Skip to content

chore(deps): bump the python-dependencies group across 1 directory with 16 updates#124

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/python-dependencies-2bb9c939db
Open

chore(deps): bump the python-dependencies group across 1 directory with 16 updates#124
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/python-dependencies-2bb9c939db

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 30, 2026
edited
Loading

Updates the requirements on mcp, cryptography, langchain-core, crewai, ruff, cyclonedx-bom, chardet, cyclonedx-python-lib, eth-keyfile, idna, packaging, parsimonious, pydantic-core, starlette, typer and websockets to permit the latest version.
Updates mcp from 1.27.1 to 1.27.2

Release notes

Sourced from mcp's releases.

v1.27.2

What's Changed

Full Changelog: modelcontextprotocol/python-sdk@v1.27.1...v1.27.2

Commits
  • 6213787 [v1.x] Scope experimental tasks to the session that created them (#2720)
  • ce267b6 [v1.x] Bind transport sessions to the authenticated principal (#2719)
  • 1abcca2 [v1.x] Add subject and claims to AccessToken (#2690)
  • 9773a3f [v1.x] ci: deploy docs to py.sdk.modelcontextprotocol.io via Pages artifact (...
  • See full diff in compare view

Updates cryptography from 46.0.7 to 48.0.0

Changelog

Sourced from cryptography's changelog.

48.0.0 - 2026-05-04


* **BACKWARDS INCOMPATIBLE:** Support for Python 3.8 has been removed.
  ``cryptography`` now requires Python 3.9 or later.
* **BACKWARDS INCOMPATIBLE:** Loading an X.509 CRL whose inner
  ``TBSCertList.signature`` algorithm does not match the outer
  ``signatureAlgorithm`` now raises ``ValueError``. Previously, such CRLs
  were parsed successfully and only rejected during signature validation.
* Added support for :doc:`/hazmat/primitives/asymmetric/mlkem` and
  :doc:`/hazmat/primitives/asymmetric/mldsa` when using OpenSSL 3.5.0 or
  later, in addition to the existing AWS-LC and BoringSSL support. This means
  post-quantum algorithms are now available to users of our wheels.

    

  • Note: Going forward, we do not guarantee that all functionality
    
in cryptography will be available when building against
    
OpenSSL. See :doc:/statements/state-of-openssl for more information.
    • 



.. _v47-0-0:


47.0.0 - 2026-04-24

  • Support for Python 3.8 is deprecated and will be removed in the next cryptography release.
  • BACKWARDS INCOMPATIBLE: Support for binary elliptic curves (SECT* classes) has been removed. These curves are rarely used and have additional security considerations that make them undesirable.
  • BACKWARDS INCOMPATIBLE: Support for OpenSSL 1.1.x has been removed. OpenSSL 3.0.0 or later is now required. LibreSSL, BoringSSL, and AWS-LC continue to be supported.
  • BACKWARDS INCOMPATIBLE: Dropped support for LibreSSL < 4.1.
  • BACKWARDS INCOMPATIBLE: Loading keys with unsupported algorithms or keys with unsupported explicit curve encodings now raises :class:~cryptography.exceptions.UnsupportedAlgorithm instead of ValueError. This change affects :func:~cryptography.hazmat.primitives.serialization.load_pem_private_key, :func:~cryptography.hazmat.primitives.serialization.load_der_private_key, :func:~cryptography.hazmat.primitives.serialization.load_pem_public_key, :func:~cryptography.hazmat.primitives.serialization.load_der_public_key, and :meth:~cryptography.x509.Certificate.public_key when called on certificates with unsupported public key algorithms.
  • BACKWARDS INCOMPATIBLE: When parsing elliptic curve private keys, we now reject keys that incorrectly encode a private key of the wrong length because such keys are impossible to process in a constant-time manner. We do not believe keys with this problem are in wide use, however we may revert this change based on the feedback we receive.
  • Deprecated passing 64-bit (8-byte) and 128-bit (16-byte) keys to :class:~cryptography.hazmat.decrepit.ciphers.algorithms.TripleDES. In a

... (truncated)

Commits

Updates langchain-core to 1.4.0

Release notes

Sourced from langchain-core's releases.

langchain-core==1.4.0

Changes since langchain-core==0.3.86

chore(infra): merge v1.4 into master (#37350) chore: bump urllib3 from 2.6.3 to 2.7.0 in /libs/core (#37329) fix(core): avoid eager pydantic.v1 import in @deprecated (#37308) chore: bump mistune from 3.1.4 to 3.2.1 in /libs/core (#37237) chore: bump jupyter-server from 2.17.0 to 2.18.0 in /libs/core (#37204) release(core): 1.3.3 (#37198) fix(core): set deprecation since to 1.3.3 to match release (#37200) fix(core, langchain): harden load() against untrusted manifests (#37197) chore: bump notebook from 7.5.0 to 7.5.6 in /libs/core (#37109) chore: bump types-pyyaml from 6.0.12.20250915 to 6.0.12.20260408 in /libs/core (#37129) fix(core): preserve structured inputs on tool runs in tracers (#37108) release(perplexity): 1.2.0 (#37091) chore(docs): update x handle references (#37081) fix(core): make removal optional in warn_deprecated (#37056) fix(core): validate batch_size in _batch and _abatch to prevent infinite loop (#36663) chore(core): mark stream_v2/astream_v2 as beta (#36992) release(core): 1.3.2 (#36990) feat(core): add content-block-centric streaming (v2) (#36834) release(core): 1.3.1 (#36972) feat(core): allow _format_output to pass through list of ToolOutputMixin instances (#36963) chore: bump nbconvert from 7.17.0 to 7.17.1 in /libs/core (#36923) feat(core): Update inheritance behavior for tracer metadata for special keys (#36900) chore: bump langsmith from 0.7.13 to 0.7.31 in /libs/core (#36813) release(core): release 1.3.0 (#36851) release(core): 1.3.0a3 (#36829) chore(core): keep checkpoint_ns behavior in streaming metadata for backwards compat (#36828) feat(core): Add chat model and LLM invocation params to traceable metadata (#36771) fix(core): restore cloud metadata IPs and link-local range in SSRF policy (#36816) chore(deps): bump pytest to 9.0.3 (#36801) chore(core): harden private SSRF utilities (#36768) fix(openai): handle content blocks without type key in responses api conversion (#36725) chore: bump pytest from 9.0.2 to 9.0.3 in /libs/core (#36719) release(core): 1.3.0.a2 (#36698) fix(core): Use reference counting for storing inherited run trees to support garbage collection (#36660) docs(core): nit (#36685) release(core): 1.3.0a1 (#36656) chore(core): reduce streaming metadata / perf (#36588) release(core): release 1.2.28 (#36614) fix(core): add more sanitization to templates (#36612) release(core): 1.2.27 (#36586) fix(core): handle symlinks in deprecated prompt save path (#36585) chore: add comment explaining pygments>=2.20.0 (#36570) release(core): 1.2.26 (#36511) fix(core): add init validator and serialization mappings for Bedrock models (#34510) feat(core): add ChatBaseten to serializable mapping (#36510) chore(core): drop gpt-3.5-turbo from docstrings (#36497) fix(core): correct parameter names in filter_messages docstring example (#36462)

... (truncated)

Commits
  • 70e66a1 chore: bump urllib3 from 2.6.3 to 2.7.0 in /libs/partners/openrouter (#37352)
  • da380bc chore(infra): merge v1.4 into master (#37350)
  • bbd10fe chore: bump urllib3 from 2.6.3 to 2.7.0 in /libs/partners/anthropic (#37343)
  • 11bbfb7 chore: bump urllib3 from 2.6.3 to 2.7.0 in /libs/partners/fireworks (#37339)
  • 7fd61d2 chore: bump urllib3 from 2.6.3 to 2.7.0 in /libs/partners/mistralai (#37338)
  • 5c096bb chore: bump urllib3 from 2.6.3 to 2.7.0 in /libs/partners/nomic (#37334)
  • ac47d54 chore: bump urllib3 from 2.6.3 to 2.7.0 in /libs/partners/chroma (#37333)
  • 7e5c570 chore: bump urllib3 from 2.6.3 to 2.7.0 in /libs/partners/qdrant (#37332)
  • 2086b91 chore: bump urllib3 from 2.6.3 to 2.7.0 in /libs/core (#37329)
  • 407e33a chore: bump urllib3 from 2.6.3 to 2.7.0 in /libs/langchain (#37327)
  • Additional commits viewable in compare view

Updates crewai to 1.14.6

Release notes

Sourced from crewai's releases.

1.14.6

What's Changed

Features

  • Enhance StdioTransport to prevent environment variable leakage
  • Enhance planning configuration and observation handling
  • Declare env_vars on DatabricksQueryTool
  • Add Agent Control Plane docs

Bug Fixes

  • Fix structured output leaks in tool-calling loops
  • Drop unroundtrippable callbacks and adapter state in checkpoint
  • Serialize type[BaseModel] fields as JSON schema in checkpoint
  • Avoid orphan task_started on resume scope restore
  • Allow AgentExecutor to restore from checkpoint
  • Correct mongodb typo to pymongo in package_dependencies

Documentation

  • Add ACP (Beta) docs navigation block to Agent Control Plane pages
  • Remove consensual process references from processes page
  • Restructure checkpointing page
  • Document one-time admin package install step
  • Migrate Secrets Manager / Workload Identity from replicated-config
  • Remove {" "} JSX expressions breaking render

Refactoring

  • Move Skills Repository to experimental + CREWAI_EXPERIMENTAL gate

Contributors

@​akaKuruma, @​alex-clawd, @​github-actions[bot], @​greysonlalonde, @​heitorado, @​iris-clawd, @​lorenzejay, @​lucasgomide, @​mattatcha, @​thiagomoretto, @​vinibrsl

Commits
  • fca21b1 docs: update changelog and version for v1.14.6
  • 0486b85 feat: bump versions to 1.14.6
  • ed91100 refactor(skills): move Skills Repository to experimental + CREWAI_EXPERIMENTA...
  • 2148c7e docs: add ACP (Beta) docs navigation block to Agent Control Plane pages (#5961)
  • 8890e0d docs: remove consensual process references from processes page (#5959)
  • 4a6a072 docs: update changelog and version for v1.14.6a2
  • d52106b feat: bump versions to 1.14.6a2
  • 4b190ae docs: restructure checkpointing page
  • 2e36f06 feat: enhance StdioTransport to prevent environment variable leakage (#5506)
  • a1033e4 Fix structured output leaks in tool-calling loops (#5897)
  • Additional commits viewable in compare view

Updates ruff from 0.15.14 to 0.15.15

Release notes

Sourced from ruff's releases.

0.15.15

Release Notes

Released on 2026-05-28.

Preview features

  • Fix Markdown closing fence handling (#25310)
  • [pyflakes] Report duplicate imports in typing.TYPE_CHECKING block (F811) (#22560)

Bug fixes

  • [pyflakes] Treat function-scope bare annotations as locals per PEP 526 (F821) (#21540)

Performance

  • Avoid redundant TokenValue drops in the lexer (#25300)
  • Reduce memory usage by dropping token-excess capacity and improve performance by approximating the initial tokens Vec size (#25354)
  • Use ThinVec in AST to shrink Stmt (#25361)

Documentation

  • Fix line-length example for --config option (#25389)
  • [flake8-comprehensions] Document RecursionError edge case in __len__ (C416) (#25286)
  • [mccabe] Improve example (C901) (#25287)
  • [pyupgrade] Clarify fix safety docs (UP007, UP045) (#25288)
  • [refurb] Document FURB192 exception change for empty sequences (#25317)
  • [ruff] Document false negative for user-defined types (RUF013) (#25289)

Formatter

  • Fix formatting of lambdas nested within f-strings (#25398)

Server

  • Return code action for codeAction/resolve requests that contain no or no valid URL (#25365)

Other changes

  • Expand semantic syntax errors for invalid walruses (#25415)

Contributors

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.15

Released on 2026-05-28.

Preview features

  • Fix Markdown closing fence handling (#25310)
  • [pyflakes] Report duplicate imports in typing.TYPE_CHECKING block (F811) (#22560)

Bug fixes

  • [pyflakes] Treat function-scope bare annotations as locals per PEP 526 (F821) (#21540)

Performance

  • Avoid redundant TokenValue drops in the lexer (#25300)
  • Reduce memory usage by dropping token-excess capacity and improve performance by approximating the initial tokens Vec size (#25354)
  • Use ThinVec in AST to shrink Stmt (#25361)

Documentation

  • Fix line-length example for --config option (#25389)
  • [flake8-comprehensions] Document RecursionError edge case in __len__ (C416) (#25286)
  • [mccabe] Improve example (C901) (#25287)
  • [pyupgrade] Clarify fix safety docs (UP007, UP045) (#25288)
  • [refurb] Document FURB192 exception change for empty sequences (#25317)
  • [ruff] Document false negative for user-defined types (RUF013) (#25289)

Formatter

  • Fix formatting of lambdas nested within f-strings (#25398)

Server

  • Return code action for codeAction/resolve requests that contain no or no valid URL (#25365)

Other changes

  • Expand semantic syntax errors for invalid walruses (#25415)

Contributors

Commits
  • db5aa0a Bump 0.15.15 (#25431)
  • 366fe21 [ty] Improve diagnostics for syntax errors in forward annotations (#25158)
  • e2e1e64 [ty] Remove excess capacity from more Salsa cached collections (#25411)
  • 1bd77e1 [ty] Use diagnostic message as tie breaker when sorting (#25424)
  • 7e1bc1e Add agent skills for working on ty (#25422)
  • 574e107 Expand semantic syntax errors for invalid walruses (#25415)
  • 4a7ca06 [ty] Display docs for matching parameter when hovering over the name of an ar...
  • 5432709 Refine a few agents instructions (#25423)
  • 3cb09eb [ty] Support typing.TypeForm (#25334)
  • c8cd59f [ty] Infer class attributes assigned by metaclass initialization (#25342)
  • Additional commits viewable in compare view

Updates cyclonedx-bom from 5.5.0 to 7.3.0

Release notes

Sourced from cyclonedx-bom's releases.

v7.3.0 (2026-03-30)

Features

  • Add -S flag to skip *.pth evaluation during environment analysis (#1032, 55c15d7)

What's Changed

Full Changelog: CycloneDX/cyclonedx-python@v7.2.2...v7.3.0

v7.2.2 (2026-02-19)

Documentation

What's Changed

Full Changelog: CycloneDX/cyclonedx-python@v7.2.1...v7.2.2

v7.2.1 (2025-10-29)

Maintenance release.

... (truncated)

Changelog

Sourced from cyclonedx-bom's changelog.

v7.3.0 (2026-03-30)

Features

  • Add -S flag to skip *.pth evaluation during environment analysis (#1032, 55c15d7)

v7.2.2 (2026-02-19)

Documentation

v7.2.1 (2025-10-29)

Documentation

v7.2.0 (2025-10-16)

Documentation

  • Add Changelog to project urls (5f38d75)

Features

v7.1.0 (2025-09-02)

Documentation

Features

  • Support runtime-dependency cyclonedx-python-lib v11 (#938, 7818754)

... (truncated)

Commits
  • e0d92e7 chore(release): 7.3.0
  • 55c15d7 feat: add -S flag to skip *.pth evaluation during environment analysis (#1032)
  • ecf8768 chore(deps-dev): Update uv requirement from 0.10.9 to 0.10.10 (#1026)
  • 00d862f chore(deps-dev): Update uv requirement from 0.10.7 to 0.10.9 (#1025)
  • fd51a5f chore(deps-dev): Update uv requirement from 0.10.2 to 0.10.7 (#1023)
  • 2ecae2b chore(release): 7.2.2
  • 9b06708 chore(deps-dev): Update uv requirement from 0.10.0 to 0.10.2 (#1019)
  • a6b7659 chore(deps-dev): Update uv requirement from 0.9.28 to 0.10.0 (#1018)
  • a2a9108 chore(deps): Update packaging requirement from ^22 || ^23 || ^24 || ^25 to ^2...
  • f35e9f2 chore(deps-dev): Update uv requirement from 0.9.13 to 0.9.28 (#1017)
  • Additional commits viewable in compare view

Updates chardet from 5.2.0 to 7.4.3

Release notes

Sourced from chardet's releases.

7.4.3

Patch release: fixes a crash when input contains null bytes inside a <meta charset> declaration.

Bug Fixes

  • Fixed ValueError: embedded null character crash when input contained a <meta charset> declaration with a null byte in the encoding name (e.g. b'<meta charset="\x00utf-8">'). codecs.lookup() raises ValueError on embedded nulls, and lookup_encoding() was only catching LookupError. Also added defensive ValueError catches in _validate_bytes() and _to_utf8() for completeness. (#369, thanks @​DRMacIver for the report)

Full Changelog: chardet/chardet@7.4.2...7.4.3

7.4.2

Patch release: fixes a crash on short inputs and closes a bunch of WHATWG/IANA alias gaps.

Bug Fixes

  • Fixed RuntimeError: pipeline must always return at least one result on ~2% of all possible two-byte inputs (e.g. b"\xf9\x92"). Multi-byte encodings like CP932 and Johab could score above the structural confidence threshold on very short inputs, but then statistical scoring would return nothing, leaving an empty result list instead of falling through to the fallback. (#367, #368, thanks @​jasonwbarnett)

Improvements

  • Added ~90 encoding aliases from the WHATWG Encoding Standard and IANA Character Sets registry so that <meta charset> labels like x-cp1252, x-sjis, dos-874, csUTF8, and the cswindows* family all resolve correctly through the markup detection stage. Every alias was driven by a failing spec-compliance test, not speculative. (#366)
  • Added a spec-compliance test suite covering Python decode round-trips for all 86 registry encodings, WHATWG label resolution, IANA preferred MIME names, and Unicode/RFC conformance (BOM sniffing, UTF-8 boundary cases, UTF-16 surrogate pairs). This is the test suite that would have caught the 7.4.1 BOM bug before release. (#366)

Full Changelog: chardet/chardet@7.4.1...7.4.2

7.4.1

Bug Fixes

  • BOM-prefixed UTF-16/32 input now returns utf-16/utf-32 instead of utf-16-le/utf-16-be/utf-32-le/utf-32-be. The endian-specific codecs don't strip the BOM on decode, so callers were getting a stray U+FEFF at the start of their text. BOM-less detection is unchanged. (#364, #365)

Full Changelog: chardet/chardet@7.4.0...7.4.1

chardet 7.4.0 brings accuracy up to 99.3% (from 98.6% in 7.3.0) and significantly faster cold start thanks to a new dense model format.

What's New

Performance:

  • New dense zlib-compressed model format (v2) drops cold start (import + first detect) from ~75ms to ~13ms with mypyc

Accuracy (98.6% → 99.3%):

  • Eliminated train/test data overlap via content fingerprinting
  • Added MADLAD-400 and Wikipedia as supplemental training sources
  • Improved non-ASCII bigram scoring: high-byte bigrams are now preserved during training and weighted by per-bigram IDF
  • Encoding-aware substitution filtering (substitutions only apply for characters the target encoding can't represent)
  • Increased training samples from 15K to 25K per language/encoding pair

Bug fixes:

  • Added dedicated structural analyzers for CP932, CP949, and Big5-HKSCS (these were previously sharing their base encoding's byte-range analyzer, missing extended ranges)

Metrics

| | chardet 7.4.0 (mypyc) | chardet 6.0.0 | charset-normalizer 3.4.6 |

... (truncated)

Changelog

Sourced from chardet's changelog.

7.4.3 (2026-04-13)

Bug Fixes:

  • Fixed ValueError: embedded null character crash when input contained a <meta charset> declaration with a null byte in the encoding name (e.g. b'<meta charset="\x00utf-8">'). codecs.lookup() raises ValueError on embedded nulls, and lookup_encoding() was only catching LookupError. Also added defensive ValueError catches in _validate_bytes() and _to_utf8() for completeness. (Dan Blanchard <https://github.com/dan-blanchard>_ via Claude, [#369](https://github.com/chardet/chardet/issues/369) <https://github.com/chardet/chardet/issues/369>_)

7.4.2 (2026-04-12)

Bug Fixes:

  • Fixed RuntimeError: pipeline must always return at least one result on ~2% of all possible two-byte inputs (e.g. b"\xf9\x92"). Multi-byte encodings like CP932 and Johab could score above the structural confidence threshold on very short inputs, but then statistical scoring would return nothing, leaving the pipeline with an empty result list instead of falling through to the no_match_encoding fallback. (Jason Barnett <https://github.com/jasonwbarnett>_ via Claude, [#367](https://github.com/chardet/chardet/issues/367) <https://github.com/chardet/chardet/issues/367>, [#368](https://github.com/chardet/chardet/issues/368) <https://github.com/chardet/chardet/pull/368>)

Improvements:

  • Added ~90 encoding aliases from the WHATWG Encoding Standard and IANA Character Sets registry so that <meta charset> labels like x-cp1252, x-sjis, dos-874, csUTF8, and the cswindows* family all resolve correctly through the markup detection stage. Every alias was driven by a failing spec-compliance test. (Dan Blanchard <https://github.com/dan-blanchard>_ via Claude, [#366](https://github.com/chardet/chardet/issues/366) <https://github.com/chardet/chardet/pull/366>_)
  • Added a spec-compliance test suite covering Python decode round-trips for all 86 registry encodings, WHATWG web-platform label resolution, IANA preferred MIME names, and Unicode/RFC conformance (BOM sniffing, UTF-8 boundary cases, UTF-16 surrogate pairs). This is the test suite that would have caught the 7.4.1 BOM bug before release. (Dan Blanchard <https://github.com/dan-blanchard>_ via Claude, [#366](https://github.com/chardet/chardet/issues/366) <https://github.com/chardet/chardet/pull/366>_)

7.4.1 (2026-04-07)

... (truncated)

Commits
  • 8f404a5 docs: set 7.4.3 release date to 2026-04-13
  • 7a6667f docs: fix changelog attribution for #369
  • a1fc986 docs: changelog for 7.4.3
  • 0af01d6 Fix ValueError crash on null bytes in charset declarations (#369)
  • 08e4ebc ci: parallelize riscv64 builds across 5 RISE runners
  • 2f6e1e9 ci: use python3 -m pip on riscv64 runner
  • 204623d ci: invoke cibuildwheel manually on riscv64 runner
  • 78c1d20 ci: use native runners for aarch64/riscv64 instead of QEMU
  • 3cc0960 docs: changelog for 7.4.2
  • 9079efc Fix RuntimeError on ~2% of two-byte inputs (#368)
  • Additional commits viewable in compare view

Updates cyclonedx-python-lib from 10.5.0 to 11.7.0

Release notes

Sourced from cyclonedx-python-lib's releases.

v11.7.0 (2026-03-17)

Documentation

Features

  • Add properties for licenses according to CycloneDX 1.5 (#947, 375d209)

  • Make schema deprecation warnings handle-able (#945, 71edacf)

What's Changed

New Contributors

Full Changelog: CycloneDX/cyclonedx-python-lib@v11.6.0...v11.7.0

v11.7.0-rc.4 (2026-04-10)

test release during CycloneDX/cyclonedx-python-lib#961

Detailed Changes: v11.7.0-rc.3...v11.7.0-rc.4

v11.7.0-rc.3 (2026-04-10)

test release during CycloneDX/cyclonedx-python-lib#961

... (truncated)

Changelog

Sourced from cyclonedx-python-lib's changelog.

v11.7.0 (2026-03-17)

Documentation

Features

  • Add properties for licenses according to CycloneDX 1.5 (#947, 375d209)

  • Make schema deprecation warnings handle-able (#945, 71edacf)

v11.6.0 (2025-12-02)

Documentation

Features

  • Moved non‑standard implementations to Contrib area (#916, 15a9023)

v11.5.0 (2025-10-31)

Features

  • Add support for DistributionConstraints in BOM metadata (#906, 70adb7c)

  • Add support for properties in external references (#907,<...

    Description has been truncated

@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label May 30, 2026
@dependabot dependabot Bot requested a review from ascender1729 as a code owner May 30, 2026 03:31
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 30, 2026

Labels

The following labels could not be found: python. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label May 30, 2026
@cloudflare-workers-and-pages
Copy link
Copy Markdown

cloudflare-workers-and-pages Bot commented May 30, 2026
edited
Loading

Deploying attestix with  Cloudflare Pages  Cloudflare Pages

Latest commit: eff44f9
Status: ✅  Deploy successful!
Preview URL: https://b9b67855.attestix.pages.dev
Branch Preview URL: https://dependabot-pip-python-depend-di3v.attestix.pages.dev

View logs

@dependabot dependabot Bot force-pushed the dependabot/pip/python-dependencies-2bb9c939db branch 2 times, most recently from 741bbae to 4d8414f Compare May 30, 2026 08:20
@dependabot
chore(deps): bump the python-dependencies group across 1 directory wi…
eff44f9 
…th 16 updates

Updates the requirements on [mcp](https://github.com/modelcontextprotocol/python-sdk), [cryptography](https://github.com/pyca/cryptography), [langchain-core](https://github.com/langchain-ai/langchain), [crewai](https://github.com/crewAIInc/crewAI), [ruff](https://github.com/astral-sh/ruff), [cyclonedx-bom](https://github.com/CycloneDX/cyclonedx-python), [chardet](https://github.com/chardet/chardet), [cyclonedx-python-lib](https://github.com/CycloneDX/cyclonedx-python-lib), [eth-keyfile](https://github.com/ethereum/eth-keyfile), [idna](https://github.com/kjd/idna), [packaging](https://github.com/pypa/packaging), [parsimonious](https://github.com/erikrose/parsimonious), [pydantic-core](https://github.com/pydantic/pydantic), [starlette](https://github.com/Kludex/starlette), [typer](https://github.com/fastapi/typer) and [websockets](https://github.com/python-websockets/websockets) to permit the latest version.

Updates `mcp` from 1.27.1 to 1.27.2
- [Release notes](https://github.com/modelcontextprotocol/python-sdk/releases)
- [Changelog](https://github.com/modelcontextprotocol/python-sdk/blob/main/RELEASE.md)
- [Commits](modelcontextprotocol/python-sdk@v1.27.1...v1.27.2)

Updates `cryptography` from 46.0.7 to 48.0.0
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](pyca/cryptography@46.0.7...48.0.0)

Updates `langchain-core` to 1.4.0
- [Release notes](https://github.com/langchain-ai/langchain/releases)
- [Commits](langchain-ai/langchain@langchain-core==0.3.0...langchain-core==1.4.0)

Updates `crewai` to 1.14.6
- [Release notes](https://github.com/crewAIInc/crewAI/releases)
- [Commits](crewAIInc/crewAI@0.95.0...1.14.6)

Updates `ruff` from 0.15.14 to 0.15.15
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.14...0.15.15)

Updates `cyclonedx-bom` from 5.5.0 to 7.3.0
- [Release notes](https://github.com/CycloneDX/cyclonedx-python/releases)
- [Changelog](https://github.com/CycloneDX/cyclonedx-python/blob/main/CHANGELOG.md)
- [Commits](CycloneDX/cyclonedx-python@v5.5.0...v7.3.0)

Updates `chardet` from 5.2.0 to 7.4.3
- [Release notes](https://github.com/chardet/chardet/releases)
- [Changelog](https://github.com/chardet/chardet/blob/main/docs/changelog.rst)
- [Commits](chardet/chardet@5.2.0...7.4.3)

Updates `cyclonedx-python-lib` from 10.5.0 to 11.7.0
- [Release notes](https://github.com/CycloneDX/cyclonedx-python-lib/releases)
- [Changelog](https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md)
- [Commits](CycloneDX/cyclonedx-python-lib@v10.5.0...v11.7.0)

Updates `eth-keyfile` from 0.8.1 to 0.9.1
- [Changelog](https://github.com/ApeWorX/eth-keyfile/blob/main/CHANGELOG.rst)
- [Commits](ApeWorX/eth-keyfile@v0.8.1...v0.9.1)

Updates `idna` from 3.16 to 3.17
- [Release notes](https://github.com/kjd/idna/releases)
- [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.md)
- [Commits](kjd/idna@v3.16...v3.17)

Updates `packaging` from 25.0 to 26.2
- [Release notes](https://github.com/pypa/packaging/releases)
- [Changelog](https://github.com/pypa/packaging/blob/main/CHANGELOG.rst)
- [Commits](pypa/packaging@25.0...26.2)

Updates `parsimonious` from 0.10.0 to 0.11.0
- [Commits](https://github.com/erikrose/parsimonious/commits)

Updates `pydantic-core` from 2.46.4 to 2.47.0
- [Release notes](https://github.com/pydantic/pydantic/releases)
- [Changelog](https://github.com/pydantic/pydantic/blob/main/HISTORY.md)
- [Commits](https://github.com/pydantic/pydantic/commits)

Updates `starlette` from 1.1.0 to 1.2.0
- [Release notes](https://github.com/Kludex/starlette/releases)
- [Changelog](https://github.com/Kludex/starlette/blob/main/docs/release-notes.md)
- [Commits](Kludex/starlette@1.1.0...1.2.0)

Updates `typer` from 0.26.2 to 0.26.3
- [Release notes](https://github.com/fastapi/typer/releases)
- [Changelog](https://github.com/fastapi/typer/blob/master/docs/release-notes.md)
- [Commits](fastapi/typer@0.26.2...0.26.3)

Updates `websockets` from 15.0.1 to 16.0
- [Release notes](https://github.com/python-websockets/websockets/releases)
- [Commits](python-websockets/websockets@15.0.1...16.0)

---
updated-dependencies:
- dependency-name: chardet
  dependency-version: 7.4.3
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: python-dependencies
- dependency-name: crewai
  dependency-version: 1.14.6
  dependency-type: direct:development
  dependency-group: python-dependencies
- dependency-name: cryptography
  dependency-version: 48.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: python-dependencies
- dependency-name: cyclonedx-bom
  dependency-version: 7.3.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: python-dependencies
- dependency-name: cyclonedx-python-lib
  dependency-version: 11.7.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: python-dependencies
- dependency-name: eth-keyfile
  dependency-version: 0.9.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-dependencies
- dependency-name: idna
  dependency-version: '3.17'
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-dependencies
- dependency-name: langchain-core
  dependency-version: 1.4.0
  dependency-type: direct:development
  dependency-group: python-dependencies
- dependency-name: mcp
  dependency-version: 1.27.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-dependencies
- dependency-name: packaging
  dependency-version: '26.2'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: python-dependencies
- dependency-name: parsimonious
  dependency-version: 0.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-dependencies
- dependency-name: pydantic-core
  dependency-version: 2.47.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-dependencies
- dependency-name: ruff
  dependency-version: 0.15.15
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-dependencies
- dependency-name: starlette
  dependency-version: 1.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-dependencies
- dependency-name: typer
  dependency-version: 0.26.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-dependencies
- dependency-name: websockets
  dependency-version: '16.0'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: python-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/pip/python-dependencies-2bb9c939db branch from 4d8414f to eff44f9 Compare May 30, 2026 08:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ascender1729 ascender1729 Awaiting requested review from ascender1729 ascender1729 is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants