Skip to content

chore(deps): bump the dependencies group across 2 directories with 9 updates #11068

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: master
Choose a base branch
from
Open

chore(deps): bump the dependencies group across 2 directories with 9 updates #11068

dependabot wants to merge 1 commit into from
+189 −241

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 26, 2025

Bumps the dependencies group with 1 update in the /docs directory: mkdocs-material.
Bumps the dependencies group with 7 updates in the /src/backend directory:

Package From To
django 5.2.9 6.0
django-dbbackup 5.0.1 5.1.0
docutils 0.22.3 0.22.4
dulwich 0.24.10 0.25.0
pypdf 6.4.1 6.4.2
sentry-sdk 2.47.0 2.48.0
pre-commit 4.5.0 4.5.1

Updates mkdocs-material from 9.7.0 to 9.7.1

Release notes

Sourced from mkdocs-material's releases.

mkdocs-material-9.7.1

  • Updated requests to 2.30+ to mitigate CVE in urllib
  • Fixed privacy plugin not picking up protocol-relative URLs
  • Fixed #8542: false positives and negatives captured in privacy plugin
Changelog

Sourced from mkdocs-material's changelog.

mkdocs-material-9.7.1 (2025-12-18)

  • Updated requests to 2.30+ to mitigate CVE in urllib
  • Fixed privacy plugin not picking up protocol-relative URLs
  • Fixed #8542: false positives and negatives captured in privacy plugin

mkdocs-material-9.7.0 (2025-11-11)

⚠️ Material for MkDocs is now in maintenance mode

This is the last release of Material for MkDocs that will receive new features. Going forward, the Material for MkDocs team focuses on Zensical, a next-gen static site generator built from first principles. We will provide critical bug fixes and security updates for Material for MkDocs for 12 months at least.

Read the full announcement on our blog: https://squidfunk.github.io/mkdocs-material/blog/2025/11/05/zensical/

This release includes all features that were previously exclusive to the Insiders edition. These features are now freely available to everyone.

Note on deprecated plugins: The projects and typeset plugins are included in this release, but must be considered deprecated. Both plugins proved unsustainable to maintain and represent architectural dead ends. They are provided as-is without ongoing support.

Changes:

  • Added support for pinned blog posts and author profiles
  • Added support for customizing pagination for blog index pages
  • Added support for customizing blog category sort order
  • Added support for staying on page when switching languages
  • Added support for disabling tags in table of contents
  • Added support for nested tags and shadow tags
  • Added support for footnote tooltips
  • Added support for instant previews
  • Added support for instant prefetching
  • Added support for custom social card layouts
  • Added support for custom social card background images
  • Added support for selectable rangs in code blocks
  • Added support for custom selectors for code annotations
  • Added support for configurable log level in privacy plugin
  • Added support for processing of external links in privacy plugin
  • Added support for automatic image optimization via optimize plugin
  • Added support for navigation paths (breadcrumbs)
  • Fixed #8519: Vector accents do not render when using KaTeX

mkdocs-material-9.6.23 (2025-11-01)

  • Updated Burmese translation

... (truncated)

Commits

Updates django from 5.2.9 to 6.0

Commits
  • 36b5f39 [6.0.x] Bumped version for 6.0 release.
  • 4f46d1f [6.0.x] Updated man page for Django 6.0.
  • a9f5ca5 [6.0.x] Refs #35859 -- Clarified Tasks ref and topics docs regarding availabl...
  • 45f9e0e [6.0.x] Finalized release notes for Django 6.0.
  • ac44a55 [6.0.x] Made cosmetic edits to docs/releases/6.0.txt.
  • 00575b7 [6.0.x] Updated translations from Transifex.
  • 8414487 [6.0.x] Refs #35444 -- Fixed typo in PostgreSQL StringAgg deprecation warning.
  • 1f8f36e [6.0.x] Added CVE-2025-13372 and CVE-2025-64460 to security archive.
  • 224fc79 [6.0.x] Added stub release notes for 5.2.10.
  • 1dbd07a [6.0.x] Fixed CVE-2025-64460 -- Corrected quadratic inner text accumulation i...
  • Additional commits viewable in compare view

Updates setuptools from 80.9.0 to

Commits

Updates django-dbbackup from 5.0.1 to 5.1.0

Release notes

Sourced from django-dbbackup's releases.

5.1.0

Fixed

  • Prevent restoring a backup from a different database connector (e.g. Postgres backup to SQLite) by adding an additional metadata file to all new backups.
  • Fixed compressed media backup restoration by using gzip.GzipFile instead of tarfile's gzip decompression algorithm.
Changelog

Sourced from django-dbbackup's changelog.

[5.1.0] - 2025-12-17

Fixed

  • Prevent restoring a backup from a different database connector (e.g. Postgres backup to SQLite) by adding an additional metadata file to all new backups.
  • Fixed compressed media backup restoration by using gzip.GzipFile instead of tarfile's gzip decompression algorithm.
Commits

Updates docutils from 0.22.3 to 0.22.4

Commits

Updates dulwich from 0.24.10 to 0.25.0

Release notes

Sourced from dulwich's releases.

v0.25.0

What's Changed

... (truncated)

Changelog

Sourced from dulwich's changelog.

0.25.0 2025-12-17

PLEASE NOTE: This release makes quite a lot of changes to public APIs. This is ahead of a 1.0 release, after which API changes will be kept backwards compatible.

  • Split out worktree module from porcelain into separate dulwich.worktree module for better code organization. (Jelmer Vernooij, #2037)

  • Split porcelain module into separate submodules: dulwich.porcelain.tags, dulwich.porcelain.notes, dulwich.porcelain.submodule, and dulwich.porcelain.lfs. Main porcelain module re-exports all functions for backward compatibility. (Jelmer Vernooij, #2032)

  • Ensure dulwich.porcelain package is properly installed as a directory structure with submodules. (Jelmer Vernooij, #2035)

  • Add tests for consistent license preamble across codebase and prevent os.environ usage in lower layers. (Jelmer Vernooij, #2033)

  • Add __all__ exports to all modules for better API clarity and wildcard import support. (Jelmer Vernooij, #2022)

  • Fix ParamikoSSHVendor interface compatibility with SSHVendor. (Jelmer Vernooij, #2028)

  • Add fallback when HEAD is missing in dumb HTTP protocol, improving compatibility with repositories that don't have a HEAD reference. (Antoine Lambert, #2030)

  • Fix smudge filter subprocess fallback for special characters in path. (Petr Chmelar, #1878)

  • Fix UTF-8 decode error in process filter protocol when handling binary files. (Jelmer Vernooij, #2023)

  • Fix porcelain.add() to correctly handle None values in pathspec parameter. (Jelmer Vernooij, #2027)

  • Add --stat argument to dulwich diff command to display diffstat summary showing files changed and line additions/deletions. (Jelmer Vernooij, #2026)

  • Avoid signing commits in porcelain.stash() operations to prevent GPG prompt interruptions during automated stashing. (Jelmer Vernooij, #2012)

  • Improve error handling when trying to remove non-empty directories during worktree operations. (Jelmer Vernooij, #2004)

  • Move greenthreads support to dulwich/contrib. This code isn't really developed and only used by the swift support.

... (truncated)

Commits

Updates pypdf from 6.4.1 to 6.4.2

Release notes

Sourced from pypdf's releases.

Version 6.4.2, 2025-12-14

What's new

Bug Fixes (BUG)

  • Fix KeyError when flattening form field without /Font in resources (#3554) by @​jgillard

Robustness (ROB)

Documentation (DOC)

Full Changelog

Changelog

Sourced from pypdf's changelog.

Version 6.4.2, 2025-12-14

Bug Fixes (BUG)

  • Fix KeyError when flattening form field without /Font in resources (#3554)

Robustness (ROB)

  • Allow deleting non-existent annotations (#3559)

Documentation (DOC)

  • Fix level of attachment heading (#3560)

Full Changelog

Commits

Updates sentry-sdk from 2.47.0 to 2.48.0

Release notes

Sourced from sentry-sdk's releases.

2.48.0

Middleware spans are now disabled by default in Django, Starlette and FastAPI integrations. Set the middleware_spans integration-level option to capture individual spans per middleware layer. To record Django middleware spans, for example, configure as follows

  import sentry_sdk
  from sentry_sdk.integrations.django import DjangoIntegration
sentry_sdk.init(
dsn="<your-dsn>",
integrations=[
DjangoIntegration(middleware_spans=True),
],
)

New Features ✨

Langgraph

OTLP

Bug Fixes 🐛

Integrations

... (truncated)

Changelog

Sourced from sentry-sdk's changelog.

2.48.0

Middleware spans are now disabled by default in Django, Starlette and FastAPI integrations. Set the middleware_spans integration-level option to capture individual spans per middleware layer. To record Django middleware spans, for example, configure as follows

  import sentry_sdk
  from sentry_sdk.integrations.django import DjangoIntegration
sentry_sdk.init(
dsn="<your-dsn>",
integrations=[
DjangoIntegration(middleware_spans=True),
],
)

New Features ✨

Langgraph

OTLP

Bug Fixes 🐛

Integrations

  • fix(django): Set active thread ID when middleware spans are disabled by @​alexander-alderman-webb in #5220

  • fix(integrations): openai-agents fixing the input messages structure which was wrapped too much in some cases by @​constantinius in #5203

  • fix(integrations): openai-agents fix multi-patching of get_model function by @​constantinius in #5195

  • fix(integrations): add values for pydantic-ai and openai-agents to _INTEGRATION_DEACTIVATES to prohibit double span creation by @​constantinius in #5196

  • fix(logs): Set span_id instead of sentry.trace.parent_span_id attribute by @​sentrivana in #5241

  • fix(logs, metrics): Gate metrics, logs user attributes behind send_default_pii by @​sentrivana in #5240

... (truncated)

Commits
  • 32e9cac Phrasing and code formatting in changelog
  • bf30403 Call out new default for middleware spans and fix formatting in changelog
  • 19e0d1f Fix changelog
  • 6516b8b release: 2.48.0
  • e275c9e Convert all remaining type annotations to PEP-526 format (#5239)
  • a29b421 fix(logs): Set span_id instead of sentry.trace.parent_span_id attribute (...
  • a9d89f2 fix(pydantic-ai): Stop capturing internal exceptions (#5237)
  • 5606bb3 fix(logs, metrics): Gate metrics, logs user attributes behind `send_default_p...
  • 6046f2d ci: Unpin Python version for LiteLLM tests (#5238)
  • 42ed87a ci: 🤖 Update test matrix with new releases (12/15) (#5229)
  • Additional commits viewable in compare view

Updates pre-commit from 4.5.0 to 4.5.1

Release notes

Sourced from pre-commit's releases.

pre-commit v4.5.1

Fixes

  • Fix language: python with repo: local without additional_dependencies.
Changelog

Sourced from pre-commit's changelog.

4.5.1 - 2025-12-16

Fixes

  • Fix language: python with repo: local without additional_dependencies.
Commits
  • 8a0630c v4.5.1
  • fcbc745 Merge pull request #3597 from pre-commit/empty-setup-py
  • 51592ee fix python local template when artifact dirs are present
  • 67e8faf Merge pull request #3596 from pre-commit/pre-commit-ci-update-config
  • c251e6b [pre-commit.ci] pre-commit autoupdate
  • 98ccafa Merge pull request #3593 from pre-commit/pre-commit-ci-update-config
  • 4895355 [pre-commit.ci] pre-commit autoupdate
  • 2cedd58 Merge pull request #3588 from pre-commit/pre-commit-ci-update-config
  • 465192d [pre-commit.ci] pre-commit autoupdate
  • fd42f96 Merge pull request #3586 from pre-commit/zipapp-sha256-file-not-needed
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the dependencies group across 2 directories with 9 …
6c8f65a 
…updates

Bumps the dependencies group with 1 update in the /docs directory: [mkdocs-material](https://github.com/squidfunk/mkdocs-material).
Bumps the dependencies group with 7 updates in the /src/backend directory:

| Package | From | To |
| --- | --- | --- |
| [django](https://github.com/django/django) | `5.2.9` | `6.0` |
| [django-dbbackup](https://github.com/Archmonger/django-dbbackup) | `5.0.1` | `5.1.0` |
| [docutils](https://github.com/rtfd/recommonmark) | `0.22.3` | `0.22.4` |
| [dulwich](https://github.com/dulwich/dulwich) | `0.24.10` | `0.25.0` |
| [pypdf](https://github.com/py-pdf/pypdf) | `6.4.1` | `6.4.2` |
| [sentry-sdk](https://github.com/getsentry/sentry-python) | `2.47.0` | `2.48.0` |
| [pre-commit](https://github.com/pre-commit/pre-commit) | `4.5.0` | `4.5.1` |



Updates `mkdocs-material` from 9.7.0 to 9.7.1
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](squidfunk/mkdocs-material@9.7.0...9.7.1)

Updates `django` from 5.2.9 to 6.0
- [Commits](django/django@5.2.9...6.0)

Updates `setuptools` from 80.9.0 to 
- [Release notes](https://github.com/pypa/setuptools/releases)
- [Changelog](https://github.com/pypa/setuptools/blob/main/NEWS.rst)
- [Commits](https://github.com/pypa/setuptools/commits)

Updates `django-dbbackup` from 5.0.1 to 5.1.0
- [Release notes](https://github.com/Archmonger/django-dbbackup/releases)
- [Changelog](https://github.com/Archmonger/django-dbbackup/blob/master/CHANGELOG.md)
- [Commits](Archmonger/django-dbbackup@5.0.1...5.1.0)

Updates `docutils` from 0.22.3 to 0.22.4
- [Changelog](https://github.com/readthedocs/recommonmark/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rtfd/recommonmark/commits)

Updates `dulwich` from 0.24.10 to 0.25.0
- [Release notes](https://github.com/dulwich/dulwich/releases)
- [Changelog](https://github.com/jelmer/dulwich/blob/master/NEWS)
- [Commits](jelmer/dulwich@dulwich-0.24.10...dulwich-0.25.0)

Updates `pypdf` from 6.4.1 to 6.4.2
- [Release notes](https://github.com/py-pdf/pypdf/releases)
- [Changelog](https://github.com/py-pdf/pypdf/blob/main/CHANGELOG.md)
- [Commits](py-pdf/pypdf@6.4.1...6.4.2)

Updates `sentry-sdk` from 2.47.0 to 2.48.0
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](getsentry/sentry-python@2.47.0...2.48.0)

Updates `pre-commit` from 4.5.0 to 4.5.1
- [Release notes](https://github.com/pre-commit/pre-commit/releases)
- [Changelog](https://github.com/pre-commit/pre-commit/blob/main/CHANGELOG.md)
- [Commits](pre-commit/pre-commit@v4.5.0...v4.5.1)

---
updated-dependencies:
- dependency-name: mkdocs-material
  dependency-version: 9.7.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: django
  dependency-version: '6.0'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: setuptools
  dependency-version: 
  dependency-type: direct:production
  dependency-group: dependencies
- dependency-name: django-dbbackup
  dependency-version: 5.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: docutils
  dependency-version: 0.22.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: dulwich
  dependency-version: 0.25.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: pypdf
  dependency-version: 6.4.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: sentry-sdk
  dependency-version: 2.48.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: pre-commit
  dependency-version: 4.5.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Dec 26, 2025
@netlify
Copy link

netlify bot commented Dec 26, 2025
edited
Loading

Deploy Preview for inventree-web-pui-preview canceled.

Name Link
🔨 Latest commit 6c8f65a
🔍 Latest deploy log https://app.netlify.com/projects/inventree-web-pui-preview/deploys/694ed441be18c400083a3486

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@SchrodingersGat SchrodingersGat Awaiting requested review from SchrodingersGat SchrodingersGat is a code owner

Assignees

@matmair matmair

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@matmair