Skip to content

chore: bump the pip-minor-patch group across 1 directory with 3 updates#46

Open
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/pip/pip-minor-patch-feb86f2f4b
Open

chore: bump the pip-minor-patch group across 1 directory with 3 updates#46
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/pip/pip-minor-patch-feb86f2f4b

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Jun 1, 2026

Bumps the pip-minor-patch group with 3 updates in the / directory: requests, apprise and click.

Updates requests from 2.33.1 to 2.34.2

Release notes

Sourced from requests's releases.

v2.34.2

2.34.2 (2026-05-14)

  • Moved headers input type back to Mapping to avoid invariance issues with MutableMapping and inferred dict types. Users calling Request.headers.update() may need to narrow typing in their code. (#7441)

Full Changelog: https://github.com/psf/requests/blob/main/HISTORY.md#2342-2026-05-14

v2.34.1

2.34.1 (2026-05-13)

Bugfixes

  • Widened json input type from dict and list to Mapping and Sequence. (#7436)
  • Changed headers input type to MutableMapping and removed None from Request.headers typing to improve handling for users. (#7431)
  • Response.reason moved from str | None to str to improve handling for users. (#7437)
  • Fixed a bug where some bodies with custom __getattr__ implementations weren't being properly detected as Iterables. (#7433)

New Contributors

Full Changelog: https://github.com/psf/requests/blob/main/HISTORY.md#2341-2026-05-13

v2.34.0

2.34.0 (2026-05-11)

Announcements

  • Requests 2.34.0 introduces inline types, replacing those provided by typeshed. Public API types should be fully compatible with mypy, pyright, and ty. We believe types are comprehensive but if you find issues, please report them to the pinned tracking issue.

    Special thanks to @​bastimeyer, @​cthoyt, @​edgarrmondragon, and @​srittau for helping review and test the types ahead of the release. (#7272)

Improvements

  • Digest Auth hashing algorithms have added usedforsecurity=False to clarify security considerations. (#7310)
  • Requests added support for Python 3.15 based on beta1. Downstream projects should be able to start testing prior to its release in October. (#7422)
  • Requests added support for Python 3.14t. (#7419)

Bugfixes

  • Response.history no longer contains a reference to itself, preventing accidental looping when traversing the history list. (#7328)
  • Requests no longer performs greedy matching on no_proxy domains. The

... (truncated)

Changelog

Sourced from requests's changelog.

2.34.2 (2026-05-14)

  • Moved headers input type back to Mapping to avoid invariance issues with MutableMapping and inferred dict types. Users calling Request.headers.update() may need to narrow typing in their code. (#7441)

2.34.1 (2026-05-13)

Bugfixes

  • Widened json input type from dict and list to Mapping and Sequence. (#7436)
  • Changed headers input type to MutableMapping and removed None from Request.headers typing to improve handling for users. (#7431)
  • Response.reason moved from str | None to str to improve handling for users. (#7437)
  • Fixed a bug where some bodies with custom __getattr__ implementations weren't being properly detected as Iterables. (#7433)

2.34.0 (2026-05-11)

Announcements

  • Requests 2.34.0 introduces inline types, replacing those provided by typeshed. Public API types should be fully compatible with mypy, pyright, and ty. We believe types are comprehensive but if you find issues, please report them to the pinned tracking issue.

    Special thanks to @​bastimeyer, @​cthoyt, @​edgarrmondragon, and @​srittau for helping review and test the types ahead of the release. (#7272)

Improvements

  • Digest Auth hashing algorithms have added usedforsecurity=False to clarify security considerations. (#7310)
  • Requests added support for Python 3.15 based on beta1. Downstream projects should be able to start testing prior to its release in October. (#7422)
  • Requests added support for Python 3.14t. (#7419)

Bugfixes

  • Response.history no longer contains a reference to itself, preventing accidental looping when traversing the history list. (#7328)
  • Requests no longer performs greedy matching on no_proxy domains. The proxy_bypass implementation has been updated with CPython's fix from bpo-39057. (#7427)
  • Requests no longer incorrectly strips duplicate leading slashes in URI paths. This should address user issues with specific presigned URLs. Note the full fix requires urllib3 2.7.0+. (#7315)
Commits

Updates apprise from 1.10.0 to 1.11.0

Release notes

Sourced from apprise's releases.

Release v1.11.0

What's Changed

A big win for this release is priortization of grouped/tagged content. Basically, this release allows you to tag multiple items and provide a weight to them. Apprise will attempt to notify the highest priority/weighted services first (of same level), and only if this level fails will it try the next. Tagging is no longer just a tag. It's now weight:tag too; for example 100:friends associates the weight of 100 with the tag friends. You can still continue to notify friends with your Apprise calls, but if there are weight categories, then these will be factored into the order. Highest priority (weighted) tags have a lower integer value (zero being the higest priority). Only the next priority will be notified if the first fails.

This releae also allows you to set up a notifiation service to gracefully fail and not have Apprise itself report a failure. This is useful for situations where you notify several end points and you really don't care if they're unavailable or not. Apprise wil do it's usual best effort to send the notification, but not treat it as a failure if it can't get through. Use optional=yes on your Apprise URL.

Thirdly, this release introduces retries! You can now have Apprise attempt to notify your endpoint a second, or a third, (up to 10x) tries before giving up and deeming it unable to send the notification. Use retry=X on your Apprise URL

📣 New Notification Services:

🐞 Bugfixes

💡 Features

❤️ Life-Cycle Support

Installation

Apprise is available on PyPI through pip:

# Install Apprise v1.11.0 from PyPI
pip install apprise==1.11.0

... (truncated)

Commits

Updates click from 8.3.3 to 8.4.1

Release notes

Sourced from click's releases.

8.4.1

This is the Click 8.4.1 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/click/8.4.1/ Changes: https://click.palletsprojects.com/page/changes/#version-8-4-1 Milestone: https://github.com/pallets/click/milestone/32?closed=1

  • get_parameter_source() is available during eager callbacks and type conversion again. #3458 #3484
  • Zsh completion scripts parse correctly on Windows. #3277 # 3466
  • Shell completion of Choice Enum values produces a valid completion result. #3015
  • Fix empty byte-string handling in echo. #3487
  • Fix closed file error with echo_via_pager. #3449

8.4.0

This is the Click 8.4.0 feature release. A feature release may include new features, remove previously deprecated code, add new deprecation, or introduce potentially breaking changes.

We encourage everyone to upgrade. You can read more about our Version Support Policy on our website.

PyPI: https://pypi.org/project/click/8.4.0/ Changes: https://click.palletsprojects.com/page/changes/#version-8-4-0 Milestone https://github.com/pallets/click/milestone/30

  • ParamType typing improvements. #3371

    • :class:ParamType is now a generic abstract base class, parameterized by its converted value type.
    • :meth:~ParamType.convert return types are narrowed on all concrete types (str for :class:STRING, int for :class:INT, etc.).
    • :meth:~ParamType.to_info_dict returns specific :class:~typing.TypedDict subclasses instead of dict[str, Any].
    • :class:CompositeParamType and the number-range base are now generic with abstract methods.

  • Refactor convert_type to extract type inference into a private _guess_type helper, and add :func:typing.overload signatures. #3372

  • Parameter typing improvements. #2805

    • :class:Parameter is now an abstract base class, making explicit that it cannot be instantiated directly.
    • :attr:Parameter.name is now str instead of str | None. When expose_value=False, the name is set to "" instead of None.
    • The ctx parameter of :meth:Parameter.get_error_hint is now typed as Context | None, matching the runtime behavior.

  • Split string values from default_map for parameters with nargs > 1 or :class:Tuple type, matching environment variable behavior.

... (truncated)

Changelog

Sourced from click's changelog.

Version 8.4.1

Released 2026-05-21

  • get_parameter_source() is available during eager callbacks and type conversion again. :issue:3458 :issue:3484
  • Zsh completion scripts parse correctly on Windows. :issue:3277 :pr:3466
  • Shell completion of Choice Enum values produces a valid completion result. :issue:3015
  • Fix empty byte-string handling in echo. :issue:3487
  • Fix closed file error with echo_via_pager. :issue:3449

Version 8.4.0

Released 2026-05-17

  • :class:ParamType typing improvements. :pr:3371

    • :class:ParamType is now a generic abstract base class, parameterized by its converted value type.
    • :meth:~ParamType.convert return types are narrowed on all concrete types (str for :class:STRING, int for :class:INT, etc.).
    • :meth:~ParamType.to_info_dict returns specific :class:~typing.TypedDict subclasses instead of dict[str, Any].
    • :class:CompositeParamType and the number-range base are now generic with abstract methods.

  • Refactor convert_type to extract type inference into a private _guess_type helper, and add :func:typing.overload signatures. :pr:3372

  • :class:Parameter typing improvements. :pr:2805

    • :class:Parameter is now an abstract base class, making explicit that it cannot be instantiated directly.
    • :attr:Parameter.name is now str instead of str | None. When expose_value=False, the name is set to "" instead of None.
    • The ctx parameter of :meth:Parameter.get_error_hint is now typed as Context | None, matching the runtime behavior.

  • Split string values from default_map for parameters with nargs > 1 or :class:Tuple type, matching environment variable behavior. :issue:2745 :pr:3364

  • Auto-detect type=UNPROCESSED for flag_value of non-basic types (not str, int, float, or bool), so programmer-provided Python objects like classes and enum members are passed through unchanged instead of being stringified. Previously type=click.UNPROCESSED had to be set explicitly. :issue:2012 :pr:3363

... (truncated)

Commits
  • 6eeb50e release version 8.4.1
  • 67921d5 change log and doc fixes (#3495)
  • 9c41f46 Fix changelog and version admonitions
  • 6cb3477 fix skip condition
  • 5ee8e31 fix I/O operation on closed file error with CliRunner and echo_via_pager (#3482)
  • becbde5 pager doesn't close std streams
  • a5f5aa6 Handle empty bytes in echo (#3493)
  • 4d3db84 handle empty bytes in echo
  • d42f15b Fix get_parameter_source() during type conversion and eager callbacks (#3484)
  • 0baa8db Document ctx.params bypass with test and doc
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore: bump the pip-minor-patch group across 1 directory with 3 updates
8d8452f 
Bumps the pip-minor-patch group with 3 updates in the / directory: [requests](https://github.com/psf/requests), [apprise](https://github.com/caronc/apprise) and [click](https://github.com/pallets/click).


Updates `requests` from 2.33.1 to 2.34.2
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](psf/requests@v2.33.1...v2.34.2)

Updates `apprise` from 1.10.0 to 1.11.0
- [Release notes](https://github.com/caronc/apprise/releases)
- [Commits](caronc/apprise@v1.10.0...v1.11.0)

Updates `click` from 8.3.3 to 8.4.1
- [Release notes](https://github.com/pallets/click/releases)
- [Changelog](https://github.com/pallets/click/blob/main/CHANGES.rst)
- [Commits](pallets/click@8.3.3...8.4.1)

---
updated-dependencies:
- dependency-name: requests
  dependency-version: 2.34.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-minor-patch
- dependency-name: apprise
  dependency-version: 1.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-minor-patch
- dependency-name: click
  dependency-version: 8.4.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-minor-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Jun 1, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants