Skip to content

Bump the all-pip-updates group across 3 directories with 30 updates#69589

Closed
dependabot[bot] wants to merge 2 commits into
3007.xfrom
dependabot/pip/3007.x/all-pip-updates-c32671b733
Closed

Bump the all-pip-updates group across 3 directories with 30 updates#69589
dependabot[bot] wants to merge 2 commits into
3007.xfrom
dependabot/pip/3007.x/all-pip-updates-c32671b733

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 27, 2026

Copy link
Copy Markdown
Contributor

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.


Updates the requirements on pip, pytest, more-itertools, certifi, cryptography, jaraco-functools, jaraco-context, multidict, msgpack, psutil, pymssql, pyopenssl, pythonnet, requests, tornado, virtualenv, filelock, zipp, setuptools-scm, pyzmq, build, pylint, boto3, botocore, pynacl, vcert, xmldiff, pygit2, ansible and python-telegram-bot to permit the latest version.
Updates pip from 26.0.1 to 26.1.2

Changelog

Sourced from pip's changelog.

26.1.2 (2026-05-31)

Bug Fixes

  • Reject console_scripts and gui_scripts entry points whose name would install a script outside the scripts directory. ([#14000](https://github.com/pypa/pip/issues/14000) <https://github.com/pypa/pip/issues/14000>_)
  • Fix installation incorrectly failing when the target path contains a doubled slash, such as with pip install --root //.... ([#14001](https://github.com/pypa/pip/issues/14001) <https://github.com/pypa/pip/issues/14001>_)
  • Send a consistent Accept-Encoding header to avoid a spurious Cache entry deserialization failed warning. ([#14012](https://github.com/pypa/pip/issues/14012) <https://github.com/pypa/pip/issues/14012>_)

26.1.1 (2026-05-04)

Bug Fixes

  • Fix issue where uninstallation left behind empty directories. Revert the removal of the adjacent __pycache__ directory when a .py file is removed. ([#13973](https://github.com/pypa/pip/issues/13973) <https://github.com/pypa/pip/issues/13973>_)

26.1 (2026-04-26)

Deprecations and Removals

  • Drop support for Python 3.9. ([#13795](https://github.com/pypa/pip/issues/13795) <https://github.com/pypa/pip/issues/13795>_)

Features

  • Add experimental support to read requirements from standardized pylock.toml files (-r pylock.toml). ([#13876](https://github.com/pypa/pip/issues/13876) <https://github.com/pypa/pip/issues/13876>_)
  • Allow --uploaded-prior-to to accept a duration in days (e.g., P3D for 3 days ago). ([#13674](https://github.com/pypa/pip/issues/13674) <https://github.com/pypa/pip/issues/13674>_)

Enhancements

  • Speed up dependency resolution when there are complex conflicts. ([#13859](https://github.com/pypa/pip/issues/13859) <https://github.com/pypa/pip/issues/13859>_)
  • Reduce memory usage when resolving large dependency trees. ([#13843](https://github.com/pypa/pip/issues/13843) <https://github.com/pypa/pip/issues/13843>_)
  • Emit a deprecation warning when pip imports an unexpected module after installation of a distribution has started. ([#13912](https://github.com/pypa/pip/issues/13912) <https://github.com/pypa/pip/issues/13912>_)
  • Allow URL constraints to apply to requirements with extras. ([#12018](https://github.com/pypa/pip/issues/12018) <https://github.com/pypa/pip/issues/12018>_)
  • Allow unpinned requirements to use hashes from constraints. Constraints like {name}=={version} --hash=... feeds into hash verification for a corresponding requirement. ([#9243](https://github.com/pypa/pip/issues/9243) <https://github.com/pypa/pip/issues/9243>_)
  • Improve conflict reports that involve direct URLs. ([#13932](https://github.com/pypa/pip/issues/13932) <https://github.com/pypa/pip/issues/13932>_)
  • Show all errors instead of first error for faulty dependency_groups definitions. ([#13917](https://github.com/pypa/pip/issues/13917) <https://github.com/pypa/pip/issues/13917>_)

... (truncated)

Commits
  • 31d7d16 Bump for release
  • 79f348c Update AUTHORS.txt
  • 237a925 Merge pull request #14001 from notatallshaw/fix-is-within-directory
  • 34d0285 Merge pull request #14006 from laymonage/fix-requirements_from_scripts-space-...
  • 09d3e07 Merge pull request #14012 from notatallshaw/stable-accept-encoding
  • fa7854f Use is_within_directory for entry point check
  • d01b46c NEWS ENTRY
  • 7ff8bdd Fix is_within_directory for doubled-slash roots
  • 7ea3466 NEWS ENTRY
  • 85673ea Fix Accept-Encoding to gzip, deflate
  • Additional commits viewable in compare view

Updates pytest to 9.1.1

Release notes

Sourced from pytest's releases.

9.1.1

pytest 9.1.1 (2026-06-19)

Bug fixes

  • #14220: Fixed a logic bug in pytest.RaisesGroup which would might cause it to display incorrect "It matches FooError() which was paired with BarError" messages.
  • #14591: Fixed a regression in pytest 9.1.0 which caused overriding a parametrized fixture with an indirect @​pytest.mark.parametrize to fail with "duplicate parametrization of '<fixture name>'".
  • #14606: Fixed list-item typing errors from mypy in @pytest.mark.parametrize <pytest.mark.parametrize ref> argvalues parameter.
  • #14608: Fixed a regression in pytest 9.1.0 where conftest.py files located in <invocation dir>/test* were no longer loaded as initial conftests when invoked without arguments. This could cause certain hooks (like pytest_addoption) in these files to not fire.
Commits
  • cf470ec Prepare release version 9.1.1
  • e0c8ce6 Merge pull request #14625 from pytest-dev/patchback/backports/9.1.x/a07c31a97...
  • 1b82d16 Merge pull request #14624 from pytest-dev/patchback/backports/9.1.x/b375b79ec...
  • 501c4bc Merge pull request #14596 from bluetech/doc-classmethod
  • b61f588 Merge pull request #14622 from chrisburr/fix-14608-initial-conftest-test-subdir
  • 9a567e0 [automated] Update plugin list (#14617) (#14618)
  • ef8b299 Merge pull request #14620 from pytest-dev/patchback/backports/9.1.x/680f9f3ed...
  • 66abd07 Merge pull request #14220 from bysiber/fix-stale-iexp-raisesgroup
  • 79fbf93 Merge pull request #14612 from pytest-dev/patchback/backports/9.1.x/974ed48b6...
  • 0d312eb Merge pull request #14611 from bluetech/parametrize-argvalues-typing
  • Additional commits viewable in compare view

Updates more-itertools to 11.1.0

Release notes

Sourced from more-itertools's releases.

Version 11.1.0

Changes:

  • numeric_range was updated to fix its handling of empty ranges (thanks to rhettinger)
  • peekable was updated to fix typing issues (thanks to DORI2001, powellnorma, Pandede, m9810223, and rhettinger)
  • islice_extended was optimized for memory usage and speed (thanks to ben42code, rhettinger, and pochmann)
  • serialize now supports the generator methods throw, send, and close (thanks to rhettinger)
  • seekable now supports implements __getitem__ for cached elements (thanks to SAY-5, jenstroeger, and JamesParrott)
Commits
  • 64be96c Merge pull request #1159 from more-itertools/version-11.1.0
  • 03a08ec Changes for version 11.1.0
  • 9af73b9 Bump version: 11.0.2 → 11.1.0
  • 264b18d Merge pull request #1158 from SAY-5/seekable-getitem
  • ba7ef94 Add seekable.getitem to access the internal cache
  • 18d9889 Merge pull request #1157 from rhettinger/expand_serialize
  • c7b870a Add tests
  • fb6923e Update stub
  • 1c85ece Make attributes private. Support all generator methods.
  • bd8475c Merge pull request #1155 from rhettinger/optimize_islice_extended
  • Additional commits viewable in compare view

Updates certifi to 2026.6.17

Commits

Updates cryptography to 49.0.0

Changelog

Sourced from cryptography's changelog.

49.0.0 - 2026-06-12


* **BACKWARDS INCOMPATIBLE:** Support for ``x86_64`` macOS has been removed.
  We now only publish ``arm64`` wheels for macOS.
* **BACKWARDS INCOMPATIBLE:** Support for 32-bit Windows has been removed.
  Users should move to a 64-bit Python installation.
* **BACKWARDS INCOMPATIBLE:** Removed the deprecated
  ``PUBLIC_KEY_TYPES``, ``PRIVATE_KEY_TYPES``,
  ``CERTIFICATE_PRIVATE_KEY_TYPES``, ``CERTIFICATE_ISSUER_PUBLIC_KEY_TYPES``,
  and ``CERTIFICATE_PUBLIC_KEY_TYPES`` type aliases. Use
  ``PublicKeyTypes``, ``PrivateKeyTypes``, ``CertificateIssuerPrivateKeyTypes``,
  ``CertificateIssuerPublicKeyTypes``, and ``CertificatePublicKeyTypes``
  instead. These were deprecated in version 40.0.
* **BACKWARDS INCOMPATIBLE:** :class:`~cryptography.hazmat.primitives.ciphers.algorithms.ChaCha20`
  now treats the first 4 bytes of the ``nonce`` as a 32-bit little-endian block
  counter (as defined in :rfc:`7539`) and tracks the number of bytes processed.
  Attempting to encrypt or decrypt more data than the counter allows before it
  would overflow now raises a :class:`ValueError` rather than silently diverging
  from RFC 7539. Setting the counter portion of the ``nonce`` to zero allows
  encrypting up to 256 GiB with a given nonce.
* **BACKWARDS INCOMPATIBLE:** Loading an X.509 certificate whose ECDSA or DSA
  signature ``AlgorithmIdentifier`` contains encoded NULL parameters now raises
  a :class:`ValueError`. Such certificates are invalid, but older versions of
  Java emitted them; previously they loaded with a deprecation warning.
* Fixed cross-compilation of the CFFI bindings when ``PYO3_CROSS_LIB_DIR``
  is set. The build now derives the Python include directory from
  ``PYO3_CROSS_LIB_DIR`` instead of querying the host interpreter, which
  previously caused the build to fail during cross-compilations for embedded
  systems, on hosts which have same-version Python development headers
  installed as the target Python.
* Added support for signing and verifying X.509 certificates, certificate
  signing requests, and certificate revocation lists with
  :doc:`/hazmat/primitives/asymmetric/mldsa` keys, as well as loading
  certificates that contain ML-DSA public keys.
* Added :meth:`~cryptography.hazmat.primitives.hpke.KEM.enc_length` to
  :class:`~cryptography.hazmat.primitives.hpke.KEM` so callers can split the
  encapsulated key from the ciphertext returned by
  :meth:`~cryptography.hazmat.primitives.hpke.Suite.encrypt`.
* :meth:`~cryptography.x509.verification.ExtensionPolicy.require_present`,
  :meth:`~cryptography.x509.verification.ExtensionPolicy.may_be_present`, and
  :meth:`~cryptography.x509.verification.ExtensionPolicy.require_not_present`
  now accept any extension type. Previously only a fixed set of extension
  types was supported, which made it impossible to account for otherwise
  unrecognized critical extensions during path validation.
* Added support for using :class:`~cryptography.x509.Certificate`,
  :class:`~cryptography.x509.CertificateSigningRequest`, and
  :class:`~cryptography.x509.CertificateRevocationList` as field types in
  :doc:`/hazmat/asn1/index` structures.
* Added :func:`~cryptography.hazmat.asn1.value_set`, a class decorator that
</tr></table> 

... (truncated)

Commits
  • e300bbe bump version and changelog for 49.0.0 (#15030)
  • fa74cd8 Add external mu (message representative) support for ML-DSA (#14979)
  • f594db3 chore(deps): bump openssl from 0.10.80 to 0.10.81 (#15029)
  • 608e011 chore(deps): bump openssl-sys from 0.9.116 to 0.9.117 (#15028)
  • a322bc4 chore(deps): bump cc from 1.2.63 to 1.2.64 (#15027)
  • 33181a7 Reject critical nameConstraints extensions containing directoryName constrain...
  • 6080dc7 Bump dependencies that dependabot isn't (#15026)
  • 121faa3 chore(deps): bump virtualenv from 21.4.2 to 21.4.3 (#15023)
  • 829520b Add more robust processing for DH parameters. (#15016)
  • 0f05001 Bump downstream dependencies in CI (#15025)
  • Additional commits viewable in compare view

Updates jaraco-functools to 4.5.0

Changelog

Sourced from jaraco-functools's changelog.

v4.5.0

Features

  • bypass_when and bypass_unless now accept callable checks and evaluate them on each invocation instead of binding only at decoration time. (#36)

v4.4.0

Features

  • Add noop.

v4.3.0

Features

  • Add none_as function.

v4.2.1

No significant changes.

v4.2.0

Features

  • Add 'passthrough' function.

Bugfixes

  • Added missing splat in stubs -- by :user:Avasam (#29)

v4.1.0

... (truncated)

Commits

Updates jaraco-context to 6.1.2

Changelog

Sourced from jaraco-context's changelog.

v6.1.2

No significant changes.

v6.1.1

No significant changes.

v6.1.0

Features

  • In tarfile.context, ensure that the default filter honors the data filter to avoid path traversal vulnerabilities.

v6.0.2

No significant changes.

v6.0.1

Bugfixes

  • Removed type declarations as suggested by Gemini. (#13)

v6.0.0

Bugfixes

  • Fixed bug in repo_context where standard output from git would not be hidden (because git emits standard output on the stderr stream).

Deprecations and Removals

  • Removed deprecated 'tarball_context', 'infer_compression', and 'null' contexts.

... (truncated)

Commits

Updates multidict to 6.7.1

Release notes

Sourced from multidict's releases.

6.7.1

Bug fixes

  • Fixed slow memory leak caused by identity by adding Py_DECREF to identity value before leaving md_pop_one on success -- by :user:Vizonex.

    Related issues and pull requests on GitHub: #1284.


Changelog

Sourced from multidict's changelog.

6.7.1

(2026-01-25)

Bug fixes

  • Fixed slow memory leak caused by identity by adding Py_DECREF to identity value before leaving md_pop_one on success -- by :user:Vizonex.

    Related issues and pull requests on GitHub: :issue:1284.


6.7.0

(2025-10-05)

Contributor-facing changes

  • Updated tests and added CI for CPython 3.14 -- by :user:kumaraditya303.

    Related issues and pull requests on GitHub: :issue:1235.


6.6.4

(2025-08-11)

Bug fixes

  • Fixed MutliDict & CIMultiDict memory leak when deleting values or clearing them -- by :user:Vizonex

    Related issues and pull requests on GitHub:

... (truncated)

Commits

Updates msgpack to 1.2.1

Release notes

Sourced from msgpack's releases.

v1.2.1

What's Changed

Full Changelog: msgpack/msgpack-python@v1.2.0...v1.2.1

Changelog

Sourced from msgpack's changelog.

1.2.1

Release Date: 2026-06-19

Fix a segfault when calling Unpacker.unpack() or Unpacker.skip() after an unpacking failure. But note that reusing the same Unpacker instance after an unpacking failure is not supported. Please create a new Unpacker instance instead. GHSA-6v7p-g79w-8964

1.2.0

Release Date: 2026-06-11

  • Support free threaded Python. #654, #686
  • Dropped support for Python 3.9. #656
  • Fix missing error checks in C code. #665, #666, #667, #672
  • Fix strict_map_key option didn't work for object_pairs_hook. #673
  • Increase DEFAULT_RECURSE_LIMIT of Unpacker to 1024. #676
  • Fix memory leak when Unpacker returns error for invalid input. #671
  • Fix Packer.pack_ext_type() ignored autoreset option. #663
  • Fix Timestamp.from_datetime() returning wrong value for pre-epoch datetimes. #662
  • Fix use-after-free in unpackb() and Unpacker.unpack() for non-contiguous input. #677
  • Fix possible memory leak when calling Unpacker.__init__() several times. #687

1.1.2

Release Date: 2025-10-08

This release does not change source code. It updates only building wheels:

  • Update Cython to v3.1.4
  • Update cibuildwheel to v3.2.0
  • Drop Python 3.8
  • Add Python 3.14
  • Add windows-arm

1.1.1

Release Date: 2025-06-13

  • No change from 1.1.1rc1.

1.1.1rc1

Release Date: 2025-06-06

  • Update Cython to 3.1.1 and cibuildwheel to 2.23.3.

... (truncated)

Commits
  • 448d43f release v1.2.1 (#698)
  • 2c56ddb Merge commit from fork
  • 0f4f350 Bump pypa/cibuildwheel from 4.0.0 to 4.1.0 in the all-dependencies group (#694)
  • 11ed0a5 release v1.2.0 (#692)
  • c410a38 Bump pypa/cibuildwheel from 3.4.1 to 4.0.0 (#691)
  • 97ba6ca skip ci: remove unneeded CIBW_SKIP option
  • cdde1b0 Wheels CI hangs for MacOS Intel (#689)
  • 5eb57e1 release v1.2.0rc1 (#681)
  • 77395c1 Harden Unpacker.__init__ re-entry cleanup to prevent buffer/context leaks (...
  • 7df7136 Guard Packer buffer protocol hooks with Cython critical sections (#686)
  • Additional commits viewable in compare view

Updates psutil to 7.2.2

Changelog

Sourced from psutil's changelog.

7.2.2 — 2026-01-28 ^^^^^^^^^^^^^^^^^^

Enhancements

  • :gh:2705: [Linux]: :meth:Process.wait now uses pidfd_open() + poll() (no busy loop). Requires Linux >= 5.3 and Python >= 3.9.
  • :gh:2705: [macOS], [BSD]: :meth:Process.wait now uses kqueue() (no busy loop).

Bug fixes

  • :gh:2701, [macOS]: fix compilation error on macOS < 10.7. (patch by :user:Sergey Fedorov <barracuda156>)
  • :gh:2707, [macOS]: fix potential memory leaks in error paths of :meth:Process.memory_full_info and :meth:Process.threads.
  • :gh:2708, [macOS]: :meth:Process.cmdline and :meth:Process.environ may fail with OSError: [Errno 0] Undefined error (from sysctl(KERN_PROCARGS2)). They now raise :exc:AccessDenied instead.

7.2.1 — 2025-12-29 ^^^^^^^^^^^^^^^^^^

Bug fixes

  • :gh:2699, [FreeBSD], [NetBSD]: :func:heap_info does not detect small allocations (<= 1K). In order to fix that, we now flush internal jemalloc cache before fetching the metrics.

7.2.0 — 2025-12-23 ^^^^^^^^^^^^^^^^^^

Enhancements

  • :gh:1275: new :func:heap_info and :func:heap_trim functions, providing direct access to the platform's native C :term:heap allocator (glibc, mimalloc, libmalloc). Useful to create tools to detect memory leaks.
  • :gh:2403, [Linux]: publish wheels for Linux musl.
  • :gh:2680: unit tests are no longer installed / part of the distribution. They now live under tests/ instead of psutil/tests.

Bug fixes

  • :gh:2684, [FreeBSD], [critical]: compilation fails on FreeBSD 14 due to missing include.
  • :gh:2691, [Windows]: fix memory leak in :func:net_if_stats due to missing Py_CLEAR.

Compatibility notes

... (truncated)

Commits
  • 9eea97d Pre-release
  • 938ac64 Rm sphinxcontrib.googleanalytics; override layout.html
  • 9dcbb7e Add sphinxcontrib-googleanalytics to requirements.txt
  • 76eaf9a Try to add google analytics to doc
  • de1cafa Update doc mentioning Process.wait() internal details
  • bb30943 Refact can_use_pidfd_open() and can_use_kqueue()
  • a571717 #2708, macos / cmdline / environ; raise AD instead of OSError(0) (#2709)
  • 8b98c3e Pre-release
  • 700b7e6 [macOS] fix potential leaks in error paths (#2707)
  • 7cc7923 Windows / cmdline(): be more defensive in free()ing in case of error
  • Additional commits viewable in compare view

Updates pymssql from 2.3.11 to 2.3.13

Release notes

Sourced from pymssql's releases.

pymssql 2.0 greenish

Experimental support for greening for gevent, etc.

Changelog

Sourced from pymssql's changelog.

Version 2.3.13 - 2026-02-13 - Mikhail Terekhov

General

  • Fix type stubs with generics, overloads, and corrected types, thanks to jacks0n.

Version 2.3.12 - 2026-02-10 - Mikhail Terekhov

General

Commits

Updates pyopenssl to 26.3.0

Changelog

Sourced from pyopenssl's changelog.

26.3.0 (2026-06-12)

Backward-incompatible changes: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • Dropped support for Python 3.8.
  • The minimum cryptography version is now 49.0.0.
  • Removed deprecated OpenSSL.crypto.X509Req, OpenSSL.crypto.dump_certificate_request, and OpenSSL.crypto.load_certificate_request. cryptography.x509 should be used instead.
  • OpenSSL.SSL.Connection.set_session now raises ValueError if the Session was obtained from a Connection that was using a different Context than this one. OpenSSL requires (but does not verify) that sessions only be re-used with a compatible SSL_CTX, so this contract is now enforced.

Deprecations: ^^^^^^^^^^^^^

  • Deprecated OpenSSL.crypto.PKey.generate_key and OpenSSL.crypto.PKey.check. The key generation and loading APIs in cryptography should be used instead.
  • Deprecated OpenSSL.crypto.dump_privatekey. The serialization APIs on cryptography private key types should be used instead.
  • Deprecated all the mutable APIs on OpenSSL.crypto.X509: set_version, set_pubkey, sign, set_serial_number, gmtime_adj_notAfter, gmtime_adj_notBefore, set_notBefore, set_notAfter, set_issuer, and set_subject. cryptography.x509.CertificateBuilder should be used instead.
  • Deprecated OpenSSL.SSL.Context.set_passwd_cb. Users should decrypt and load their private keys themselves, with cryptography's key loading APIs, and then call OpenSSL.SSL.Context.use_privatekey.
  • Deprecated OpenSSL.crypto.X509Name, as well as the remaining APIs that consume or return it: OpenSSL.crypto.X509.get_issuer, OpenSSL.crypto.X509.get_subject, and OpenSSL.SSL.Context.set_client_ca_list. The APIs in cryptography.x509 should be used instead.

Changes: ^^^^^^^^

  • OpenSSL.SSL.Connection.get_client_ca_list now takes an as_cryptography keyword-argument. When True is passed then cryptography.x509.Name are returned, instead of OpenSSL.crypto.X509Name. In the future, passing False (the default) will be deprecated.

26.2.0 (2026-05-04)

Backward-incompatible changes: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • Removed deprecated OpenSSL.crypto.X509Extension, OpenSSL.crypto.X509Req.add_extension, OpenSSL.crypto.X509Req.get_extensions, OpenSSL.crypto.X509.add_extension, OpenSSL.crypto.X509.get_extensions. cryptography.x509 should be used instead.
  • It is now an error to calling any mutating method on OpenSSL.SSL.Context after it has been used to create a Connection. This was previously deprecated and has always been unsafe.

Deprecations: ^^^^^^^^^^^^^

Changes: ^^^^^^^^

  • Maximum supported cryptography version is now 48.x.
  • Added OpenSSL.SSL.Connection.set_options to set options on a per-connection basis.

26.1.0 (2026-04-24)

Backward-incompatible changes: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

... (truncated)

Commits
  • a34aa1d Prepare 26.3.0 release (#1515)
  • 24db880 Deprecate X509Name and the remaining APIs that consume or return it (#1514)
  • 1dc08be Add as_cryptography parameter to Connection.get_client_ca_list (#1508)
  • 55653a5 Require cryptography 49, drop Python 3.8 (#1513)
  • 9bad760 Remove deprecated CSR functionality (#1507)
  • 98ca874 Enforce that Session is only re-used with the Context it came from (#1512)
  • cbcb1da Deprecate Context.set_passwd_cb (#1511)
  • 3b9d07d Deprecate all the mutable APIs on X509 (#1510)
  • e096920 Deprecate PKey.generate_key, PKey.check, and dump_privatekey (#1509)
  • 7079d6d Fix zizmor findings in GitHub Actions workflows (#1506)
  • Additional commits viewable in compare view

Updates pythonnet to 3.1.0

Release notes

Sourced from pythonnet's releases.

v3.1.0

What's Changed

New Contributors

... (truncated)

Changelog

Sourced from pythonnet's changelog.

3.1.0 - 2026-05-23

Added

  • Support del obj[...] for types derived from IList<T> and IDictionary<K, V> (#2533)
  • Support for .NET Framework 4.6.1 (#2701)
  • Context manager protocol for .NET IDisposable types, allowing use of with statements for IDisposable objects (#2568)
  • Support for Python 3.14 (#2611)
  • Implement support for DLR get/set (#2706)

Changed

  • Derive Python (virtual) environment information (#2652)

Fixed

  • Fixed crash when trying to del clrObj[...] for non-arrays
  • ci: properly exclude job (#2542)
  • Properly detect availability of BinaryFormatter (#2639)
  • Support for .NET 10 SDK (#2684)
  • Fix wheel tags (

Updates the requirements on [pip](https://github.com/pypa/pip), [pytest](https://github.com/pytest-dev/pytest), [more-itertools](https://github.com/more-itertools/more-itertools), [certifi](https://github.com/certifi/python-certifi), [cryptography](https://github.com/pyca/cryptography), [jaraco-functools](https://github.com/jaraco/jaraco.functools), [jaraco-context](https://github.com/jaraco/jaraco.context), [multidict](https://github.com/aio-libs/multidict), [msgpack](https://github.com/msgpack/msgpack-python), [psutil](https://github.com/giampaolo/psutil), [pymssql](https://github.com/pymssql/pymssql), [pyopenssl](https://github.com/pyca/pyopenssl), [pythonnet](https://github.com/pythonnet/pythonnet), [requests](https://github.com/psf/requests), [tornado](https://github.com/tornadoweb/tornado), [virtualenv](https://github.com/pypa/virtualenv), [filelock](https://github.com/tox-dev/py-filelock), [zipp](https://github.com/jaraco/zipp), [setuptools-scm](https://github.com/pypa/setuptools-scm), [pyzmq](https://github.com/zeromq/pyzmq), [build](https://github.com/pypa/build), [pylint](https://github.com/pylint-dev/pylint), [boto3](https://github.com/boto/boto3), [botocore](https://github.com/boto/botocore), [pynacl](https://github.com/pyca/pynacl), [vcert](https://github.com/Venafi/vcert-python), [xmldiff](https://github.com/Shoobx/xmldiff), [pygit2](https://github.com/libgit2/pygit2), [ansible](https://github.com/ansible-community/ansible-build-data) and [python-telegram-bot](https://github.com/python-telegram-bot/python-telegram-bot) to permit the latest version.

Updates `pip` from 26.0.1 to 26.1.2
- [Changelog](https://github.com/pypa/pip/blob/main/NEWS.rst)
- [Commits](pypa/pip@26.0.1...26.1.2)

Updates `pytest` to 9.1.1
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](pytest-dev/pytest@8.4.2...9.1.1)

Updates `more-itertools` to 11.1.0
- [Release notes](https://github.com/more-itertools/more-itertools/releases)
- [Commits](more-itertools/more-itertools@v10.8.0...v11.1.0)

Updates `certifi` to 2026.6.17
- [Commits](certifi/python-certifi@2026.05.20...2026.06.17)

Updates `cryptography` to 49.0.0
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](pyca/cryptography@48.0.0...49.0.0)

Updates `jaraco-functools` to 4.5.0
- [Release notes](https://github.com/jaraco/jaraco.functools/releases)
- [Changelog](https://github.com/jaraco/jaraco.functools/blob/main/NEWS.rst)
- [Commits](jaraco/jaraco.functools@v4.4.0...v4.5.0)

Updates `jaraco-context` to 6.1.2
- [Release notes](https://github.com/jaraco/jaraco.context/releases)
- [Changelog](https://github.com/jaraco/jaraco.context/blob/main/NEWS.rst)
- [Commits](jaraco/jaraco.context@v6.1.1...v6.1.2)

Updates `multidict` to 6.7.1
- [Release notes](https://github.com/aio-libs/multidict/releases)
- [Changelog](https://github.com/aio-libs/multidict/blob/master/CHANGES.rst)
- [Commits](aio-libs/multidict@v6.6.0...v6.7.1)

Updates `msgpack` to 1.2.1
- [Release notes](https://github.com/msgpack/msgpack-python/releases)
- [Changelog](https://github.com/msgpack/msgpack-python/blob/main/CHANGELOG.md)
- [Commits](msgpack/msgpack-python@v1.1.2...v1.2.1)

Updates `psutil` to 7.2.2
- [Changelog](https://github.com/giampaolo/psutil/blob/master/docs/changelog.rst)
- [Commits](giampaolo/psutil@v5.0.0...v7.2.2)

Updates `pymssql` from 2.3.11 to 2.3.13
- [Release notes](https://github.com/pymssql/pymssql/releases)
- [Changelog](https://github.com/pymssql/pymssql/blob/master/ChangeLog.rst)
- [Commits](pymssql/pymssql@v2.3.11...v2.3.13)

Updates `pyopenssl` to 26.3.0
- [Changelog](https://github.com/pyca/pyopenssl/blob/main/CHANGELOG.rst)
- [Commits](pyca/pyopenssl@26.2.0...26.3.0)

Updates `pythonnet` to 3.1.0
- [Release notes](https://github.com/pythonnet/pythonnet/releases)
- [Changelog](https://github.com/pythonnet/pythonnet/blob/master/CHANGELOG.md)
- [Commits](pythonnet/pythonnet@v3.0.5...v3.1.0)

Updates `requests` to 2.34.2
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](psf/requests@v2.33.1...v2.34.2)

Updates `tornado` to 6.5.7
- [Changelog](https://github.com/tornadoweb/tornado/blob/master/docs/releases.rst)
- [Commits](tornadoweb/tornado@v6.5.6...v6.5.7)

Updates `virtualenv` to 21.5.1
- [Release notes](https://github.com/pypa/virtualenv/releases)
- [Changelog](https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst)
- [Commits](pypa/virtualenv@21.4.2...21.5.1)

Updates `filelock` to 3.29.4
- [Release notes](https://github.com/tox-dev/py-filelock/releases)
- [Changelog](https://github.com/tox-dev/filelock/blob/main/docs/changelog.rst)
- [Commits](tox-dev/filelock@3.29.1...3.29.4)

Updates `zipp` to 4.1.0
- [Release notes](https://github.com/jaraco/zipp/releases)
- [Changelog](https://github.com/jaraco/zipp/blob/main/NEWS.rst)
- [Commits](jaraco/zipp@v3.23.1...v4.1.0)

Updates `setuptools-scm` to 10.2.0
- [Release notes](https://github.com/pypa/setuptools-scm/releases)
- [Changelog](https://github.com/pypa/setuptools-scm/blob/main/RELEASE_SYSTEM.md)
- [Commits](pypa/setuptools-scm@0.1...setuptools-scm-v10.2.0)

Updates `pyzmq` to 27.1.0
- [Release notes](https://github.com/zeromq/pyzmq/releases)
- [Commits](zeromq/pyzmq@v25.1.2...v27.1.0)

Updates `build` to 1.5.0
- [Release notes](https://github.com/pypa/build/releases)
- [Changelog](https://github.com/pypa/build/blob/main/CHANGELOG.rst)
- [Commits](pypa/build@1.4.4...1.5.0)

Updates `cryptography` to 49.0.0
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](pyca/cryptography@48.0.0...49.0.0)

Updates `virtualenv` to 21.5.1
- [Release notes](https://github.com/pypa/virtualenv/releases)
- [Changelog](https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst)
- [Commits](pypa/virtualenv@21.4.2...21.5.1)

Updates `filelock` to 3.29.4
- [Release notes](https://github.com/tox-dev/py-filelock/releases)
- [Changelog](https://github.com/tox-dev/filelock/blob/main/docs/changelog.rst)
- [Commits](tox-dev/filelock@3.29.1...3.29.4)

Updates `pylint` to 4.0.6
- [Release notes](https://github.com/pylint-dev/pylint/releases)
- [Commits](pylint-dev/pylint@v3.1.0...v4.0.6)

Updates `boto3` to 1.43.36
- [Release notes](https://github.com/boto/boto3/releases)
- [Commits](boto/boto3@1.43.24...1.43.36)

Updates `botocore` to 1.43.36
- [Commits](boto/botocore@1.43.24...1.43.36)

Updates `pynacl` to 1.6.2
- [Changelog](https://github.com/pyca/pynacl/blob/main/CHANGELOG.rst)
- [Commits](pyca/pynacl@1.5.0...1.6.2)

Updates `vcert` to 0.20.0
- [Release notes](https://github.com/Venafi/vcert-python/releases)
- [Commits](https://github.com/Venafi/vcert-python/commits)

Updates `xmldiff` to 3.0
- [Release notes](https://github.com/Shoobx/xmldiff/releases)
- [Changelog](https://github.com/Shoobx/xmldiff/blob/master/CHANGES.rst)
- [Commits](Shoobx/xmldiff@2.7.0...3.0)

Updates `pygit2` to 1.19.3
- [Release notes](https://github.com/libgit2/pygit2/releases)
- [Changelog](https://github.com/libgit2/pygit2/blob/master/CHANGELOG.md)
- [Commits](libgit2/pygit2@v1.19.2...v1.19.3)

Updates `ansible` to 14.1.0
- [Changelog](https://github.com/ansible-community/ansible-build-data/blob/main/docs/release-process.md)
- [Commits](ansible-community/ansible-build-data@14.0.0...14.1.0)

Updates `python-telegram-bot` to 22.8
- [Release notes](https://github.com/python-telegram-bot/python-telegram-bot/releases)
- [Commits](python-telegram-bot/python-telegram-bot@v22.7...v22.8)

Updates `cryptography` to 49.0.0
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](pyca/cryptography@48.0.0...49.0.0)

Updates `pyopenssl` to 26.3.0
- [Changelog](https://github.com/pyca/pyopenssl/blob/main/CHANGELOG.rst)
- [Commits](pyca/pyopenssl@26.2.0...26.3.0)

---
updated-dependencies:
- dependency-name: pip
  dependency-version: 26.1.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-pip-updates
- dependency-name: pytest
  dependency-version: 9.1.1
  dependency-type: direct:production
  dependency-group: all-pip-updates
- dependency-name: more-itertools
  dependency-version: 11.1.0
  dependency-type: direct:production
  dependency-group: all-pip-updates
- dependency-name: certifi
  dependency-version: 2026.6.17
  dependency-type: direct:production
  dependency-group: all-pip-updates
- dependency-name: cryptography
  dependency-version: 49.0.0
  dependency-type: direct:production
  dependency-group: all-pip-updates
- dependency-name: jaraco-functools
  dependency-version: 4.5.0
  dependency-type: direct:production
  dependency-group: all-pip-updates
- dependency-name: jaraco-context
  dependency-version: 6.1.2
  dependency-type: direct:production
  dependency-group: all-pip-updates
- dependency-name: multidict
  dependency-version: 6.7.1
  dependency-type: direct:production
  dependency-group: all-pip-updates
- dependency-name: msgpack
  dependency-version: 1.2.1
  dependency-type: direct:production
  dependency-group: all-pip-updates
- dependency-name: psutil
  dependency-version: 7.2.2
  dependency-type: direct:production
  dependency-group: all-pip-updates
- dependency-name: pymssql
  dependency-version: 2.3.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-pip-updates
- dependency-name: pyopenssl
  dependency-version: 26.3.0
  dependency-type: direct:production
  dependency-group: all-pip-updates
- dependency-name: pythonnet
  dependency-version: 3.1.0
  dependency-type: direct:production
  dependency-group: all-pip-updates
- dependency-name: requests
  dependency-version: 2.34.2
  dependency-type: direct:production
  dependency-group: all-pip-updates
- dependency-name: tornado
  dependency-version: 6.5.7
  dependency-type: direct:production
  dependency-group: all-pip-updates
- dependency-name: virtualenv
  dependency-version: 21.5.1
  dependency-type: direct:production
  dependency-group: all-pip-updates
- dependency-name: filelock
  dependency-version: 3.29.4
  dependency-type: direct:production
  dependency-group: all-pip-updates
- dependency-name: zipp
  dependency-version: 4.1.0
  dependency-type: direct:production
  dependency-group: all-pip-updates
- dependency-name: setuptools-scm
  dependency-version: 10.2.0
  dependency-type: direct:production
  dependency-group: all-pip-updates
- dependency-name: pyzmq
  dependency-version: 27.1.0
  dependency-type: direct:production
  dependency-group: all-pip-updates
- dependency-name: build
  dependency-version: 1.5.0
  dependency-type: direct:production
  dependency-group: all-pip-updates
- dependency-name: cryptography
  dependency-version: 49.0.0
  dependency-type: direct:production
  dependency-group: all-pip-updates
- dependency-name: virtualenv
  dependency-version: 21.5.1
  dependency-type: direct:production
  dependency-group: all-pip-updates
- dependency-name: filelock
  dependency-version: 3.29.4
  dependency-type: direct:production
  dependency-group: all-pip-updates
- dependency-name: pylint
  dependency-version: 4.0.6
  dependency-type: direct:production
  dependency-group: all-pip-updates
- dependency-name: boto3
  dependency-version: 1.43.36
  dependency-type: direct:production
  dependency-group: all-pip-updates
- dependency-name: botocore
  dependency-version: 1.43.36
  dependency-type: direct:production
  dependency-group: all-pip-updates
- dependency-name: pynacl
  dependency-version: 1.6.2
  dependency-type: direct:production
  dependency-group: all-pip-updates
- dependency-name: vcert
  dependency-version: 0.20.0
  dependency-type: direct:production
  dependency-group: all-pip-updates
- dependency-name: xmldiff
  dependency-version: '3.0'
  dependency-type: direct:production
  dependency-group: all-pip-updates
- dependency-name: pygit2
  dependency-version: 1.19.3
  dependency-type: direct:production
  dependency-group: all-pip-updates
- dependency-name: ansible
  dependency-version: 14.1.0
  dependency-type: direct:production
  dependency-group: all-pip-updates
- dependency-name: python-telegram-bot
  dependency-version: '22.8'
  dependency-type: direct:production
  dependency-group: all-pip-updates
- dependency-name: cryptography
  dependency-version: 49.0.0
  dependency-type: direct:production
  dependency-group: all-pip-updates
- dependency-name: pyopenssl
  dependency-version: 26.3.0
  dependency-type: direct:production
  dependency-group: all-pip-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the test:full Run the full test suite label Jun 27, 2026
@dependabot dependabot Bot requested a review from a team as a code owner June 27, 2026 21:10
@dependabot dependabot Bot added the test:full Run the full test suite label Jun 27, 2026
Several packages in this update drop Python 3.9 support; add
python_version < '3.10' markers so py3.9 stays on the last compatible
releases while newer Pythons take the updates. Revert vcert/pylint bumps that
reintroduce documented conflicts. Regenerate all lock files.
@dependabot @github

dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown
Contributor Author

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

test:full Run the full test suite

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant