Skip to content

Bump the straightforward-dependencies group across 3 directories with 7 updates#2749

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/straightforward-dependencies-c2b59baf7c
Closed

Bump the straightforward-dependencies group across 3 directories with 7 updates#2749
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/straightforward-dependencies-c2b59baf7c

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 18, 2026

Bumps the straightforward-dependencies group with 1 update in the / directory: redshift-connector.
Bumps the straightforward-dependencies group with 6 updates in the /lambdas directory:

Package From To
google-api-python-client 2.187.0 2.196.0
urllib3 2.6.2 2.7.0
s3fs 2026.2.0 2026.4.0
requests 2.32.5 2.34.2
httplib2 0.31.0 0.31.2
numpy 2.3.5 2.4.5

Bumps the straightforward-dependencies group with 1 update in the /scripts directory: redshift-connector.

Updates redshift-connector from 2.1.10 to 2.1.13

Release notes

Sourced from redshift-connector's releases.

v2.1.13

No release notes provided.

v2.1.12

No release notes provided.

v2.1.11

chore: bump version to 2.1.11

Changelog

Sourced from redshift-connector's changelog.

v2.1.13 (2026-03-30)

  • Raised minimum supported Python version from 3.6 to 3.7
  • Fixed prepared statement cache desync causing KeyError after DDL/ROLLBACK
  • Raised lxml upper bound from <6.0.0 to <=6.0.2 to unblock Python 3.14 support
  • Bumped beautifulsoup4 minimum version from 4.7.0 to 4.13.5 to fix lxml 6.0 parsing bug with curly braces
  • Fixed Python 3.7/3.8 type hint compatibility in Metadata API

v2.1.12 (2026-03-04)

  • Added support for Identity Enhanced Credentials authentication
  • Fixed metadata retrieval to sanitize invalid negative and None values in metadataAPIHelper

v2.1.11 (2026-02-09)

  • Fixed build failure when using setuptools version 72 or later by replacing deprecated TestCommand with generic Command base class
Commits
  • f034099 Update CHANGELOG.md
  • 537001f chore: bump version to 2.1.13
  • 356583b chore: Raised lxml upper bound from <6.0.0 to <=6.0.2 to unblock Python 3.14 ...
  • a0527a8 fix: Fixed Python 3.7/3.8 type hint compatibility in Metadata API
  • d5516e9 chore: Raised minimum supported Python version from 3.6 to 3.7
  • bc4503e fix: Fixed prepared statement cache desync causing KeyError after DDL/ROLLBACK
  • 342df24 Update CHANGELOG.md
  • 5294c00 chore: bump version to 2.1.12
  • 8862ce2 fix: adjust function column integration test due to known issue in SQL UDF
  • f724f79 feat: Added support for Identity Enhanced Credentials authentication
  • Additional commits viewable in compare view

Updates google-api-python-client from 2.187.0 to 2.196.0

Release notes

Sourced from google-api-python-client's releases.

v2.196.0

2.196.0 (2026-05-05)

Features

Bug Fixes

... (truncated)

Commits

Updates urllib3 from 2.6.2 to 2.7.0

Release notes

Sourced from urllib3's releases.

2.7.0

🚀 urllib3 is fundraising for HTTP/2 support

urllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects please consider contributing financially to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.

Thank you for your support.

Security

Addressed high-severity security issues. Impact was limited to specific use cases detailed in the accompanying advisories; overall user exposure was estimated to be marginal.

  • Decompression-bomb safeguards of the streaming API were bypassed:

    1. When HTTPResponse.drain_conn() was called after the response had been read and decompressed partially. (Reported by @​Cycloctane)
    2. During the second HTTPResponse.read(amt=N) or HTTPResponse.stream(amt=N) call when the response was decompressed using the official Brotli library. (Reported by @​kimkou2024)

    See GHSA-mf9v-mfxr-j63j for details.

  • HTTP pools created using ProxyManager.connection_from_url did not strip sensitive headers specified in Retry.remove_headers_on_redirect when redirecting to a different host. (GHSA-qccp-gfcp-xxvc reported by @​christos-spearbit)

Deprecations and Removals

  • Used FutureWarning instead of DeprecationWarning for better visibility of existing deprecation notices. Rescheduled the removal of deprecated features to version 3.0. (urllib3/urllib3#3763)
  • Removed support for end-of-life Python 3.9. (urllib3/urllib3#3720)
  • Removed support for end-of-life PyPy3.10. (urllib3/urllib3#4979)
  • Bumped the minimum supported pyOpenSSL version to 19.0.0. (urllib3/urllib3#3777)

Bugfixes

  • Fixed a bug where HTTPResponse.read(amt=None) was ignoring decompressed data buffered from previous partial reads. (urllib3/urllib3#3636)
  • Fixed a bug where HTTPResponse.read() could cache only part of the response after a partial read when cache_content=True. (urllib3/urllib3#4967)
  • Fixed HTTPResponse.stream() and HTTPResponse.read_chunked() to handle amt=0. (urllib3/urllib3#3793)
  • Updated _TYPE_BODY type alias to include missing Iterable[str], matching the documented and runtime behavior of chunked request bodies. (urllib3/urllib3#3798)
  • Fixed LocationParseError when paths resembling schemeless URIs were passed to HTTPConnectionPool.urlopen(). (urllib3/urllib3#3352)
  • Fixed BaseHTTPResponse.readinto() type annotation to accept memoryview in addition to bytearray, matching the io.RawIOBase.readinto contract and enabling use with io.BufferedReader without type errors. (urllib3/urllib3#3764)

2.6.3

🚀 urllib3 is fundraising for HTTP/2 support

urllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects please consider contributing financially to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.

Thank you for your support.

Changes

Changelog

Sourced from urllib3's changelog.

2.7.0 (2026-05-07)

Security

Addressed high-severity security issues. Impact was limited to specific use cases detailed in the accompanying advisories; overall user exposure was estimated to be marginal.

  • Decompression-bomb safeguards of the streaming API were bypassed:

    1. When HTTPResponse.drain_conn() was called after the response had been read and decompressed partially.
    2. During the second HTTPResponse.read(amt=N) or HTTPResponse.stream(amt=N) call when the response was decompressed using the official Brotli <https://pypi.org/project/brotli/>__ library.

    See GHSA-mf9v-mfxr-j63j <https://github.com/urllib3/urllib3/security/advisories/GHSA-mf9v-mfxr-j63j>__ for details.

  • HTTP pools created using ProxyManager.connection_from_url did not strip sensitive headers specified in Retry.remove_headers_on_redirect when redirecting to a different host. (GHSA-qccp-gfcp-xxvc <https://github.com/urllib3/urllib3/security/advisories/GHSA-qccp-gfcp-xxvc>__)

Deprecations and Removals

  • Used FutureWarning instead of DeprecationWarning for better visibility of existing deprecation notices. Rescheduled the removal of deprecated features to version 3.0. ([#3763](https://github.com/urllib3/urllib3/issues/3763) <https://github.com/urllib3/urllib3/issues/3763>__)
  • Removed support for end-of-life Python 3.9. ([#3720](https://github.com/urllib3/urllib3/issues/3720) <https://github.com/urllib3/urllib3/issues/3720>__)
  • Removed support for end-of-life PyPy3.10. ([#4979](https://github.com/urllib3/urllib3/issues/4979) <https://github.com/urllib3/urllib3/issues/4979>__)
  • Bumped the minimum supported pyOpenSSL version to 19.0.0. ([#3777](https://github.com/urllib3/urllib3/issues/3777) <https://github.com/urllib3/urllib3/issues/3777>__)

Bugfixes

  • Fixed a bug where HTTPResponse.read(amt=None) was ignoring decompressed data buffered from previous partial reads. ([#3636](https://github.com/urllib3/urllib3/issues/3636) <https://github.com/urllib3/urllib3/issues/3636>__)
  • Fixed a bug where HTTPResponse.read() could cache only part of the response after a partial read when cache_content=True.

... (truncated)

Commits

Updates s3fs from 2026.2.0 to 2026.4.0

Commits

Updates requests from 2.32.5 to 2.34.2

Release notes

Sourced from requests's releases.

v2.34.2

2.34.2 (2026-05-14)

  • Moved headers input type back to Mapping to avoid invariance issues with MutableMapping and inferred dict types. Users calling Request.headers.update() may need to narrow typing in their code. (#7441)

Full Changelog: https://github.com/psf/requests/blob/main/HISTORY.md#2342-2026-05-14

v2.34.1

2.34.1 (2026-05-13)

Bugfixes

  • Widened json input type from dict and list to Mapping and Sequence. (#7436)
  • Changed headers input type to MutableMapping and removed None from Request.headers typing to improve handling for users. (#7431)
  • Response.reason moved from str | None to str to improve handling for users. (#7437)
  • Fixed a bug where some bodies with custom __getattr__ implementations weren't being properly detected as Iterables. (#7433)

New Contributors

Full Changelog: https://github.com/psf/requests/blob/main/HISTORY.md#2341-2026-05-13

v2.34.0

2.34.0 (2026-05-11)

Announcements

  • Requests 2.34.0 introduces inline types, replacing those provided by typeshed. Public API types should be fully compatible with mypy, pyright, and ty. We believe types are comprehensive but if you find issues, please report them to the pinned tracking issue.

    Special thanks to @​bastimeyer, @​cthoyt, @​edgarrmondragon, and @​srittau for helping review and test the types ahead of the release. (#7272)

Improvements

  • Digest Auth hashing algorithms have added usedforsecurity=False to clarify security considerations. (#7310)
  • Requests added support for Python 3.15 based on beta1. Downstream projects should be able to start testing prior to its release in October. (#7422)
  • Requests added support for Python 3.14t. (#7419)

Bugfixes

  • Response.history no longer contains a reference to itself, preventing accidental looping when traversing the history list. (#7328)
  • Requests no longer performs greedy matching on no_proxy domains. The

... (truncated)

Changelog

Sourced from requests's changelog.

2.34.2 (2026-05-14)

  • Moved headers input type back to Mapping to avoid invariance issues with MutableMapping and inferred dict types. Users calling Request.headers.update() may need to narrow typing in their code. (#7441)

2.34.1 (2026-05-13)

Bugfixes

  • Widened json input type from dict and list to Mapping and Sequence. (#7436)
  • Changed headers input type to MutableMapping and removed None from Request.headers typing to improve handling for users. (#7431)
  • Response.reason moved from str | None to str to improve handling for users. (#7437)
  • Fixed a bug where some bodies with custom __getattr__ implementations weren't being properly detected as Iterables. (#7433)

2.34.0 (2026-05-11)

Announcements

  • Requests 2.34.0 introduces inline types, replacing those provided by typeshed. Public API types should be fully compatible with mypy, pyright, and ty. We believe types are comprehensive but if you find issues, please report them to the pinned tracking issue.

    Special thanks to @​bastimeyer, @​cthoyt, @​edgarrmondragon, and @​srittau for helping review and test the types ahead of the release. (#7272)

Improvements

  • Digest Auth hashing algorithms have added usedforsecurity=False to clarify security considerations. (#7310)
  • Requests added support for Python 3.15 based on beta1. Downstream projects should be able to start testing prior to its release in October. (#7422)
  • Requests added support for Python 3.14t. (#7419)

Bugfixes

  • Response.history no longer contains a reference to itself, preventing accidental looping when traversing the history list. (#7328)
  • Requests no longer performs greedy matching on no_proxy domains. The proxy_bypass implementation has been updated with CPython's fix from bpo-39057. (#7427)
  • Requests no longer incorrectly strips duplicate leading slashes in URI paths. This should address user issues with specific presigned URLs. Note the full fix requires urllib3 2.7.0+. (#7315)

... (truncated)

Commits

Updates httplib2 from 0.31.0 to 0.31.2

Changelog

Sourced from httplib2's changelog.

0.31.2

build(deps): pp.DelimitedList (camel case) only available in pyparsing>=3.1 httplib2/httplib2#255

DO NOT use 0.31.1

0.31.1

auth: use pyparsing v3 PEP8-compliant method names httplib2/httplib2#253

Commits
  • a99a11f v0.31.2 release
  • 370010a dep-compat: pp.DelimitedList (camel case) only available in pyparsing>=3.1
  • 6d2ea32 v0.31.1 release
  • d1b0ce3 auth: use pyparsing v3 PEP8-compliant method names
  • 3288ba7 chore: harden publishing. use github attestations
  • See full diff in compare view

Updates numpy from 2.3.5 to 2.4.5

Release notes

Sourced from numpy's releases.

v2.4.5 (May 15, 2026)

NumPy 2.4.5 Release Notes

NumPy 2.4.5 is a patch release that fixes bugs discovered after the 2.4.4 release, has some typing improvements, and maintains infrastructure.

This release supports Python versions 3.11-3.14

Contributors

A total of 17 people contributed to this release. People with a "+" by their names contributed a patch for the first time.

  • Aleksei Nikiforov
  • Anarion Zuo +
  • Ankit Ahlawat
  • Breno Favaretto +
  • Charles Harris
  • Igor Krivenko +
  • Ijtihed Kilani +
  • Joren Hammudoglu
  • Maarten Baert +
  • Matti Picus
  • Nathan Goldbaum
  • Praneeth Kodumagulla +
  • Ralf Gommers
  • RoomWithOutRoof +
  • Sebastian Berg
  • Warren Weckesser
  • div +

Pull requests merged

A total of 28 pull requests were merged for this release.

  • #31093: MAINT: Prepare 2.4.x for further development
  • #31182: TYP: fix np.shape assignability issue for python lists (#31171)
  • #31197: ENH: Return rank 0 for empty matrices in matrix_rank (#30422)
  • #31198: CI/BUG: add native jobs for s390x, fix bug in pack_inner...
  • #31199: BUG: f2py map complex_long_double to NPY_CLONGDOUBLE
  • #31205: MAINT: f2py: Stop setting re._MAXCACHE to 50.
  • #31206: BUG: fix heap buffer overflow in timedelta to string casts
  • #31207: MAINT: Rename ppc64le and s390x workflow (#31121)
  • #31208: BUG: Fix matvec/vecmat in-place aliasing (out=input produces...
  • #31209: TYP: tile: accept numpy scalars and arrays as second argument...
  • #31211: DEP: Undo deprecation for np.dtype() signature used by old pickles...
  • #31212: REV: Manual revert of float16 svml use (#31178)
  • #31222: TYP: ix_ fix for boolean and non-1d input (#31218)
  • #31329: BUG: incorrect temp elision for new-style (NEP 43) user-defined...
  • #31330: TYP: fix sliding_window_view axis parameter typing

... (truncated)

Changelog

Sourced from numpy's changelog.

This is a walkthrough of the NumPy 2.4.0 release on Linux, which will be the first feature release using the numpy/numpy-release <https://github.com/numpy/numpy-release>__ repository.

The commands can be copied into the command line, but be sure to replace 2.4.0 with the correct version. This should be read together with the :ref:general release guide <prepare_release>.

Facility preparation

Before beginning to make a release, use the requirements/*_requirements.txt files to ensure that you have the needed software. Most software can be installed with pip, but some will require apt-get, dnf, or whatever your system uses for software. You will also need a GitHub personal access token (PAT) to push the documentation. There are a few ways to streamline things:

  • Git can be set up to use a keyring to store your GitHub personal access token. Search online for the details.

Prior to release

Add/drop Python versions

When adding or dropping Python versions, multiple config and CI files need to be edited in addition to changing the minimum version in pyproject.toml. Make these changes in an ordinary PR against main and backport if necessary. We currently release wheels for new Python versions after the first Python RC once manylinux and cibuildwheel support that new Python version.

Backport pull requests

Changes that have been marked for this release must be backported to the maintenance/2.4.x branch.

Update 2.4.0 milestones

Look at the issues/prs with 2.4.0 milestones and either push them off to a later version, or maybe remove the milestone. You may need to add a milestone.

Check the numpy-release repo

... (truncated)

Commits
  • 26e8185 Merge pull request #31441 from charris/prepare-2.4.5
  • 573110c REL: Prepare for the NumPy 2.4.5 release.
  • be6123a Merge pull request #31426 from jorenham/backport-31425
  • a286f52 TYP: Fix DTypeLike runtime type-checker support
  • f880727 Merge pull request #31404 from charris/backport-31399
  • 626d469 Merge pull request #31402 from charris/backport-31397
  • a42bd48 Merge pull request #31401 from charris/backport-31396
  • 207ad05 TYP: _NestedSequence type parameter default to work around a mypy issue (#3...
  • 309b637 BUG: exclude pycache directories from wheels (#31397)
  • 8ded93c BUG: Avoid UB in safe_[add,sub,mul] helpers (#31396)
  • Additional commits viewable in compare view

Updates redshift-connector from 2.1.10 to 2.1.13

Release notes

Sourced from redshift-connector's releases.

v2.1.13

No release notes provided.

v2.1.12

No release notes provided.

v2.1.11

chore: bump version to 2.1.11

Changelog

Sourced from redshift-connector's changelog.

v2.1.13 (2026-03-30)

  • Raised minimum supported Python version from 3.6 to 3.7
  • Fixed prepared statement cache desync causing KeyError after DDL/ROLLBACK
  • Raised lxml upper bound from <6.0.0 to <=6.0.2 to unblock Python 3.14 support
  • Bumped beautifulsoup4 minimum version from 4.7.0 to 4.13.5 to fix lxml 6.0 parsing bug with curly braces
  • Fixed Python 3.7/3.8 type hint compatibility in Metadata API

v2.1.12 (2026-03-04)

  • Added support for Identity Enhanced Credentials authentication
  • Fixed metadata retrieval to sanitize invalid negative and None values in metadataAPIHelper

v2.1.11 (2026-02-09)

  • Fixed build failure when using setuptools version 72 or later by replacing deprecated TestCommand with generic Command base class
Commits
  • f034099 Update CHANGELOG.md
  • 537001f chore: bump version to 2.1.13
  • 356583b chore: Raised lxml upper bound from <6.0.0 to <=6.0.2 to unblock Python 3.14 ...
  • a0527a8 fix: Fixed Python 3.7/3.8 type hint compatibility in Metadata API
  • d5516e9 chore: Raised minimum supported Python version from 3.6 to 3.7
  • bc4503e fix: Fixed prepared statement cache desync causing KeyError after DDL/ROLLBACK
  • 342df24 Update CHANGELOG.md
  • 5294c00 chore: bump version to 2.1.12
  • 8862ce2 fix: adjust function column integration test due to known issue in SQL UDF
  • f724f79 feat: Added support for Identity Enhanced Credentials authentication
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the straightforward-dependencies group across 3 directories with…
709f128 
… 7 updates

Bumps the straightforward-dependencies group with 1 update in the / directory: [redshift-connector](https://github.com/aws/amazon-redshift-python-driver).
Bumps the straightforward-dependencies group with 6 updates in the /lambdas directory:

| Package | From | To |
| --- | --- | --- |
| [google-api-python-client](https://github.com/googleapis/google-api-python-client) | `2.187.0` | `2.196.0` |
| [urllib3](https://github.com/urllib3/urllib3) | `2.6.2` | `2.7.0` |
| [s3fs](https://github.com/fsspec/s3fs) | `2026.2.0` | `2026.4.0` |
| [requests](https://github.com/psf/requests) | `2.32.5` | `2.34.2` |
| [httplib2](https://github.com/httplib2/httplib2) | `0.31.0` | `0.31.2` |
| [numpy](https://github.com/numpy/numpy) | `2.3.5` | `2.4.5` |

Bumps the straightforward-dependencies group with 1 update in the /scripts directory: [redshift-connector](https://github.com/aws/amazon-redshift-python-driver).


Updates `redshift-connector` from 2.1.10 to 2.1.13
- [Release notes](https://github.com/aws/amazon-redshift-python-driver/releases)
- [Changelog](https://github.com/aws/amazon-redshift-python-driver/blob/master/CHANGELOG.md)
- [Commits](aws/amazon-redshift-python-driver@v2.1.10...v2.1.13)

Updates `google-api-python-client` from 2.187.0 to 2.196.0
- [Release notes](https://github.com/googleapis/google-api-python-client/releases)
- [Commits](googleapis/google-api-python-client@v2.187.0...v2.196.0)

Updates `urllib3` from 2.6.2 to 2.7.0
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst)
- [Commits](urllib3/urllib3@2.6.2...2.7.0)

Updates `s3fs` from 2026.2.0 to 2026.4.0
- [Changelog](https://github.com/fsspec/s3fs/blob/main/release-procedure.md)
- [Commits](fsspec/s3fs@2026.2.0...2026.4.0)

Updates `requests` from 2.32.5 to 2.34.2
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](psf/requests@v2.32.5...v2.34.2)

Updates `httplib2` from 0.31.0 to 0.31.2
- [Changelog](https://github.com/httplib2/httplib2/blob/master/CHANGELOG)
- [Commits](httplib2/httplib2@v0.31.0...v0.31.2)

Updates `numpy` from 2.3.5 to 2.4.5
- [Release notes](https://github.com/numpy/numpy/releases)
- [Changelog](https://github.com/numpy/numpy/blob/main/doc/RELEASE_WALKTHROUGH.rst)
- [Commits](numpy/numpy@v2.3.5...v2.4.5)

Updates `redshift-connector` from 2.1.10 to 2.1.13
- [Release notes](https://github.com/aws/amazon-redshift-python-driver/releases)
- [Changelog](https://github.com/aws/amazon-redshift-python-driver/blob/master/CHANGELOG.md)
- [Commits](aws/amazon-redshift-python-driver@v2.1.10...v2.1.13)

---
updated-dependencies:
- dependency-name: redshift-connector
  dependency-version: 2.1.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: straightforward-dependencies
- dependency-name: google-api-python-client
  dependency-version: 2.196.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: straightforward-dependencies
- dependency-name: urllib3
  dependency-version: 2.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: straightforward-dependencies
- dependency-name: s3fs
  dependency-version: 2026.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: straightforward-dependencies
- dependency-name: requests
  dependency-version: 2.34.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: straightforward-dependencies
- dependency-name: httplib2
  dependency-version: 0.31.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: straightforward-dependencies
- dependency-name: numpy
  dependency-version: 2.4.5
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: straightforward-dependencies
- dependency-name: redshift-connector
  dependency-version: 2.1.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: straightforward-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels May 18, 2026
@dependabot dependabot Bot requested review from a team as code owners May 18, 2026 13:09
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels May 18, 2026
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented May 18, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@Tian-2017 Tian-2017 closed this May 18, 2026
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 18, 2026

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml

@dependabot dependabot Bot deleted the dependabot/pip/straightforward-dependencies-c2b59baf7c branch May 18, 2026 14:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Tian-2017