Skip to content

MAINT: Bump the python-deps group across 1 directory with 5 updates#306

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/requirements/python-deps-2ea43f721d
Open

MAINT: Bump the python-deps group across 1 directory with 5 updates#306
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/requirements/python-deps-2ea43f721d

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 26, 2026

Copy link
Copy Markdown

Updates the requirements on hypothesis, pydata-sphinx-theme, matplotlib, pkgconf and ruff to permit the latest version.
Updates hypothesis from 6.152.1 to 6.155.5

Release notes

Sourced from hypothesis's releases.

Hypothesis for Python - version 6.152.9

This release substantially improves our internal distribution for generating integers. This release has the most visible effect on "integers()", but may incidentally improve other strategies which draw integers internally.

Our integers distribution had two problems. First, it had jagged discontinuities at certain values where we switched sampling approaches. Second, it used a different distribution for bounded and unbounded ranges, which resulted in "st.integers()" and "st.integers(-264, 264)" producing very different distributions despite being semantically similar.

We now use a smooth distribution for both "st.integers()" and "st.integers(a, b)", which fixes both of these issues. This should substantially improve our testing power in certain cases.

The only way this release should be user-visible is that it finds more bugs! If this release is user-visible in other ways - for example, because it is slower, or produces a worse distribution in some cases - please open an issue.

The canonical version of these notes (with links) is on readthedocs.

Hypothesis for Python - version 6.152.8

This release drops support for end-of-life Django 4.2.

The canonical version of these notes (with links) is on readthedocs.

Hypothesis for Python - version 6.152.7

This patch improves our type hints for ".filter()" to work with "typing.TypeGuard". For example:

from typing import TypeGuard

from hypothesis import strategies as st

def is_str(x: object) -> TypeGuard[str]: return isinstance(x, str)

s = st.from_type(object).filter(is_str)

previously: SearchStrategy[object]

now: SearchStrategy[str]

reveal_type(s)

The canonical version of these notes (with links) is on readthedocs.

Hypothesis for Python - version 6.152.6

This patch adds a shrinking pass that tries natural text

... (truncated)

Commits
  • f898ab6 Bump hypothesis version to 6.155.5 and update changelog
  • c2f6e7f Merge pull request #4768 from Zac-HD/claude/lucid-wozniak-cyr7v6
  • 22280f4 Bump hypothesis version to 6.155.4 and update changelog
  • 8d0345d Reject datetime bounds in dates() with InvalidArgument
  • 5f3f6ae Merge pull request #4763 from HypothesisWorks/create-pull-request/patch
  • ecbef50 Merge pull request #4766 from Liam-DeVoe/remove-dates-filter-debug-print
  • bfec0ea add T20 lint
  • 8497a82 Bump hypothesis version to 6.155.3 and update changelog
  • 1ac02e3 Merge pull request #4767 from pschanely/suppress-observations
  • 814a0ef Merge branch 'master' into suppress-observations
  • Additional commits viewable in compare view

Updates pydata-sphinx-theme to 0.19.0

Release notes

Sourced from pydata-sphinx-theme's releases.

v0.19.0

What's Changed

New Contributors

Full Changelog: pydata/pydata-sphinx-theme@v0.18.0...v0.19.0

Commits

Updates matplotlib to 3.10.9

Release notes

Sourced from matplotlib's releases.

v3.10.9

This is a micro release of the v3.10.x series. Highlights of this release include:

  • Various minor bug and doc fixes
  • Security hardening validation of cyclers - Removing eval usage
  • Security hardening in Latex and PS calls - Removing shell escapes
Commits
  • dd8d78b REL: v3.10.9
  • 2fb1891 REL: Release prep v3.10.9
  • d0e923a Merge branch 'v3.10.8-doc' into v3.10.x
  • 1637932 Merge pull request #31558 from meeseeksmachine/auto-backport-of-pr-31556-on-v...
  • a83faac Backport PR #31556: FIX: Inverted PyErr_Occurred check in enum type caster (_...
  • a4f57ab Merge pull request #31545 from ksunden/backport-of-pr-31282-on-v3.10.x
  • 063288d Merge pull request #31544 from ksunden/backport-of-pr-31248-on-v3.10.x
  • b2ed196 Backport PR #31248: SEC: Remove eval() from validate_cycler
  • acc6024 Merge pull request #31282 from scottshambaugh/tex_no_shell
  • e3fb541 Merge pull request #31078 from meeseeksmachine/auto-backport-of-pr-31075-on-v...
  • Additional commits viewable in compare view

Updates pkgconf from 2.5.1.post1 to 2.5.1.post2

Commits

Updates ruff from 0.15.17 to 0.15.18

Release notes

Sourced from ruff's releases.

0.15.18

Release Notes

Released on 2026-06-18.

Preview features

  • Handle nested ruff:ignore comments (#25791)
  • Stop displaying severity in output (#26050)
  • Use human-readable names in CLI output (#25937)
  • Use human-readable names in LSP and playground diagnostics (#26058)
  • [pydocstyle] Prevent property docstrings starting with verbs (D421) (#23775)
  • [flake8-pyi] Extend PYI033 to Python files (#26129)

Bug fixes

  • Detect equivalent numeric mapping keys (#26009)
  • Detect mapping keys equivalent to booleans (#25982)
  • Detect repeated signed and complex dictionary keys (#26007)

Rule changes

  • [flake8-pyi] Rename PYI033 to legacy-type-comment (#26131)

Performance

  • Use ThinVec for call keywords (#25999)
  • Inline parser recovery context checks (#26038)
  • Match parser keywords as bytes (#26037)
  • Move value parsing out of lexing (#25360)

Server

  • Render subdiagnostics and secondary annotations as related information (#26011)

Documentation

  • Update fix availability for always-fixable rules (#26091)
  • [flake8-tidy-imports] Add fix safety section (TID252) (#17491)

Parser

  • Reject __debug__ lambda parameters (#26022)
  • Reject _ as a match-pattern target (#25977)
  • Reject multiple starred names in sequence patterns (#25976)
  • Reject parenthesized star imports (#26021)
  • Reject starred comprehension targets (#26023)
  • Reject unparenthesized generator expressions in class bases (#25978)
  • Reject yield expressions after commas (#26024)
  • Validate function type parameter default order (#25981)

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.18

Released on 2026-06-18.

Preview features

  • Handle nested ruff:ignore comments (#25791)
  • Stop displaying severity in output (#26050)
  • Use human-readable names in CLI output (#25937)
  • Use human-readable names in LSP and playground diagnostics (#26058)
  • [pydocstyle] Prevent property docstrings starting with verbs (D421) (#23775)
  • [flake8-pyi] Extend PYI033 to Python files (#26129)

Bug fixes

  • Detect equivalent numeric mapping keys (#26009)
  • Detect mapping keys equivalent to booleans (#25982)
  • Detect repeated signed and complex dictionary keys (#26007)

Rule changes

  • [flake8-pyi] Rename PYI033 to legacy-type-comment (#26131)

Performance

  • Use ThinVec for call keywords (#25999)
  • Inline parser recovery context checks (#26038)
  • Match parser keywords as bytes (#26037)
  • Move value parsing out of lexing (#25360)

Server

  • Render subdiagnostics and secondary annotations as related information (#26011)

Documentation

  • Update fix availability for always-fixable rules (#26091)
  • [flake8-tidy-imports] Add fix safety section (TID252) (#17491)

Parser

  • Reject __debug__ lambda parameters (#26022)
  • Reject _ as a match-pattern target (#25977)
  • Reject multiple starred names in sequence patterns (#25976)
  • Reject parenthesized star imports (#26021)
  • Reject starred comprehension targets (#26023)
  • Reject unparenthesized generator expressions in class bases (#25978)
  • Reject yield expressions after commas (#26024)
  • Validate function type parameter default order (#25981)

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
MAINT: Bump the python-deps group across 1 directory with 5 updates
1fad026 
Updates the requirements on [hypothesis](https://github.com/HypothesisWorks/hypothesis), [pydata-sphinx-theme](https://github.com/pydata/pydata-sphinx-theme), [matplotlib](https://github.com/matplotlib/matplotlib), [pkgconf](https://github.com/pypackaging-native/pkgconf-pypi) and [ruff](https://github.com/astral-sh/ruff) to permit the latest version.

Updates `hypothesis` from 6.152.1 to 6.155.5
- [Release notes](https://github.com/HypothesisWorks/hypothesis/releases)
- [Commits](HypothesisWorks/hypothesis@hypothesis-python-6.152.1...v6.155.5)

Updates `pydata-sphinx-theme` to 0.19.0
- [Release notes](https://github.com/pydata/pydata-sphinx-theme/releases)
- [Changelog](https://github.com/pydata/pydata-sphinx-theme/blob/main/RELEASE.md)
- [Commits](pydata/pydata-sphinx-theme@v0.16.1...v0.19.0)

Updates `matplotlib` to 3.10.9
- [Release notes](https://github.com/matplotlib/matplotlib/releases)
- [Commits](matplotlib/matplotlib@v3.10.8...v3.10.9)

Updates `pkgconf` from 2.5.1.post1 to 2.5.1.post2
- [Commits](pypackaging-native/pkgconf-pypi@2.5.1-1...2.5.1-2)

Updates `ruff` from 0.15.17 to 0.15.18
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.17...0.15.18)

---
updated-dependencies:
- dependency-name: hypothesis
  dependency-version: 6.155.5
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-deps
- dependency-name: pydata-sphinx-theme
  dependency-version: 0.19.0
  dependency-type: direct:production
  dependency-group: python-deps
- dependency-name: matplotlib
  dependency-version: 3.10.9
  dependency-type: direct:production
  dependency-group: python-deps
- dependency-name: pkgconf
  dependency-version: 2.5.1.post2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-deps
- dependency-name: ruff
  dependency-version: 0.15.18
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

03 - Maintenance

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants