 0.15.12 0.15.15
rust-just 1.50.0 1.51.0
basedpyright 1.39.3 1.39.6
zizmor 1.24.1 1.25.2
ansible 13.6.0 13.7.0

Updates portage from 3.0.77 to 3.0.78

Changelog

Sourced from portage's changelog.

portage-3.0.78 (2026-05-03)

This release has several big changes to binary package support: signature verification is enabled by default, and there are new EXPERIMENTAL configuration options for controlling binpkg use per repository and binary repository.

There are many miscellaneous improvements as well.

Breaking changes:

  • cnf: enable verify-signature by default in binrepos.conf (bug #945384, bug #969086)

    PGP signature verification is now enabled by default for all binary repositories.

    Signature verification is not supported for the old 'xpak' binary format (i.e. it requires the new 'gpkg' format).

    The new default can be overridden in /etc/portage/binrepos.conf with either:

    [DEFAULT]
    verify-signature = false
    

    or

    [reponame]
    verify-signature = false
    

    or with FEATURES="binpkg-ignore-signature" in /etc/portage/make.conf.

    To set up signing for binpkgs, a signing keyring must reside (by default) at /root/.gnupg and a verification keyring must reside (by default) at /etc/portage/gnupg. The verification keyring must mark the signing key as trusted. Signing is toggled by FEATURES="binpkg-signing".

Features:

  • config: binrepos.conf: Add 'getbinpkg-exclude', 'getbinpkg-include' (bug #463964).

    NOTE: This feature is considered experimental and subject to change based on feedback.

  • config: repos.conf: Add 'usepkg-exclude', 'usepkg-include' (bug #463964).

    NOTE: This feature is considered experimental and subject to change based on feedback.

  • emerge: Add --getbinpkg-include, --getbinpkg-exclude (bug #463964).

... (truncated)

Commits
  • 8be771d NEWS, meson.build: prepare for portage-3.0.78
  • 5e91893 emaint: report masking reasons from porttree rather than vartree
  • 2fb3616 NEWS: update
  • d59727a emaint: hide failures to determine ebuild masking reasons
  • 8cc7660 netlink: update ifaddrmsg struct to match docs
  • 9034350 netlink: clean up socket logic
  • c568ef9 estrip: Don't break the debuglink CRC with the salted build ID
  • ac461a2 fowners: move path logic into global scope
  • 90e6e99 fowners: add compat to resolve_owner for older EAPIs
  • 6e0d845 fowners: use numeric-uid-gid w/ custom target root
  • Additional commits viewable in compare view

Updates ruff from 0.15.12 to 0.15.15

Release notes

Sourced from ruff's releases.

0.15.15

Release Notes

Released on 2026-05-28.

Preview features

  • Fix Markdown closing fence handling (#25310)
  • [pyflakes] Report duplicate imports in typing.TYPE_CHECKING block (F811) (#22560)

Bug fixes

  • [pyflakes] Treat function-scope bare annotations as locals per PEP 526 (F821) (#21540)

Performance

  • Avoid redundant TokenValue drops in the lexer (#25300)
  • Reduce memory usage by dropping token-excess capacity and improve performance by approximating the initial tokens Vec size (#25354)
  • Use ThinVec in AST to shrink Stmt (#25361)

Documentation

  • Fix line-length example for --config option (#25389)
  • [flake8-comprehensions] Document RecursionError edge case in __len__ (C416) (#25286)
  • [mccabe] Improve example (C901) (#25287)
  • [pyupgrade] Clarify fix safety docs (UP007, UP045) (#25288)
  • [refurb] Document FURB192 exception change for empty sequences (#25317)
  • [ruff] Document false negative for user-defined types (RUF013) (#25289)

Formatter

  • Fix formatting of lambdas nested within f-strings (#25398)

Server

  • Return code action for codeAction/resolve requests that contain no or no valid URL (#25365)

Other changes

  • Expand semantic syntax errors for invalid walruses (#25415)

Contributors

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.15

Released on 2026-05-28.

Preview features

  • Fix Markdown closing fence handling (#25310)
  • [pyflakes] Report duplicate imports in typing.TYPE_CHECKING block (F811) (#22560)

Bug fixes

  • [pyflakes] Treat function-scope bare annotations as locals per PEP 526 (F821) (#21540)

Performance

  • Avoid redundant TokenValue drops in the lexer (#25300)
  • Reduce memory usage by dropping token-excess capacity and improve performance by approximating the initial tokens Vec size (#25354)
  • Use ThinVec in AST to shrink Stmt (#25361)

Documentation

  • Fix line-length example for --config option (#25389)
  • [flake8-comprehensions] Document RecursionError edge case in __len__ (C416) (#25286)
  • [mccabe] Improve example (C901) (#25287)
  • [pyupgrade] Clarify fix safety docs (UP007, UP045) (#25288)
  • [refurb] Document FURB192 exception change for empty sequences (#25317)
  • [ruff] Document false negative for user-defined types (RUF013) (#25289)

Formatter

  • Fix formatting of lambdas nested within f-strings (#25398)

Server

  • Return code action for codeAction/resolve requests that contain no or no valid URL (#25365)

Other changes

  • Expand semantic syntax errors for invalid walruses (#25415)

Contributors

... (truncated)

Commits
  • db5aa0a Bump 0.15.15 (#25431)
  • 366fe21 [ty] Improve diagnostics for syntax errors in forward annotations (#25158)
  • e2e1e64 [ty] Remove excess capacity from more Salsa cached collections (#25411)
  • 1bd77e1 [ty] Use diagnostic message as tie breaker when sorting (#25424)
  • 7e1bc1e Add agent skills for working on ty (#25422)
  • 574e107 Expand semantic syntax errors for invalid walruses (#25415)
  • 4a7ca06 [ty] Display docs for matching parameter when hovering over the name of an ar...
  • 5432709 Refine a few agents instructions (#25423)
  • 3cb09eb [ty] Support typing.TypeForm (#25334)
  • c8cd59f [ty] Infer class attributes assigned by metaclass initialization (#25342)
  • Additional commits viewable in compare view

Updates rust-just from 1.50.0 to 1.51.0

Release notes

Sourced from rust-just's releases.

1.51.0

Added

Changed

  • Allow [env] attribute to take expressions (#3329 by casey)
  • Allow using expressions with [working-directory] (#3326 by casey)
  • Read justfile from standard input with --justfile - (#3325 by casey)
  • Make parent_directory() of bare filename return . (#3313 by casey)
  • Make [env] override module-level exports (#3312 by casey)

Fixed

  • Fail on deep recursion instead of overflowing stack (#3319 by casey)
  • Invoke chooser selections separately (#3311 by casey)
  • Don't evaluate unused assertions (#3310 by casey)
  • Respect lazy setting in submodules (#3308 by casey)
  • Fix overrides not being visible in user-defined functions (#3307 by casey)
  • Don't panic on invalid datetime format string (#3304 by casey)

Misc

  • Use cargo-limit commands in justfile (#3331 by casey)
  • Simplify code more (#3330 by casey)
  • Update install-dev-deps recipe with compatible mdbook (#3328 by casey)
  • Simplify code (#3327 by casey)
  • Link to duplicate recipe issue in readme (#3321 by casey)
  • Remove periods from error messages (#3316 by casey)
  • Avoid multi-sentence error messagess (#3315 by casey)
  • Make error messages lowercase (#3314 by casey)
  • Actually bump version to 1.50.0 (#3303 by casey)
Changelog

Sourced from rust-just's changelog.

Commits
  • 1949b3d Merge pull request #476 from gnpaone/sync-action
  • f55bd7f chore: sync files from source repo
  • a3ee985 Merge pull request #475 from gnpaone/sync-action
  • f28ab0e chore: sync files from source repo
  • 7a16ca9 Merge pull request #474 from gnpaone/dependabot/npm_and_yarn/npm/rust-just/ty...
  • def1fb7 npm(deps-dev): bump @​types/node from 25.6.0 to 25.6.2 in /npm/rust-just
  • 283029b Merge pull request #473 from gnpaone/sync-action
  • 5db9a03 chore: sync files from source repo
  • 37311da Merge pull request #472 from gnpaone/dependabot/npm_and_yarn/npm/rust-just/ty...
  • 8604618 npm(deps-dev): bump @​typescript-eslint/eslint-plugin in /npm/rust-just
  • Additional commits viewable in compare view

Updates basedpyright from 1.39.3 to 1.39.6

Commits
  • ad82d91 1.39.6
  • cf60738 fix vscode config for formatting markdown files now that we use two formatter...
  • 29e303a print stderr from npm commands when build fails
  • f133f3d uncomment some test code which started causing a test to fail. no idea why i ...
  • f71e96b remove python 3.9 check from TypeAlias4 test because typeshed has dropped s...
  • e4c40b7 fix tests
  • d7c522b ruff ignore new benchmarkData files from upstream
  • a7cf33d fix eslint in vscode
  • 14c96be fix logic for reporting invalid pythonPlatform detected by the new eslint v...
  • 280802c remove remnants of webpack
  • Additional commits viewable in compare view

Updates zizmor from 1.24.1 to 1.25.2

Release notes

Sourced from zizmor's releases.

v1.25.2

Bug Fixes 🐛🔗

v1.25.1

Bug Fixes 🐛🔗

v1.25.0

New Features 🌈🔗

  • zizmor's finding severities can now be remapped on a per-audit basis. See the configuration for details (#1913)

    Many thanks to @​Proximyst for proposing and implementing this improvement!

  • New audit: github-app detects dangerous usages of GitHub App installation tokens (#1926)

  • New audit: [unpinned-tools] detects actions that install tools without pinning to a specific version (#1820)

  • zizmor now accepts the --no-ignores flag to disable all ignore comments and configurations when reporting findings (#1935)

  • zizmor's LSP now honors the --persona flag on the CLI (#1943)

  • zizmor is now aware of Docker-based action definitions, in addition to the pre-existing support for "composite" actions (#1965)

Enhancements🔗

... (truncated)

Changelog

Sourced from zizmor's changelog.

1.25.2

Bug Fixes 🐛

  • Fixed a bug where the [unpinned-tools] audit would incorrectly flag the @​aquasecurity/trivy-action action as installing an unpinned tool version, rather than @​aquasecurity/setup-trivy (#2018)

1.25.1

Bug Fixes 🐛

  • Fixed a bug where the [cache-poisoning] audit would fail to consider release events as exempt from cache usage findings when filtered by a tag condition (#2004)

  • Fixed a typo when suggesting --fix flags for findings (#2010)

    Many thanks to @​0xdea for implementing this fix!

  • Fixed a typo in [unpinned-tools] annotations (#2008)

    Many thanks to @​martincostello for implementing this fix!

  • Fixed a bug where the [github-app] audit would incorrectly flag some safe uses of @​actions/create-github-app-token as unsafe (#2011)

1.25.0

New Features 🌈

  • zizmor's finding severities can now be remapped on a per-audit basis. See the configuration for details (#1913)

    Many thanks to @​Proximyst for proposing and implementing this improvement!

  • New audit: [github-app] detects dangerous usages of GitHub App installation tokens (#1926)

  • New audit: [unpinned-tools] detects actions that install tools without pinning to a specific version (#1820)

  • zizmor now accepts the --no-ignores flag to disable all ignore comments and configurations when reporting findings (#1935)

  • zizmor's LSP now honors the --persona flag on the CLI (#1943)

  • zizmor is now aware of Docker-based action definitions, in addition to the pre-existing support for "composite" actions (#1965)

... (truncated)

Commits

Updates ansible from 13.6.0 to 13.7.0

Commits
  • 21f5fed Ansible 13.7.0: Dependencies, changelog and porting guide (#681)
  • ccebf9c Pin netbox.netbox due to breaking change in 3.23.0 (#680)
  • dc23548 Schedule community.mysql removal (#678)
  • 59e063f Restrict community.mysql to < 4.3.0 for Ansible 13 (#677)
  • 13ad7a9 Add the ansible.mysql collection to Ansible 13 and 14 (#675)
  • 16eaa15 Also restrict cyberark.pas for Ansible 9 (used for antsibull-core builds).
  • dde3809 Ansible 14.0.0a4: Dependencies, changelog and porting guide (#674)
  • 028618c Restrict cyberark.pas to < 1.0.40. (#673)
  • 5127d3f Ansible 14.0.0a3: Dependencies, changelog and porting guide (#672)
  • faaa6cf Unpin hitachivantara.vspone_block (#671)
  • See full diff in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Jun 3, 2026
@github-actions github-actions Bot enabled auto-merge (squash) June 3, 2026 16:28
@Synss

Synss commented Jun 3, 2026

Copy link
Copy Markdown
Owner

@dependabot rebase

@dependabot @github

dependabot Bot commented on behalf of github Jun 3, 2026

Copy link
Copy Markdown
Contributor Author

The base commit for this pull request has not changed.

@Synss

Synss commented Jun 7, 2026

Copy link
Copy Markdown
Owner

@dependabot rebase

@dependabot @github

dependabot Bot commented on behalf of github Jun 7, 2026

Copy link
Copy Markdown
Contributor Author

The base commit for this pull request has not changed.

@Synss

Synss commented Jun 7, 2026

Copy link
Copy Markdown
Owner

@dependabot recreate

…6 updates

Bumps the all-dependencies group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [portage](https://github.com/gentoo/portage) | `3.0.77` | `3.0.78` |
| [ruff](https://github.com/astral-sh/ruff) | `0.15.12` | `0.15.15` |
| [rust-just](https://github.com/gnpaone/rust-just) | `1.50.0` | `1.51.0` |
| [basedpyright](https://github.com/detachhead/basedpyright) | `1.39.3` | `1.39.6` |
| [zizmor](https://github.com/zizmorcore/zizmor) | `1.24.1` | `1.25.2` |
| [ansible](https://github.com/ansible-community/ansible-build-data) | `13.6.0` | `13.7.0` |



Updates `portage` from 3.0.77 to 3.0.78
- [Changelog](https://github.com/gentoo/portage/blob/master/NEWS)
- [Commits](gentoo/portage@portage-3.0.77...portage-3.0.78)

Updates `ruff` from 0.15.12 to 0.15.15
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.12...0.15.15)

Updates `rust-just` from 1.50.0 to 1.51.0
- [Release notes](https://github.com/gnpaone/rust-just/releases)
- [Changelog](https://github.com/gnpaone/rust-just/blob/master/CHANGELOG.md)
- [Commits](gnpaone/rust-just@1.50.0...1.51.0)

Updates `basedpyright` from 1.39.3 to 1.39.6
- [Release notes](https://github.com/detachhead/basedpyright/releases)
- [Commits](DetachHead/basedpyright@v1.39.3...v1.39.6)

Updates `zizmor` from 1.24.1 to 1.25.2
- [Release notes](https://github.com/zizmorcore/zizmor/releases)
- [Changelog](https://github.com/zizmorcore/zizmor/blob/main/docs/release-notes.md)
- [Commits](zizmorcore/zizmor@v1.24.1...v1.25.2)

Updates `ansible` from 13.6.0 to 13.7.0
- [Changelog](https://github.com/ansible-community/ansible-build-data/blob/main/docs/release-process.md)
- [Commits](ansible-community/ansible-build-data@13.6.0...13.7.0)

---
updated-dependencies:
- dependency-name: ansible
  dependency-version: 13.7.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: basedpyright
  dependency-version: 1.39.6
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: portage
  dependency-version: 3.0.78
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: ruff
  dependency-version: 0.15.14
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: rust-just
  dependency-version: 1.51.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: zizmor
  dependency-version: 1.25.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title build(deps): bump the all-dependencies group with 6 updates build(deps): bump the all-dependencies group across 1 directory with 6 updates Jun 7, 2026
@dependabot dependabot Bot force-pushed the dependabot/uv/all-dependencies-b69fc72bb2 branch from 3096298 to db8e2eb Compare June 7, 2026 13:09
@github-actions github-actions Bot merged commit 3f5ecde into main Jun 7, 2026
9 checks passed
@dependabot dependabot Bot deleted the dependabot/uv/all-dependencies-b69fc72bb2 branch June 7, 2026 13:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant