Bump the minor-and-patch group across 1 directory with 4 updates by dependabot[bot] · Pull Request #355 · jwngr/sdow

dependabot · 2026-05-25T23:45:09Z

Bumps the minor-and-patch group with 4 updates in the / directory: flask-compress, google-cloud-logging, protobuf and requests.

Updates flask-compress from 1.23 to 1.24

Changelog

Sourced from flask-compress's changelog.

1.24 (2026-03-31)

add mypy annotations and mark it as checkable, #76 by @orborde

enable trusted publishing, allowing GitHub Actions to publish releases to PyPI without long lived credentials, #78 by @alexprengere

Commits

f20d36c Bump to version 1.24
f457a00 Enable trusted publishing
0e029ee Bump the github-actions group with 2 updates (#77)
4ab0b11 Add mypy annotations and mark it as checkable. (#76)
310a6be Bump the github-actions group across 1 directory with 3 updates (#73)
8bb8ce6 Pre-commit autoupdate
See full diff in compare view

Updates google-cloud-logging from 3.14.0 to 3.15.0

Changelog

Sourced from google-cloud-logging's changelog.

Changelog

PyPI History

Commits

7a05a34 chore: create a release (#16191)
0f19d85 chore: fix missing heading in changelog (#16189)
a16755d chore: librarian onboard pull request: 20260323T111101Z (#16141)
9694ce9 chore: librarian onboard pull request: 20260323T114549Z (#16143)
c4a35cf chore: librarian onboard pull request: 20260323T132735Z (#16146)
640a86b chore: librarian update image pull request: 20260325T221325Z (#16175)
341284c chore(deps): bump pyasn1 from 0.6.1 to 0.6.3 in /packages/sqlalchemy-spanner ...
ec9262c fix: Allow Protobuf 7.x, require Python 3.9 (#16102)
cf50cea feat(firestore): literals pipeline stage (#16028)
4b400fa chore: librarian generate pull request: 20260325T142358Z (#16166)
Additional commits viewable in compare view

Updates protobuf from 7.34.0 to 7.35.0

Release notes

Sourced from protobuf's releases.

Protocol Buffers v34.0-rc1

Announcements

This version includes breaking changes to: C++, Objective-C, PHP, Python.

[Bazel] Remove deprecated ProtoInfo.transitive_imports. Use equivalent transitive_sources instead (protocolbuffers/protobuf@0a5c2f6)

[C++] Make generator headers private (protocolbuffers/protobuf@3a2af35)

[C++] Add a debug check that the target of CopyFrom is not a descendant of the source. (protocolbuffers/protobuf@7a75898)

[C++] Add [[nodiscard]] to many APIs. (protocolbuffers/protobuf@a70115f)

[C++] Make the arena-enabled constructors of RepeatedField, RepeatedPtrField, and Map private. (protocolbuffers/protobuf@ef890c3)

[C++] Remove deprecated FieldDescriptor::label() in OSS. Use is_repeated() or is_required() instead (protocolbuffers/protobuf@b76faa9)

[C++] Removes proto2::util::MessageDifferencer::AddIgnoreCriteria that takes a raw pointer as an argument in favor of the overload that takes a unique_ptr. Remove macro PROTOBUF_FUTURE_REMOVE_ADD_IGNORE_CRITERIA (protocolbuffers/protobuf@b115358)

[C++] Remove deprecated FieldDescriptor::has_optional_keyword() in OSS. Use is_repeated() or has_presence() instead (protocolbuffers/protobuf@68346ec)

[C++] Remove AddUnusedImportTrackFile() and ClearUnusedImportTrackFiles(). Remove PROTOBUF_FUTURE_RENAME_ADD_UNUSED_IMPORT (protocolbuffers/protobuf@837a2cd)

[C++] Remove deprecated FieldDescriptor::is_optional() in OSS. Use (!is_required() && !is_repeated()) instead (protocolbuffers/protobuf@9dbc5d4)

[C++] Remove deprecated UseDeprecatedLegacyJsonFieldConflicts() (protocolbuffers/protobuf@c301c2c)

[C++] All entity names have length limit (2afb0dc)

[ObjC] Remove generate_minimal_imports generation option warning (protocolbuffers/protobuf@45b1297)

[ObjC] Fix nullability annotations on some GPB*Dictionary types. (protocolbuffers/protobuf@ea67d6d)

[ObjC] Remove -[GPBFieldDescriptor optional] (protocolbuffers/protobuf@3414dc1)

[Other] Remove deprecated flag for enabling MSVC support (protocolbuffers/protobuf@97c979b)

[PHP] Remove deprecated PHP APIs (protocolbuffers/protobuf@9c45014)

[PHP] Remove deprecated PHP APIs FieldDescriptor getLabel, use IsRepeated or isRequired instead. (protocolbuffers/protobuf@4208121, protocolbuffers/protobuf@cd76e67, protocolbuffers/protobuf@4208121)

[PHP] Add PHP typehints for setters and remove redundant GPBUtil checks (protocolbuffers/protobuf#25296) (protocolbuffers/protobuf@aee03b7)

[PHP] support default values for editions/proto2 (protocolbuffers/protobuf#25161) (protocolbuffers/protobuf@b01099d)

[Python] Raise errors in OSS when assign bool to int/enum field in Python Proto. (protocolbuffers/protobuf@5b116fe)

[Python] Remove float_format/double_format from python proto text_format (protocolbuffers/protobuf@e4854a1)

[Python] Raise TypeError when convert non-timedelta to Duration, or convert non-datetime to Timestamp in python proto. (Original code may raise ArributeError) (protocolbuffers/protobuf@00aaca1)

[Python] Remove float_precision from python proto json_format (protocolbuffers/protobuf@f027f1f)

[Python] Remove deprecated FieldDescriptor::label() in OSS. Use is_repeated() or is_required() instead (protocolbuffers/protobuf@b76faa9)

[Python] Remove deprecated FieldDescriptor.label (protocolbuffers/protobuf@0a8ff55)

[Python] Remove deprecated UseDeprecatedLegacyJsonFieldConflicts() (protocolbuffers/protobuf@c301c2c)

Protobuf News may include additional announcements or pre-announcements for upcoming changes.

Migration Guide may include additional guidance for breaking changes.

Bazel

Fix: cc_toolchain should prefer protoc when prebuilt flag is flipped. (#25168) (protocolbuffers/protobuf@8c857c3)

Breaking change: Remove deprecated ProtoInfo.transitive_imports. Use equivalent transitive_sources instead (protocolbuffers/protobuf@0a5c2f6)

Feat(bazel): wire up prebuilt protoc toolchain (#24115) (protocolbuffers/protobuf@cc23698)

Migrate proto_descriptor_set (#23369) (protocolbuffers/protobuf@8d4dfdd)

Compiler

Ruby codegen: support generation of rbs files (#15633) (protocolbuffers/protobuf@6ebdf85)

Avoid collision name problems between a message named Xyz and a direct sibling enum named XyzView (protocolbuffers/protobuf@eba53e8)

Generalizing and implementing ValidateFeatureSupport for both Options and Features during proto parsing (protocolbuffers/protobuf@ed3c571)

Fix a bug with custom features outside of the pb package. (protocolbuffers/protobuf@872d3ce)

Fix import option handling when include_imports isn't set. (protocolbuffers/protobuf@9ef9e80)

Fix a bug in STRICT check of namespaced enums to properly check for 'reserved 1 to max' (protocolbuffers/protobuf@1229d4a)

Prevent accidental stripping of debug_redact options via import option. (protocolbuffers/protobuf@f58b098)

C++

Add EnumerateEnumValues function. (protocolbuffers/protobuf@397d5d9)

... (truncated)

Commits

See full diff in compare view

Updates requests from 2.32.5 to 2.34.2

Release notes

Sourced from requests's releases.

v2.34.2

2.34.2 (2026-05-14)

Moved headers input type back to Mapping to avoid invariance issues with MutableMapping and inferred dict types. Users calling Request.headers.update() may need to narrow typing in their code. (#7441)

Full Changelog: https://github.com/psf/requests/blob/main/HISTORY.md#2342-2026-05-14

v2.34.1

2.34.1 (2026-05-13)

Bugfixes

Widened json input type from dict and list to Mapping and Sequence. (#7436)

Changed headers input type to MutableMapping and removed None from Request.headers typing to improve handling for users. (#7431)

Response.reason moved from str | None to str to improve handling for users. (#7437)

Fixed a bug where some bodies with custom __getattr__ implementations weren't being properly detected as Iterables. (#7433)

New Contributors

@k223kim made their first contribution in psf/requests#7433

Full Changelog: https://github.com/psf/requests/blob/main/HISTORY.md#2341-2026-05-13

v2.34.0

2.34.0 (2026-05-11)

Announcements

Requests 2.34.0 introduces inline types, replacing those provided by typeshed. Public API types should be fully compatible with mypy, pyright, and ty. We believe types are comprehensive but if you find issues, please report them to the pinned tracking issue.

Special thanks to @bastimeyer, @cthoyt, @edgarrmondragon, and @srittau for helping review and test the types ahead of the release. (#7272)

Improvements

Digest Auth hashing algorithms have added usedforsecurity=False to clarify security considerations. (#7310)

Requests added support for Python 3.15 based on beta1. Downstream projects should be able to start testing prior to its release in October. (#7422)

Requests added support for Python 3.14t. (#7419)

Bugfixes

Response.history no longer contains a reference to itself, preventing accidental looping when traversing the history list. (#7328)

Requests no longer performs greedy matching on no_proxy domains. The

... (truncated)

Changelog

Sourced from requests's changelog.

2.34.2 (2026-05-14)

Moved headers input type back to Mapping to avoid invariance issues with MutableMapping and inferred dict types. Users calling Request.headers.update() may need to narrow typing in their code. (#7441)

2.34.1 (2026-05-13)

Bugfixes

Widened json input type from dict and list to Mapping and Sequence. (#7436)

Changed headers input type to MutableMapping and removed None from Request.headers typing to improve handling for users. (#7431)

Response.reason moved from str | None to str to improve handling for users. (#7437)

Fixed a bug where some bodies with custom __getattr__ implementations weren't being properly detected as Iterables. (#7433)

2.34.0 (2026-05-11)

Announcements

Requests 2.34.0 introduces inline types, replacing those provided by typeshed. Public API types should be fully compatible with mypy, pyright, and ty. We believe types are comprehensive but if you find issues, please report them to the pinned tracking issue.

Special thanks to @bastimeyer, @cthoyt, @edgarrmondragon, and @srittau for helping review and test the types ahead of the release. (#7272)

Improvements

Digest Auth hashing algorithms have added usedforsecurity=False to clarify security considerations. (#7310)

Requests added support for Python 3.15 based on beta1. Downstream projects should be able to start testing prior to its release in October. (#7422)

Requests added support for Python 3.14t. (#7419)

Bugfixes

Response.history no longer contains a reference to itself, preventing accidental looping when traversing the history list. (#7328)

Requests no longer performs greedy matching on no_proxy domains. The proxy_bypass implementation has been updated with CPython's fix from bpo-39057. (#7427)

Requests no longer incorrectly strips duplicate leading slashes in URI paths. This should address user issues with specific presigned URLs. Note the full fix requires urllib3 2.7.0+. (#7315)

... (truncated)

Commits

6e83187 v2.34.2
84d10f0 Move Request.headers back to Mapping (#7441)
b7b549b v2.34.1
e511bc7 Fix mutability issues with headers input types (#7431)
5691f59 Update JsonType containers to read-based collections (#7436)
2144213 Constrain Response.reason to str (#7437)
6404f34 Fix prepare_body stream detection for __getattr__-based file wrappers (#7...
0b401c7 v2.34.0
86b378d Align Session.get parameters with requests.get (#7429)
a4f9a59 Port bpo-39057 to Requests (#7427)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the minor-and-patch group with 4 updates in the / directory: [flask-compress](https://github.com/colour-science/flask-compress), [google-cloud-logging](https://github.com/googleapis/google-cloud-python), [protobuf](https://github.com/protocolbuffers/protobuf) and [requests](https://github.com/psf/requests). Updates `flask-compress` from 1.23 to 1.24 - [Changelog](https://github.com/colour-science/flask-compress/blob/master/CHANGELOG.md) - [Commits](colour-science/flask-compress@v1.23...v1.24) Updates `google-cloud-logging` from 3.14.0 to 3.15.0 - [Release notes](https://github.com/googleapis/google-cloud-python/releases) - [Changelog](https://github.com/googleapis/google-cloud-python/blob/main/packages/google-cloud-documentai/CHANGELOG.md) - [Commits](googleapis/google-cloud-python@google-cloud-logging-v3.14.0...google-cloud-logging-v3.15.0) Updates `protobuf` from 7.34.0 to 7.35.0 - [Release notes](https://github.com/protocolbuffers/protobuf/releases) - [Commits](https://github.com/protocolbuffers/protobuf/commits) Updates `requests` from 2.32.5 to 2.34.2 - [Release notes](https://github.com/psf/requests/releases) - [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md) - [Commits](psf/requests@v2.32.5...v2.34.2) --- updated-dependencies: - dependency-name: flask-compress dependency-version: '1.24' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: google-cloud-logging dependency-version: 3.15.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: protobuf dependency-version: 7.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: requests dependency-version: 2.34.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels May 25, 2026

jwngr merged commit 59fda31 into main May 25, 2026
2 of 3 checks passed

jwngr deleted the dependabot/pip/minor-and-patch-5d13e9382f branch May 25, 2026 23:56

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the minor-and-patch group across 1 directory with 4 updates#355

Bump the minor-and-patch group across 1 directory with 4 updates#355
jwngr merged 1 commit into
mainfrom
dependabot/pip/minor-and-patch-5d13e9382f

dependabot Bot commented on behalf of github May 25, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot Bot commented on behalf of github May 25, 2026

1.24 (2026-03-31)

Changelog

Protocol Buffers v34.0-rc1

Announcements

Bazel

Compiler

C++

v2.34.2

2.34.2 (2026-05-14)

v2.34.1

2.34.1 (2026-05-13)

New Contributors

v2.34.0

2.34.0 (2026-05-11)

2.34.2 (2026-05-14)

2.34.1 (2026-05-13)

2.34.0 (2026-05-11)

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant