Skip to content

Batch dependabot uv updates#11819

Open
philderbeast wants to merge 7 commits into
haskell:masterfrom
cabalism:bump/dependabot-uv-batch
Open

Batch dependabot uv updates#11819
philderbeast wants to merge 7 commits into
haskell:masterfrom
cabalism:bump/dependabot-uv-batch

Conversation

@philderbeast
Copy link
Copy Markdown
Collaborator

@philderbeast philderbeast commented May 12, 2026

Rather than get approvals and merge dependabot individual pull requests, I've created a branch and cherry picked each of the following:

This pull request includes all of those changes.

Manual QA step would be to cd doc followed with uv sync and check for changes to the lock file doc/uv.lock. Also make users-guide and check the docs.

  • Patches conform to the coding conventions.
  • Is this a PR that fixes CI? If so, it will need to be backported to older cabal release branches (ask maintainers for directions).

dependabot Bot and others added 7 commits May 12, 2026 15:29
@dependabot @philderbeast
Bump idna from 3.11 to 3.13 in /doc
b8a8f49 
Bumps [idna](https://github.com/kjd/idna) from 3.11 to 3.13.
- [Release notes](https://github.com/kjd/idna/releases)
- [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst)
- [Commits](kjd/idna@v3.11...v3.13)

---
updated-dependencies:
- dependency-name: idna
  dependency-version: '3.13'
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @philderbeast
Bump certifi from 2026.1.4 to 2026.4.22 in /doc
f4b66ca 
Bumps [certifi](https://github.com/certifi/python-certifi) from 2026.1.4 to 2026.4.22.
- [Commits](certifi/python-certifi@2026.01.04...2026.04.22)

---
updated-dependencies:
- dependency-name: certifi
  dependency-version: 2026.4.22
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @philderbeast
Bump sphinx-rtd-theme from 3.0.2 to 3.1.0 in /doc
65cab94 
Bumps [sphinx-rtd-theme](https://github.com/readthedocs/sphinx_rtd_theme) from 3.0.2 to 3.1.0.
- [Changelog](https://github.com/readthedocs/sphinx_rtd_theme/blob/master/docs/changelog.rst)
- [Commits](readthedocs/sphinx_rtd_theme@3.0.2...3.1.0)

---
updated-dependencies:
- dependency-name: sphinx-rtd-theme
  dependency-version: 3.1.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @philderbeast
Bump sphinx from 8.2.3 to 9.1.0 in /doc
e5bf40e 
Bumps [sphinx](https://github.com/sphinx-doc/sphinx) from 8.2.3 to 9.1.0.
- [Release notes](https://github.com/sphinx-doc/sphinx/releases)
- [Changelog](https://github.com/sphinx-doc/sphinx/blob/master/CHANGES.rst)
- [Commits](sphinx-doc/sphinx@v8.2.3...v9.1.0)

---
updated-dependencies:
- dependency-name: sphinx
  dependency-version: 9.1.0
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @philderbeast
Bump packaging from 25.0 to 26.2 in /doc
ae32c6c 
Bumps [packaging](https://github.com/pypa/packaging) from 25.0 to 26.2.
- [Release notes](https://github.com/pypa/packaging/releases)
- [Changelog](https://github.com/pypa/packaging/blob/main/CHANGELOG.rst)
- [Commits](pypa/packaging@25.0...26.2)

---
updated-dependencies:
- dependency-name: packaging
  dependency-version: '26.2'
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @philderbeast
Bump urllib3 in /doc in the uv group across 1 directory
cc6a06f 
Bumps the uv group with 1 update in the /doc directory: [urllib3](https://github.com/urllib3/urllib3).


Updates `urllib3` from 2.6.3 to 2.7.0
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst)
- [Commits](urllib3/urllib3@2.6.3...2.7.0)

---
updated-dependencies:
- dependency-name: urllib3
  dependency-version: 2.7.0
  dependency-type: direct:development
  dependency-group: uv
...

Signed-off-by: dependabot[bot] <support@github.com>
@philderbeast
Run uv sync
cc6ae66
@philderbeast philderbeast mentioned this pull request May 13, 2026
Open
2 tasks
@ulysses4ever ulysses4ever requested a review from jappeace May 13, 2026 18:51
@ulysses4ever
Copy link
Copy Markdown
Collaborator

ulysses4ever commented May 13, 2026

@jappeace since you approved #11812, I thought, you might give a hand here: this one just manually batches several earlier PRs from Dependabot

@jappeace
Copy link
Copy Markdown
Collaborator

jappeace commented May 13, 2026

nice, thanks 🙏🏽

@ulysses4ever ulysses4ever added merge me Tell Mergify Bot to merge and removed attention: needs-review labels May 13, 2026
@mergify mergify Bot added the ready and waiting Mergify is waiting out the cooldown period label May 13, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jappeace jappeace jappeace approved these changes

@ulysses4ever ulysses4ever ulysses4ever approved these changes

Assignees

No one assigned

Labels

merge me Tell Mergify Bot to merge ready and waiting Mergify is waiting out the cooldown period

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@philderbeast @ulysses4ever @jappeace