Skip to content

Bump the minor-and-patch group across 1 directory with 3 updates#179

Merged
TiaTuinstra merged 1 commit intomainfrom
dependabot/uv/minor-and-patch-f68b573d7e
Apr 30, 2026
Merged

Bump the minor-and-patch group across 1 directory with 3 updates#179
TiaTuinstra merged 1 commit intomainfrom
dependabot/uv/minor-and-patch-f68b573d7e

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 27, 2026

Bumps the minor-and-patch group with 3 updates in the / directory: pypdf, pre-commit and ty.

Updates pypdf from 6.10.0 to 6.10.2

Release notes

Sourced from pypdf's releases.

Version 6.10.2, 2026-04-15

What's new

Security (SEC)

Full Changelog

Version 6.10.1, 2026-04-14

What's new

Security (SEC)

Robustness (ROB)

Documentation (DOC)

Full Changelog

Changelog

Sourced from pypdf's changelog.

Version 6.10.2, 2026-04-15

Security (SEC)

  • Do not rely on possibly invalid /Size for incremental cloning (#3735)
  • Introduce limits for FlateDecode parameters and image decoding (#3734)

Full Changelog

Version 6.10.1, 2026-04-14

Security (SEC)

  • Limit the allowed size of xref and object streams (#3733)

Robustness (ROB)

  • Consider strict mode setting for decryption errors (#3731)

Documentation (DOC)

  • Use new parameter names for compress_identical_objects

Full Changelog

Commits
  • c476b4f REL: 6.10.2
  • c50a010 SEC: Do not rely on possibly invalid /Size for incremental cloning (#3735)
  • ac734da SEC: Introduce limits for FlateDecode parameters and image decoding (#3734)
  • b49e7eb REL: 6.10.1
  • 62338e9 SEC: Limit the allowed size of xref and object streams (#3733)
  • 5dcc0ae DEV: Update pytest-benchmark to 5.2.3
  • b42e4aa DEV: Update pinned pillow and pytest where possible (#3732)
  • 717446b ROB: Consider strict mode setting for decryption errors (#3731)
  • 9e461d3 DEV: Bump softprops/action-gh-release from 2 to 3 (#3730)
  • 500d09d TST: Update test_embedded_file__basic to use tmp_path fixture (#3726)
  • Additional commits viewable in compare view

Updates pre-commit from 4.5.1 to 4.6.0

Release notes

Sourced from pre-commit's releases.

pre-commit v4.6.0

Features

  • pre-commit hook-impl: allow --hook-dir to be missing to enable easier usage with git 2.54+ git hooks.

Fixes

Changelog

Sourced from pre-commit's changelog.

4.6.0 - 2026-04-21

Features

  • pre-commit hook-impl: allow --hook-dir to be missing to enable easier usage with git 2.54+ git hooks.

Fixes

Commits
  • f35134b v4.6.0
  • 2a51ffc Merge pull request #3662 from pre-commit/hook-impl-optional-hook-dir
  • d7dee32 make --hook-dir optional for hook-impl
  • 965aeb1 Merge pull request #3661 from pre-commit/hook-impl-required
  • 2eacc06 --hook-type is required for hook-impl
  • f5678bf Merge pull request #3657 from pre-commit/pre-commit-ci-update-config
  • 054cc5b [pre-commit.ci] pre-commit autoupdate
  • 5c0f302 Merge pull request #3652 from pre-commit/pre-commit-ci-update-config
  • a5d9114 [pre-commit.ci] pre-commit autoupdate
  • 129a1f5 Merge pull request #3641 from pre-commit/mxr-patch-1
  • Additional commits viewable in compare view

Updates ty from 0.0.29 to 0.0.32

Release notes

Sourced from ty's releases.

0.0.32

Release Notes

Released on 2026-04-20.

Bug fixes

  • Fix panic when __get__ uses Concatenate self-type and wraps a __call__ (#24692)
  • Avoid panicking on overloaded Callable type context (#24661)
  • Expand class bases in per-base lint checks (#24695, #24699)
  • Fix stack overflow for binary operator inference involving recursive types (#24551)

LSP server

  • Dim out unreachable code in IDEs (#24580)
  • Do not suggest argument completion when typing the value of a keyword argument (#24669)
  • Retrieve the docstring from the overload implementation if an @overload-decorated function has no docstring (#23920)

Core type checking

  • Allow if statements in TypedDict bodies (#24702)
  • Disallow @disjoint_base on TypedDicts and Protocols (#24671)
  • Do not consider a subclass of a @dataclass_transform-decorated class to have dataclass-like semantics if it has type in its MRO (#24679)
  • Reject using properties with Never setters or deleters (#24510)
  • Sync vendored typeshed stubs (#24646). Typeshed diff

Diagnostics

  • Show error context for assignability diagnostics (#24309)
  • Use partially qualified names when reporting diagnostics regarding bad calls to methods (#24560)
  • Reduce source code context window to zero (#24689)
  • Merge same-file annotations if there is only a single line separating them (#24694)

Performance

  • Memoize binary operator return types (#24700)
  • Gate protocol compatibility on member count (#24684)

Contributors

... (truncated)

Changelog

Sourced from ty's changelog.

0.0.32

Released on 2026-04-20.

Bug fixes

  • Fix panic when __get__ uses Concatenate self-type and wraps a __call__ (#24692)
  • Avoid panicking on overloaded Callable type context (#24661)
  • Expand class bases in per-base lint checks (#24695, #24699)
  • Fix stack overflow for binary operator inference involving recursive types (#24551)

LSP server

  • Dim out unreachable code in IDEs (#24580)
  • Do not suggest argument completion when typing the value of a keyword argument (#24669)
  • Retrieve the docstring from the overload implementation if an @overload-decorated function has no docstring (#23920)

Core type checking

  • Allow if statements in TypedDict bodies (#24702)
  • Disallow @disjoint_base on TypedDicts and Protocols (#24671)
  • Do not consider a subclass of a @dataclass_transform-decorated class to have dataclass-like semantics if it has type in its MRO (#24679)
  • Reject using properties with Never setters or deleters (#24510)
  • Sync vendored typeshed stubs (#24646). Typeshed diff

Diagnostics

  • Show error context for assignability diagnostics (#24309)
  • Use partially qualified names when reporting diagnostics regarding bad calls to methods (#24560)
  • Reduce source code context window to zero (#24689)
  • Merge same-file annotations if there is only a single line separating them (#24694)

Performance

  • Memoize binary operator return types (#24700)
  • Gate protocol compatibility on member count (#24684)

Contributors

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the minor-and-patch group across 1 directory with 3 updates
86e73fd 
Bumps the minor-and-patch group with 3 updates in the / directory: [pypdf](https://github.com/py-pdf/pypdf), [pre-commit](https://github.com/pre-commit/pre-commit) and [ty](https://github.com/astral-sh/ty).


Updates `pypdf` from 6.10.0 to 6.10.2
- [Release notes](https://github.com/py-pdf/pypdf/releases)
- [Changelog](https://github.com/py-pdf/pypdf/blob/main/CHANGELOG.md)
- [Commits](py-pdf/pypdf@6.10.0...6.10.2)

Updates `pre-commit` from 4.5.1 to 4.6.0
- [Release notes](https://github.com/pre-commit/pre-commit/releases)
- [Changelog](https://github.com/pre-commit/pre-commit/blob/main/CHANGELOG.md)
- [Commits](pre-commit/pre-commit@v4.5.1...v4.6.0)

Updates `ty` from 0.0.29 to 0.0.32
- [Release notes](https://github.com/astral-sh/ty/releases)
- [Changelog](https://github.com/astral-sh/ty/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ty@0.0.29...0.0.32)

---
updated-dependencies:
- dependency-name: pypdf
  dependency-version: 6.10.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: pre-commit
  dependency-version: 4.6.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: ty
  dependency-version: 0.0.32
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Apr 27, 2026
@TiaTuinstra TiaTuinstra merged commit 19ba003 into main Apr 30, 2026
1 check passed
@dependabot dependabot Bot deleted the dependabot/uv/minor-and-patch-f68b573d7e branch April 30, 2026 20:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@TiaTuinstra TiaTuinstra TiaTuinstra approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@TiaTuinstra