Skip to content

build(deps): bump the all-dependencies group across 1 directory with 6 updates#87

Merged
github-actions[bot] merged 1 commit into
mainfrom
dependabot/uv/all-dependencies-3dfd0f6fca
Jul 2, 2026
Merged

build(deps): bump the all-dependencies group across 1 directory with 6 updates#87
github-actions[bot] merged 1 commit into
mainfrom
dependabot/uv/all-dependencies-3dfd0f6fca

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown
Contributor

Bumps the all-dependencies group with 6 updates in the / directory:

Package From To
portage 3.0.78 3.0.81
pytest 9.0.3 9.1.1
ruff 0.15.15 0.15.19
rust-just 1.51.0 1.54.0
basedpyright 1.39.6 1.39.8
zizmor 1.25.2 1.26.1

Updates portage from 3.0.78 to 3.0.81

Changelog

Sourced from portage's changelog.

portage-3.0.81 (2026-06-23)

Bug fixes:

  • Preserve non-boolean sync-openpgp-key-refresh values when composing PORTAGE_REPOSITORIES, so values such as "wkd", "keyserver", "false", and "false-nowarn" survive reparsing by child processes (bug #977915).

  • Ignore sync module declarations for built-in repos.conf options, preventing config_string() from emitting duplicate options in PORTAGE_REPOSITORIES (bug #965876).

  • Include sync-hooks-only-on-change in PORTAGE_REPOSITORIES, so processes that reparse repository configuration honour the configured value instead of falling back to false (bug #970768).

  • Do not create EAPI 9 PORTAGE_EBUILD_EXTRA_SOURCE directories under ${PORTAGE_TMPDIR}/portage for unprivileged --pretend operations, since it may be inaccessible to the calling user (bug #977840).

  • Refrain from invoking renice(1) unless PORTAGE_NICENESS is set. Previously, setting either PORTAGE_IONICE_COMMAND or PORTAGE_SCHEDULING_POLICY caused renice(1) to be invoked with a priority of 0, potentially overriding the inherited nice value (bug #977846).

  • Report and ignore package keyword atoms with USE dependencies instead of failing with a setcpv recursion assertion (bug #966832).

  • gpkg: Fix binpkg creation where emerge is invoked from a directory that undergoes removal (bug #975132).

  • Fix selectively building binary packages via packages.env. This was broken by the refactoring done for buildpkg-proactive in 3.0.80. (bug #977741)

  • Respect --usepkg=n and --getbinpkg=n on command line if the user has set FEATURES=getbinpkg (bug #759067)

  • emerge: Suppress world file warning for missing ebuilds with usepkgonly (bug #976362)

  • emerge: Fix typo in world file warning check.

portage-3.0.80 (2026-06-17)

Breaking changes:

  • Drop the @​unavailable-binaries set in favour of FEATURES="buildpkg-proactive" (see below) because the former cannot check whether an existing binary package is usable or whether a given ebuild will actually produce a binary package or

... (truncated)

Commits
  • b7c8948 NEWS, meson.build: prepare for portage-3.0.81
  • 656c0dd lib: Consolidate multiple sys.stderr.write calls
  • b715860 Fix typo in etc-update.conf
  • 3430321 man/portage.5: fix typo: userpriv -> usersync
  • 7e00102 pylint fixes
  • 13d73b5 emerge: fix typo in world warning set check
  • 231518a emerge: skip world warning with --usepkgonly
  • 80e6cd8 bintree: add missing ']' in XPAK vs binpkg-request-signature message
  • bf2eed4 man: emerge(1): Drop mention of incorrect true and false boolean choices
  • c54d297 Respect --usepkg=n and --getbinpkg=n on command line if FEATURES=getbinpkg
  • Additional commits viewable in compare view

Updates pytest from 9.0.3 to 9.1.1

Release notes

Sourced from pytest's releases.

9.1.1

pytest 9.1.1 (2026-06-19)

Bug fixes

  • #14220: Fixed a logic bug in pytest.RaisesGroup which would might cause it to display incorrect "It matches FooError() which was paired with BarError" messages.
  • #14591: Fixed a regression in pytest 9.1.0 which caused overriding a parametrized fixture with an indirect @​pytest.mark.parametrize to fail with "duplicate parametrization of '<fixture name>'".
  • #14606: Fixed list-item typing errors from mypy in @pytest.mark.parametrize <pytest.mark.parametrize ref> argvalues parameter.
  • #14608: Fixed a regression in pytest 9.1.0 where conftest.py files located in <invocation dir>/test* were no longer loaded as initial conftests when invoked without arguments. This could cause certain hooks (like pytest_addoption) in these files to not fire.

9.1.0

pytest 9.1.0 (2026-06-13)

Removals and backward incompatible breaking changes

  • #14533: When using --doctest-modules, autouse fixtures with module, package or session scope that are defined inline in Python test modules (not plugins or conftests) will now possibly execute twice.

    If this is undesirable, move the fixture definition to a conftest.py file if possible.

    Technical explanation for those interested: When using --doctest-modules, pytest possibly collects Python modules twice, once as pytest.Module and once as a DoctestModule (depending on the configuration). Due to improvements in pytest's fixture implementation, if e.g. the DoctestModule collects a fixture, it is now visible to it only, and not to the Module. This means that both need to register the fixtures independently.

Deprecations (removal in next major release)

  • #10819: Added a deprecation warning for class-scoped fixtures defined as instance methods (without @classmethod). Such fixtures set attributes on a different instance than the test methods use, leading to unexpected behavior. Use @classmethod decorator instead -- by yastcher.

    See 10819 and 14011.

  • #12882: Calling request.getfixturevalue() <pytest.FixtureRequest.getfixturevalue> during teardown to request a fixture that was not already requested is now deprecated and will become an error in pytest 10.

    See dynamic-fixture-request-during-teardown for details.

  • #13409: Using non-~collections.abc.Collection iterables (such as generators, iterators, or custom iterable objects) for the argvalues parameter in @pytest.mark.parametrize <pytest.mark.parametrize ref> and metafunc.parametrize <pytest.Metafunc.parametrize> is now deprecated.

    These iterables get exhausted after the first iteration, leading to tests getting unexpectedly skipped in cases such as running pytest.main() multiple times, using class-level parametrize decorators, or collecting tests multiple times.

    See parametrize-iterators for details and suggestions.

  • #13946: The private config.inicfg attribute is now deprecated. Use config.getini() <pytest.Config.getini> to access configuration values instead.

    See config-inicfg for more details.

  • #14004: Passing baseid to ~pytest.FixtureDef or nodeid strings to fixture registration APIs is now deprecated. These are internal pytest APIs that are used by some plugins.

... (truncated)

Commits
  • cf470ec Prepare release version 9.1.1
  • e0c8ce6 Merge pull request #14625 from pytest-dev/patchback/backports/9.1.x/a07c31a97...
  • 1b82d16 Merge pull request #14624 from pytest-dev/patchback/backports/9.1.x/b375b79ec...
  • 501c4bc Merge pull request #14596 from bluetech/doc-classmethod
  • b61f588 Merge pull request #14622 from chrisburr/fix-14608-initial-conftest-test-subdir
  • 9a567e0 [automated] Update plugin list (#14617) (#14618)
  • ef8b299 Merge pull request #14620 from pytest-dev/patchback/backports/9.1.x/680f9f3ed...
  • 66abd07 Merge pull request #14220 from bysiber/fix-stale-iexp-raisesgroup
  • 79fbf93 Merge pull request #14612 from pytest-dev/patchback/backports/9.1.x/974ed48b6...
  • 0d312eb Merge pull request #14611 from bluetech/parametrize-argvalues-typing
  • Additional commits viewable in compare view

Updates ruff from 0.15.15 to 0.15.19

Release notes

Sourced from ruff's releases.

0.15.19

Release Notes

Released on 2026-06-23.

Preview features

  • Support human-readable names when hovering suppression comments and in code actions (#26114)

Bug fixes

  • Fall back to default settings when editor-only settings are invalid (#26244)
  • Fix panic when inserting text at a notebook cell boundary (#26111)

Rule changes

  • [pylint] Update fix suggestions for __floor__, __trunc__, __length_hint__, and __matmul__ variants (PLC2801) (#26239)

Performance

  • Avoid allocating when parsing single string literals (#26200)
  • Avoid reallocating singleton call arguments (#26223)
  • Lazily create source files for lint diagnostics (#26226)
  • Optimize formatter text width and indentation (#26236)
  • Reserve capacity for builtin bindings (#26229)
  • Skip repeated-key checks for singleton dictionaries (#26228)
  • Use ArrayVec for qualified name segments (#26224)

Documentation

  • [flake8-pyi] Note that PYI051 is an opinionated stylistic rule (#26179)
  • [pyupgrade] Clarify UP029 as a Python 2 compatibility rule (#26243)

Other changes

  • Publish Ruff crates to crates.io (#26271)

Contributors

Install ruff 0.15.19

Install prebuilt binaries via shell script

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.19

Released on 2026-06-23.

Preview features

  • Support human-readable names when hovering suppression comments and in code actions (#26114)

Bug fixes

  • Fall back to default settings when editor-only settings are invalid (#26244)
  • Fix panic when inserting text at a notebook cell boundary (#26111)

Rule changes

  • [pylint] Update fix suggestions for __floor__, __trunc__, __length_hint__, and __matmul__ variants (PLC2801) (#26239)

Performance

  • Avoid allocating when parsing single string literals (#26200)
  • Avoid reallocating singleton call arguments (#26223)
  • Lazily create source files for lint diagnostics (#26226)
  • Optimize formatter text width and indentation (#26236)
  • Reserve capacity for builtin bindings (#26229)
  • Skip repeated-key checks for singleton dictionaries (#26228)
  • Use ArrayVec for qualified name segments (#26224)

Documentation

  • [flake8-pyi] Note that PYI051 is an opinionated stylistic rule (#26179)
  • [pyupgrade] Clarify UP029 as a Python 2 compatibility rule (#26243)

Other changes

  • Publish Ruff crates to crates.io (#26271)

Contributors

0.15.18

Released on 2026-06-18.

Preview features

... (truncated)

Commits
  • 7f04365 Bump version to 0.15.19 (#26291)
  • a30ba16 [ty] Infer definite equality comparison results (#26290)
  • bcd2028 [ty] Avoid recursion when projecting narrowing constraints (#26276)
  • c0e083e [ty] Avoid bypassing lazy constraints for Divergent (#26288)
  • fb13596 Record configured crates.io packages (#26281)
  • 85da759 [ty] Fix ParamSpec callable signature extraction for callable instances (#26279)
  • 4c98a81 [ty] Make multi-arm TypeOf cycle recovery monotonic (#26275)
  • 7b84361 [ty] Preserve regular kind for callable instances (#26253)
  • 93c8c59 [flake8-pyi] Note that PYI051 is an opinionated stylistic rule (#26179)
  • bc9bb05 [ty] Infer types for names bound in match patterns (#25940)
  • Additional commits viewable in compare view

Updates rust-just from 1.51.0 to 1.54.0

Release notes

Sourced from rust-just's releases.

1.54.0

Fixed

  • Forbid duplicate attribute keys (#3454 by casey)
  • Clear signal handler when infallible line catches signal (#3444 by casey)

Changed

  • Allow passing --dotenv-command multiple times (#3445 by casey)
  • Allow [arg] value to be expression (#3429 by casey)

Added

  • Add [continue] attribute (#3442 by casey)
  • Add --dotenv-command and set dotenv-command (#3441 by casey)

Cached Recipes

  • Add cache key to verbose output (#3465 by casey)
  • Add --no-cache flag (#3463 by casey)
  • Remove empty cache entries with just --clean (#3462 by casey)
  • Add just --clean instructions to readme (#3461 by casey)
  • Allow filtering --clean by recipe and module path (#3460 by casey)
  • Add --clean subcommand for clearing recipe cache (#3459 by casey)
  • Include recipe name in cache entries (#3457 by casey)
  • Add extra user-supplied cache key (#3456 by casey)
  • Fix working directory cache key (#3455 by casey)
  • Add output files to cached recipes (#3453 by casey)
  • Add file inputs to cached recipes (#3452 by casey)
  • Use body lines in cache key (#3451 by casey)
  • Use recipe body in cache key instead of lines (#3447 by casey)
  • Add additional cache keys (#3446 by casey)
  • Add cached recipes (#3437 by casey)

Misc

  • Rename AttributeDiscriminant to AttributeKind (#3464 by casey)
  • Improve invalid shell recipe attribute error message (#3458 by casey)
  • Add Environment struct (#3450 by casey)
  • Remove Test::no_justfile() (#3449 by casey)
  • Use plural consistently in UnstableFeature enum (#3448 by casey)
  • Lowercase ctrl consistently (#3443 by casey)
  • Add activating environments section to readme (#3440 by casey)
  • Bump minimum-supported Rust version to 1.89.0 (#3438 by casey)
  • Make non-unicode error messages consistent (#3436 by casey)
  • Lowercase function error messages (#3435 by casey)
  • Reword readme (#3433 by casey)
  • Remove emacs Local Variables: block from justfile (#3432 by casey)

1.53.0

Added

Changed

... (truncated)

Changelog

Sourced from rust-just's changelog.

1.54.0 - 2026-06-22

Fixed

  • Forbid duplicate attribute keys (#3454 by casey)
  • Clear signal handler when infallible line catches signal (#3444 by casey)

Changed

  • Allow passing --dotenv-command multiple times (#3445 by casey)
  • Allow [arg] value to be expression (#3429 by casey)

Added

  • Add [continue] attribute (#3442 by casey)
  • Add --dotenv-command and set dotenv-command (#3441 by casey)

Cached Recipes

  • Add cache key to verbose output (#3465 by casey)
  • Add --no-cache flag (#3463 by casey)
  • Remove empty cache entries with just --clean (#3462 by casey)
  • Add just --clean instructions to readme (#3461 by casey)
  • Allow filtering --clean by recipe and module path (#3460 by casey)
  • Add --clean subcommand for clearing recipe cache (#3459 by casey)
  • Include recipe name in cache entries (#3457 by casey)
  • Add extra user-supplied cache key (#3456 by casey)
  • Fix working directory cache key (#3455 by casey)
  • Add output files to cached recipes (#3453 by casey)
  • Add file inputs to cached recipes (#3452 by casey)
  • Use body lines in cache key (#3451 by casey)
  • Use recipe body in cache key instead of lines (#3447 by casey)
  • Add additional cache keys (#3446 by casey)
  • Add cached recipes (#3437 by casey)

Misc

  • Rename AttributeDiscriminant to AttributeKind (#3464 by casey)
  • Improve invalid shell recipe attribute error message (#3458 by casey)
  • Add Environment struct (#3450 by casey)
  • Remove Test::no_justfile() (#3449 by casey)
  • Use plural consistently in UnstableFeature enum (#3448 by casey)
  • Lowercase ctrl consistently (#3443 by casey)
  • Add activating environments section to readme (#3440 by casey)
  • Bump minimum-supported Rust version to 1.89.0 (#3438 by casey)
  • Make non-unicode error messages consistent (#3436 by casey)
  • Lowercase function error messages (#3435 by casey)
  • Reword readme (#3433 by casey)
  • Remove emacs Local Variables: block from justfile (#3432 by casey)

1.53.0 - 2026-06-16

Added

... (truncated)

Commits
  • 4aa242e Merge pull request #525 from gnpaone/sync-action
  • eb3d7c9 chore: sync files from source repo
  • b240ac6 Merge pull request #524 from gnpaone/sync-action
  • 0c3eeb8 chore: sync files from source repo
  • 0d0da14 Merge pull request #522 from gnpaone/dependabot/npm_and_yarn/npm/rust-just/ty...
  • 18b5e79 npm(deps-dev): bump @​typescript-eslint/parser in /npm/rust-just
  • fbebde5 Merge pull request #521 from gnpaone/sync-action
  • 49718f3 chore: sync files from source repo
  • 1e711c2 Merge pull request #519 from gnpaone/dependabot/github_actions/actions/checko...
  • 12e31f9 actions(deps): bump actions/checkout from 6 to 7
  • Additional commits viewable in compare view

Updates basedpyright from 1.39.6 to 1.39.8

Commits
  • fab7323 1.39.8
  • c685372 Avoid auto f-string conversion for raw strings
  • a55c2a4 docs: document typeCheckingMode off behavior
  • 61b9817 fix: clarify implicit abstract class diagnostic
  • 7dd1aaf fix default value in pythonPlatform documentation, which differs from upstream
  • c9a757d 1.39.7
  • d253d82 avoid duplicated capability registrations
  • 19c3545 fix empty semantic tokens response interfering with other language servers wh...
  • b018192 update baseline file
  • 15ee8f1 revert upstream's ai generated bash clusterfuck of an attempt at fixing the p...
  • Additional commits viewable in compare view

Updates zizmor from 1.25.2 to 1.26.1

Release notes

Sourced from zizmor's releases.

v1.26.1

This is a small corrective release for 1.26.0.

v1.26.0

New Features 🌈🔗

  • New audit: typosquat-uses detects uses: clauses that reference likely typoed actions (#1985)

    Many thanks to @​andrew for proposing and implementing this improvement!

  • New audit: unsound-ternary detects pseudo-ternary expressions that don't evaluate as expected (#2085)

    Many thanks to @​terror for proposing and implementing this improvement!

  • New audit: adhoc-packages detects run: steps that install packages in an ad-hoc manner (#2061)

    Many thanks to @​connorshea for proposing and implementing this improvement!

Enhancements 🌱🔗

Performance Improvements 🚄🔗

  • Most online audits are significantly faster, thanks to more precise retry handling (#2036) Bug Fixes 🐛🔗

  • Fixed a bug where zizmor's LSP would not recognize dependabot.yaml files in its default configuration (#2026)

    Many thanks to @​fionn for implementing this fix!

  • Fixed a bug where ref-version-mismatch would fail to fully match some version comments (#2040)

  • Fixed a bug where dependabot-cooldown would fail to honor the user's configured days when performing autofixes (#2055)

  • Steps and jobs gated by statically-false if: conditions (e.g. if: false, if: ${{ false }}) are now skipped during auditing, since they cannot execute (#2059, #2069)

  • Fixed a bug where ref-version-mismatch would fail to identify some valid version comments (#2073)

  • Fixed a bug where unpinned-images would incorrectly flag empty matrix expansions as unpinned container image references (#2102)

  • Fixed a bug where unpinned-images would incorrectly flag some matrix expansions as unpinned (#2098)

  • The SARIF (--format=sarif) and GitHub Annotations (--format=github) output formats now provide more correct/useful paths, particularly when the user provides a relative path as input to zizmor rather than zizmor . (#1748, #2095)

... (truncated)

Changelog

Sourced from zizmor's changelog.

1.26.1

This is a small corrective release for 1.26.0.

1.26.0

New Features 🌈

  • New audit: [typosquat-uses] detects #!yaml uses: clauses that reference likely typoed actions (#1985)

    Many thanks to @​andrew for proposing and implementing this improvement!

  • New audit: [unsound-ternary] detects pseudo-ternary expressions that don't evaluate as expected (#2085)

    Many thanks to @​terror for proposing and implementing this improvement!

  • New audit: [adhoc-packages] detects #!yaml run: steps that install packages in an ad-hoc manner (#2061)

    Many thanks to @​connorshea for proposing and implementing this improvement!

Enhancements 🌱

  • The [cache-poisoning] audit now detects additional cache disablement heuristics (#2053)

  • The [known-vulnerable-actions] audit is now configurable. See the configuration documentation for details (#2084)

  • The [excessive-permissions] audit is now aware of the code-quality permission (#2088)

  • The [unpinned-uses] audit's auto-fix now uses the fully qualified version tag (e.g. # v6.0.2) when fixing a major-version ref (e.g. @v6) (#2127)

Performance Improvements 🚄

  • Most online audits are significantly faster, thanks to more precise retry handling (#2036)

Bug Fixes 🐛

  • Fixed a bug where zizmor's LSP would not recognize dependabot.yaml files in its default configuration (#2026)

    Many thanks to @​fionn for implementing this fix!

  • Fixed a bug where [ref-version-mismatch] would fail to fully match some version comments (#2040)

... (truncated)

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Jul 1, 2026
@github-actions github-actions Bot enabled auto-merge (squash) July 1, 2026 23:28
@Synss

Synss commented Jul 2, 2026

Copy link
Copy Markdown
Owner

@dependabot recreate

…6 updates

Bumps the all-dependencies group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [portage](https://github.com/gentoo/portage) | `3.0.78` | `3.0.81` |
| [pytest](https://github.com/pytest-dev/pytest) | `9.0.3` | `9.1.1` |
| [ruff](https://github.com/astral-sh/ruff) | `0.15.15` | `0.15.19` |
| [rust-just](https://github.com/gnpaone/rust-just) | `1.51.0` | `1.54.0` |
| [basedpyright](https://github.com/detachhead/basedpyright) | `1.39.6` | `1.39.8` |
| [zizmor](https://github.com/zizmorcore/zizmor) | `1.25.2` | `1.26.1` |



Updates `portage` from 3.0.78 to 3.0.81
- [Changelog](https://github.com/gentoo/portage/blob/master/NEWS)
- [Commits](gentoo/portage@portage-3.0.78...portage-3.0.81)

Updates `pytest` from 9.0.3 to 9.1.1
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](pytest-dev/pytest@9.0.3...9.1.1)

Updates `ruff` from 0.15.15 to 0.15.19
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.15...0.15.19)

Updates `rust-just` from 1.51.0 to 1.54.0
- [Release notes](https://github.com/gnpaone/rust-just/releases)
- [Changelog](https://github.com/gnpaone/rust-just/blob/master/CHANGELOG.md)
- [Commits](gnpaone/rust-just@1.51.0...1.54.0)

Updates `basedpyright` from 1.39.6 to 1.39.8
- [Release notes](https://github.com/detachhead/basedpyright/releases)
- [Commits](DetachHead/basedpyright@v1.39.6...v1.39.8)

Updates `zizmor` from 1.25.2 to 1.26.1
- [Release notes](https://github.com/zizmorcore/zizmor/releases)
- [Changelog](https://github.com/zizmorcore/zizmor/blob/main/docs/release-notes.md)
- [Commits](zizmorcore/zizmor@v1.25.2...v1.26.1)

---
updated-dependencies:
- dependency-name: basedpyright
  dependency-version: 1.39.8
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: portage
  dependency-version: 3.0.81
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: pytest
  dependency-version: 9.1.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: ruff
  dependency-version: 0.15.19
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: rust-just
  dependency-version: 1.54.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: zizmor
  dependency-version: 1.26.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title build(deps): bump the all-dependencies group with 6 updates build(deps): bump the all-dependencies group across 1 directory with 6 updates Jul 2, 2026
@dependabot dependabot Bot force-pushed the dependabot/uv/all-dependencies-3dfd0f6fca branch from 9a336e3 to 9b0d31e Compare July 2, 2026 05:23
@github-actions github-actions Bot merged commit 84ee054 into main Jul 2, 2026
9 checks passed
@dependabot dependabot Bot deleted the dependabot/uv/all-dependencies-3dfd0f6fca branch July 2, 2026 05:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant