mirror/MediaManager
1
0
Fork 0
mirror of https://github.com/maxdorninger/MediaManager.git synced 2026-06-11 00:55:16 -04:00
Code Issues Packages Projects Releases Wiki Activity
1,190 Commits 64 Branches 26 Tags
fix-c90-errors
Commit Graph

1190 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Maximilian Dorninger
ebb6cb790a add C90 linting rule 2026-05-07 16:16:50 +02:00
Maximilian Dorninger
25cd4b0724 Refactor tv and movies (#526) 
This PR refactors the movie and tv modules and adds a "common" module
for shared logic.

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Dedicated import and metadata services for movies and TV;
completed-torrent detection and import flows.

* **Refactor**
* Shared media schemas, models, repository logic and base services
consolidated; movie/TV services and routes now delegate to specialised
import/metadata services.

* **Bug Fixes**
  * Fixed TV episode-count method name.

* **Chores**
  * Added .DS_Store to ignore list; added module comment.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
 2026-05-07 14:18:29 +02:00
Maximilian Dorninger
fcdb9bbe87 Add workflow for automatically uploading config files to releases (#524) 
This PR adds a workflow for automatically uploading config files to
releases. This prevents the maintainers forgetting uploading the files
and thus breaking the install guide.

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Chores**
* Automated distribution of configuration files is now enabled for all
releases.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
 2026-05-01 17:49:59 +02:00
dependabot[bot]
246bfe8b2b Bump ty from 0.0.28 to 0.0.33 (#503) 
Bumps [ty](https://github.com/astral-sh/ty) from 0.0.28 to 0.0.33.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/astral-sh/ty/releases">ty's
releases</a>.</em></p>
<blockquote>
<h2>0.0.33</h2>
<h2>Release Notes</h2>
<p>Released on 2026-04-28.</p>
<h3>Notable changes</h3>
<ul>
<li>
<p>ty now prefers the declared type of an annotated assignment in more
situations (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24802">#24802</a>).
Consider this example:</p>
<pre lang="py"><code>from some_library import untyped_function
<p>threshold: int | None = 0
result: str = untyped_function()
</code></pre></p>
<p>ty previously favored the <em>inferred</em> type of the right hand
side expression when <code>threshold</code> and <code>result</code> were
used. This is useful for <code>threshold</code>, as it allows something
like <code>threshold += 1</code> to work without an error: we know that
<code>threshold</code> could later become <code>None</code>, but
<em>right now</em>, we see that it is an <code>int</code>. However, for
<code>result</code>, the inferred type is <code>Unknown</code>. This is
<em>not</em> a useful type and it can lead to false negatives. Starting
with this release, ty will therefore prefer
the declared type <em>if the inferred and declared types are mutually
assignable</em>. In the above example, <code>threshold</code> will still
be inferred as <code>int</code> (or rather <code>Literal[1]</code>), but
<code>result</code> will now be inferred as <code>str</code>. If you
previously added <code>cast</code>s to work around this behavior, you
should be able to remove them after upgrading.</p>
</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>Fix reporting of annotation-only locals as unused (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24811">#24811</a>)</li>
<li>Fix project and workspace selection (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24824">#24824</a>)</li>
<li>Fix go-to definition for generic classes (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24714">#24714</a>)</li>
<li>Fix receiver coloring for aliased decorators (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24884">#24884</a>)</li>
</ul>
<h3>LSP server</h3>
<ul>
<li>Add support for go-to definition in literal enum member inlay hints
(<a
href="https://redirect.github.com/astral-sh/ruff/pull/24792">#24792</a>)</li>
<li>Add support for &quot;baking&quot; keyword argument inlay hints into
the source code (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24667">#24667</a>)</li>
<li>Don't allow inlay hint edits when introducing a non global scope
symbol (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24797">#24797</a>)</li>
<li>Omit semantic highlighting for unresolved symbols (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24718">#24718</a>)</li>
</ul>
<h3>Core type checking</h3>
<ul>
<li>Support narrowing with aliased conditional expressions (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24302">#24302</a>)</li>
<li>Model short-circuiting control flow in Boolean expressions (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24458">#24458</a>)</li>
<li>Handle <code>finally</code> blocks where all
<code>try</code>/<code>except</code> blocks are terminal (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24882">#24882</a>)</li>
<li>Detect invalid <code>ClassVar</code> vs instance-attribute overrides
(<a
href="https://redirect.github.com/astral-sh/ruff/pull/24767">#24767</a>)</li>
<li>Emit diagnostic for invalid uses of <code>Unpack[...]</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24868">#24868</a>)</li>
<li>Infer lambda parameter types with <code>Callable</code> type context
(<a
href="https://redirect.github.com/astral-sh/ruff/pull/24317">#24317</a>)</li>
<li>Support <code>**</code> unpacking of <code>TypedDict</code> in
dict-literal assignments (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24703">#24703</a>)</li>
<li>Support <code>Unpack[TypedDict]</code> in <code>**kwargs</code>
signatures (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24653">#24653</a>)</li>
<li>Treat <code>[*xs]</code> as an irrefutable pattern when matching on
<code>Sequence</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24787">#24787</a>)</li>
<li>Improve generics solving for unions in invariant positions (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24698">#24698</a>)</li>
<li>Improve generics solving for unions when matching against protocols
(<a
href="https://redirect.github.com/astral-sh/ruff/pull/24837">#24837</a>)</li>
</ul>
<h3>Diagnostics</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/astral-sh/ty/blob/main/CHANGELOG.md">ty's
changelog</a>.</em></p>
<blockquote>
<h2>0.0.33</h2>
<p>Released on 2026-04-28.</p>
<h3>Notable changes</h3>
<ul>
<li>
<p>ty now prefers the declared type of an annotated assignment in more
situations (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24802">#24802</a>).
Consider this example:</p>
<pre lang="py"><code>from some_library import untyped_function
<p>threshold: int | None = 0
result: str = untyped_function()
</code></pre></p>
<p>ty previously favored the <em>inferred</em> type of the right hand
side expression when <code>threshold</code> and <code>result</code> were
used. This is useful for <code>threshold</code>, as it allows something
like <code>threshold += 1</code> to work without an error: we know that
<code>threshold</code> could later become <code>None</code>, but
<em>right now</em>, we see that it is an <code>int</code>. However, for
<code>result</code>, the inferred type is <code>Unknown</code>. This is
<em>not</em> a useful type and it can lead to false negatives. Starting
with this release, ty will therefore prefer
the declared type <em>if the inferred and declared types are mutually
assignable</em>. In the above example, <code>threshold</code> will still
be inferred as <code>int</code> (or rather <code>Literal[1]</code>), but
<code>result</code> will now be inferred as <code>str</code>. If you
previously added <code>cast</code>s to work around this behavior, you
should be able to remove them after upgrading.</p>
</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>Fix reporting of annotation-only locals as unused (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24811">#24811</a>)</li>
<li>Fix project and workspace selection (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24824">#24824</a>)</li>
<li>Fix go-to definition for generic classes (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24714">#24714</a>)</li>
<li>Fix receiver coloring for aliased decorators (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24884">#24884</a>)</li>
</ul>
<h3>LSP server</h3>
<ul>
<li>Add support for go-to definition in literal enum member inlay hints
(<a
href="https://redirect.github.com/astral-sh/ruff/pull/24792">#24792</a>)</li>
<li>Add support for &quot;baking&quot; keyword argument inlay hints into
the source code (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24667">#24667</a>)</li>
<li>Don't allow inlay hint edits when introducing a non global scope
symbol (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24797">#24797</a>)</li>
<li>Omit semantic highlighting for unresolved symbols (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24718">#24718</a>)</li>
</ul>
<h3>Core type checking</h3>
<ul>
<li>Support narrowing with aliased conditional expressions (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24302">#24302</a>)</li>
<li>Model short-circuiting control flow in Boolean expressions (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24458">#24458</a>)</li>
<li>Handle <code>finally</code> blocks where all
<code>try</code>/<code>except</code> blocks are terminal (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24882">#24882</a>)</li>
<li>Detect invalid <code>ClassVar</code> vs instance-attribute overrides
(<a
href="https://redirect.github.com/astral-sh/ruff/pull/24767">#24767</a>)</li>
<li>Emit diagnostic for invalid uses of <code>Unpack[...]</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24868">#24868</a>)</li>
<li>Infer lambda parameter types with <code>Callable</code> type context
(<a
href="https://redirect.github.com/astral-sh/ruff/pull/24317">#24317</a>)</li>
<li>Support <code>**</code> unpacking of <code>TypedDict</code> in
dict-literal assignments (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24703">#24703</a>)</li>
<li>Support <code>Unpack[TypedDict]</code> in <code>**kwargs</code>
signatures (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24653">#24653</a>)</li>
<li>Treat <code>[*xs]</code> as an irrefutable pattern when matching on
<code>Sequence</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24787">#24787</a>)</li>
<li>Improve generics solving for unions in invariant positions (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24698">#24698</a>)</li>
<li>Improve generics solving for unions when matching against protocols
(<a
href="https://redirect.github.com/astral-sh/ruff/pull/24837">#24837</a>)</li>
</ul>
<h3>Diagnostics</h3>
<ul>
<li>Add error context to <code>invalid-return-type</code> diagnostics,
<code>invalid-yield</code> diagnostics, attribute assignment diagnostics
(<a
href="https://redirect.github.com/astral-sh/ruff/pull/24770">#24770</a>,
<a
href="https://redirect.github.com/astral-sh/ruff/pull/24771">#24771</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c512d84254"><code>c512d84</code></a>
Bump version to 0.0.33 (<a
href="https://redirect.github.com/astral-sh/ty/issues/3368">#3368</a>)</li>
<li><a
href="4cd7b334b9"><code>4cd7b33</code></a>
Upgrade Depot runners from macOS 14 to 15 (<a
href="https://redirect.github.com/astral-sh/ty/issues/3363">#3363</a>)</li>
<li><a
href="c78b832451"><code>c78b832</code></a>
Update rui314/setup-mold digest to 9c9c13b (<a
href="https://redirect.github.com/astral-sh/ty/issues/3342">#3342</a>)</li>
<li><a
href="dea338134a"><code>dea3381</code></a>
Update actions/cache action to v5.0.5 (<a
href="https://redirect.github.com/astral-sh/ty/issues/3343">#3343</a>)</li>
<li><a
href="d451af477b"><code>d451af4</code></a>
update typing-features and faqs (<a
href="https://redirect.github.com/astral-sh/ty/issues/3335">#3335</a>)</li>
<li><a
href="052d70bc1a"><code>052d70b</code></a>
Update prek dependencies (<a
href="https://redirect.github.com/astral-sh/ty/issues/3344">#3344</a>)</li>
<li><a
href="66b5e87816"><code>66b5e87</code></a>
Update astral-sh/setup-uv action to v8.1.0 (<a
href="https://redirect.github.com/astral-sh/ty/issues/3345">#3345</a>)</li>
<li><a
href="7ec6712a6f"><code>7ec6712</code></a>
Add a 'Diagnostics improvements' section to the changelogs (<a
href="https://redirect.github.com/astral-sh/ty/issues/3309">#3309</a>)</li>
<li><a
href="978dfdb38d"><code>978dfdb</code></a>
Add version metadata publishing to the release process (<a
href="https://redirect.github.com/astral-sh/ty/issues/3292">#3292</a>)</li>
<li><a
href="4d1e1fc57c"><code>4d1e1fc</code></a>
Bump version to 0.0.32 (<a
href="https://redirect.github.com/astral-sh/ty/issues/3302">#3302</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/astral-sh/ty/compare/0.0.28...0.0.33">compare
view</a></li>
</ul>
</details>
<br />


> **Note**
> Automatic rebases have been disabled on this pull request as it has
been open for over 30 days.

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-01 17:40:28 +02:00
dependabot[bot]
cca3b6a4f3 Bump uvicorn from 0.43.0 to 0.46.0 (#500) 
Bumps [uvicorn](https://github.com/Kludex/uvicorn) from 0.43.0 to
0.46.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/Kludex/uvicorn/releases">uvicorn's
releases</a>.</em></p>
<blockquote>
<h2>Version 0.46.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Support <code>ws_max_size</code> in <code>wsproto</code>
implementation by <a
href="https://github.com/Kludex"><code>@​Kludex</code></a> in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2915">Kludex/uvicorn#2915</a></li>
<li>Support <code>ws_ping_interval</code> and
<code>ws_ping_timeout</code> in <code>wsproto</code> implementation by
<a href="https://github.com/Kludex"><code>@​Kludex</code></a> in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2916">Kludex/uvicorn#2916</a></li>
<li>Use <code>bytearray</code> for incoming WebSocket message buffer in
websockets-sansio by <a
href="https://github.com/Kludex"><code>@​Kludex</code></a> in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2917">Kludex/uvicorn#2917</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Kludex/uvicorn/compare/0.45.0...0.46.0">https://github.com/Kludex/uvicorn/compare/0.45.0...0.46.0</a></p>
<h2>Version 0.45.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Preserve forwarded client ports in proxy headers middleware by <a
href="https://github.com/Kludex"><code>@​Kludex</code></a> in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2903">Kludex/uvicorn#2903</a></li>
<li>Accept <code>os.PathLike</code> for <code>log_config</code> by <a
href="https://github.com/Kludex"><code>@​Kludex</code></a> in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2905">Kludex/uvicorn#2905</a></li>
<li>Accept <code>log_level</code> strings case-insensitively by <a
href="https://github.com/Kludex"><code>@​Kludex</code></a> in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2907">Kludex/uvicorn#2907</a></li>
<li>Raise helpful <code>ImportError</code> when PyYAML is missing for
YAML log config by <a
href="https://github.com/Kludex"><code>@​Kludex</code></a> in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2906">Kludex/uvicorn#2906</a></li>
<li>Revert empty context for ASGI runs by <a
href="https://github.com/Kludex"><code>@​Kludex</code></a> in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2911">Kludex/uvicorn#2911</a></li>
<li>Add <code>--reset-contextvars</code> flag to isolate ASGI request
context by <a href="https://github.com/Kludex"><code>@​Kludex</code></a>
in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2912">Kludex/uvicorn#2912</a></li>
<li>Revert &quot;Emit <code>http.disconnect</code> on server shutdown
for streaming responses&quot; (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2829">#2829</a>)
by <a href="https://github.com/Kludex"><code>@​Kludex</code></a> in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2913">Kludex/uvicorn#2913</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/Krishnachaitanyakc"><code>@​Krishnachaitanyakc</code></a>
made their first contribution in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2870">Kludex/uvicorn#2870</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Kludex/uvicorn/compare/0.44.0...0.45.0">https://github.com/Kludex/uvicorn/compare/0.44.0...0.45.0</a></p>
<h2>Version 0.44.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Implement websocket keepalive pings for websockets-sansio by <a
href="https://github.com/Kludex"><code>@​Kludex</code></a> in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2888">Kludex/uvicorn#2888</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Kludex/uvicorn/compare/0.43.0...0.44.0">https://github.com/Kludex/uvicorn/compare/0.43.0...0.44.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/Kludex/uvicorn/blob/main/docs/release-notes.md">uvicorn's
changelog</a>.</em></p>
<blockquote>
<h2>0.46.0 (April 23, 2026)</h2>
<h3>Added</h3>
<ul>
<li>Support <code>ws_max_size</code> in <code>wsproto</code>
implementation (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2915">#2915</a>)</li>
<li>Support <code>ws_ping_interval</code> and
<code>ws_ping_timeout</code> in <code>wsproto</code> implementation (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2916">#2916</a>)</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Use <code>bytearray</code> for incoming WebSocket message buffer in
<code>websockets-sansio</code> (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2917">#2917</a>)</li>
</ul>
<h2>0.45.0 (April 21, 2026)</h2>
<h3>Added</h3>
<ul>
<li>Add <code>--reset-contextvars</code> flag to isolate ASGI request
context (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2912">#2912</a>)</li>
<li>Accept <code>os.PathLike</code> for <code>log_config</code> (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2905">#2905</a>)</li>
<li>Accept <code>log_level</code> strings case-insensitively (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2907">#2907</a>)</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Revert &quot;Emit <code>http.disconnect</code> on server shutdown
for streaming responses&quot; (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2913">#2913</a>)</li>
<li>Revert &quot;Explicitly start ASGI run with empty context&quot; (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2911">#2911</a>)</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Preserve forwarded client ports in proxy headers middleware (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2903">#2903</a>)</li>
<li>Raise helpful <code>ImportError</code> when PyYAML is missing for
YAML log config (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2906">#2906</a>)</li>
</ul>
<h2>0.44.0 (April 6, 2026)</h2>
<h3>Added</h3>
<ul>
<li>Implement websocket keepalive pings for websockets-sansio (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2888">#2888</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b224045f59"><code>b224045</code></a>
Version 0.46.0 (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2918">#2918</a>)</li>
<li><a
href="7375b5bf66"><code>7375b5b</code></a>
Use <code>bytearray</code> for incoming WebSocket message buffer in
websockets-sansio (#...</li>
<li><a
href="d438fb16fe"><code>d438fb1</code></a>
Support <code>ws_ping_interval</code> and <code>ws_ping_timeout</code>
in <code>wsproto</code> implementation ...</li>
<li><a
href="3e6b964466"><code>3e6b964</code></a>
Support <code>ws_max_size</code> in <code>wsproto</code> implementation
(<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2915">#2915</a>)</li>
<li><a
href="2c423bd82b"><code>2c423bd</code></a>
Version 0.45.0 (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2914">#2914</a>)</li>
<li><a
href="7f027f8e25"><code>7f027f8</code></a>
Revert &quot;Emit <code>http.disconnect</code> on server shutdown for
streaming responses&quot; (#...</li>
<li><a
href="73a80c3cc8"><code>73a80c3</code></a>
Add <code>--reset-contextvars</code> flag to isolate ASGI request
context (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2912">#2912</a>)</li>
<li><a
href="45c0b568d3"><code>45c0b56</code></a>
Revert empty context for ASGI runs (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2911">#2911</a>)</li>
<li><a
href="850d92656d"><code>850d926</code></a>
Raise helpful <code>ImportError</code> when PyYAML is missing for YAML
log config (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2906">#2906</a>)</li>
<li><a
href="fdcacb4b83"><code>fdcacb4</code></a>
Accept <code>log_level</code> strings case-insensitively (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2907">#2907</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/Kludex/uvicorn/compare/0.43.0...0.46.0">compare
view</a></li>
</ul>
</details>
<br />

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-01 17:40:19 +02:00
dependabot[bot]
2aaabc74da Bump svelte from 5.53.6 to 5.55.5 in /web (#480) 
Bumps
[svelte](https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte)
from 5.53.6 to 5.55.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sveltejs/svelte/releases">svelte's
releases</a>.</em></p>
<blockquote>
<h2>svelte@5.55.5</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p>fix: don't mark deriveds while an effect is updating (<a
href="https://redirect.github.com/sveltejs/svelte/pull/18124">#18124</a>)</p>
</li>
<li>
<p>fix: do not dispatch introstart event with animation of animate
directive (<a
href="https://redirect.github.com/sveltejs/svelte/pull/18122">#18122</a>)</p>
</li>
</ul>
<h2>svelte@5.55.4</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p>fix: never mark a child effect root as inert (<a
href="https://redirect.github.com/sveltejs/svelte/pull/18111">#18111</a>)</p>
</li>
<li>
<p>fix: reset context after waiting on blockers of <code>@const</code>
expressions (<a
href="https://redirect.github.com/sveltejs/svelte/pull/18100">#18100</a>)</p>
</li>
<li>
<p>fix: keep flushing new eager effects (<a
href="https://redirect.github.com/sveltejs/svelte/pull/18102">#18102</a>)</p>
</li>
</ul>
<h2>svelte@5.55.3</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p>fix: ensure proper HMR updates for dynamic components (<a
href="https://redirect.github.com/sveltejs/svelte/pull/18079">#18079</a>)</p>
</li>
<li>
<p>fix: correctly calculate <code>@const</code> blockers (<a
href="https://redirect.github.com/sveltejs/svelte/pull/18039">#18039</a>)</p>
</li>
<li>
<p>fix: freeze deriveds once their containing effects are destroyed (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17921">#17921</a>)</p>
</li>
<li>
<p>fix: defer error boundary rendering in forks (<a
href="https://redirect.github.com/sveltejs/svelte/pull/18076">#18076</a>)</p>
</li>
<li>
<p>fix: avoid false positives for reactivity loss warning (<a
href="https://redirect.github.com/sveltejs/svelte/pull/18088">#18088</a>)</p>
</li>
</ul>
<h2>svelte@5.55.2</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p>fix: invalidate <code>@const</code> tags based on visible references
in legacy mode (<a
href="https://redirect.github.com/sveltejs/svelte/pull/18041">#18041</a>)</p>
</li>
<li>
<p>fix: handle parens in template expressions more robustly (<a
href="https://redirect.github.com/sveltejs/svelte/pull/18075">#18075</a>)</p>
</li>
<li>
<p>fix: disallow <code>--</code> in <code>idPrefix</code> (<a
href="https://redirect.github.com/sveltejs/svelte/pull/18038">#18038</a>)</p>
</li>
<li>
<p>fix: correct types for <code>ontoggle</code> on
<code>&lt;details&gt;</code> elements (<a
href="https://redirect.github.com/sveltejs/svelte/pull/18063">#18063</a>)</p>
</li>
<li>
<p>fix: don't override <code>$destroy/set/on</code> instance methods in
dev mode (<a
href="https://redirect.github.com/sveltejs/svelte/pull/18034">#18034</a>)</p>
</li>
<li>
<p>fix: unskip branches of earlier batches after commit (<a
href="https://redirect.github.com/sveltejs/svelte/pull/18048">#18048</a>)</p>
</li>
<li>
<p>fix: never set derived.v inside fork (<a
href="https://redirect.github.com/sveltejs/svelte/pull/18037">#18037</a>)</p>
</li>
<li>
<p>fix: skip rebase logic in non-async mode (<a
href="https://redirect.github.com/sveltejs/svelte/pull/18040">#18040</a>)</p>
</li>
<li>
<p>fix: don't reset status of uninitialized deriveds (<a
href="https://redirect.github.com/sveltejs/svelte/pull/18054">#18054</a>)</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/sveltejs/svelte/blob/main/packages/svelte/CHANGELOG.md">svelte's
changelog</a>.</em></p>
<blockquote>
<h2>5.55.5</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p>fix: don't mark deriveds while an effect is updating (<a
href="https://redirect.github.com/sveltejs/svelte/pull/18124">#18124</a>)</p>
</li>
<li>
<p>fix: do not dispatch introstart event with animation of animate
directive (<a
href="https://redirect.github.com/sveltejs/svelte/pull/18122">#18122</a>)</p>
</li>
</ul>
<h2>5.55.4</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p>fix: never mark a child effect root as inert (<a
href="https://redirect.github.com/sveltejs/svelte/pull/18111">#18111</a>)</p>
</li>
<li>
<p>fix: reset context after waiting on blockers of <code>@const</code>
expressions (<a
href="https://redirect.github.com/sveltejs/svelte/pull/18100">#18100</a>)</p>
</li>
<li>
<p>fix: keep flushing new eager effects (<a
href="https://redirect.github.com/sveltejs/svelte/pull/18102">#18102</a>)</p>
</li>
</ul>
<h2>5.55.3</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p>fix: ensure proper HMR updates for dynamic components (<a
href="https://redirect.github.com/sveltejs/svelte/pull/18079">#18079</a>)</p>
</li>
<li>
<p>fix: correctly calculate <code>@const</code> blockers (<a
href="https://redirect.github.com/sveltejs/svelte/pull/18039">#18039</a>)</p>
</li>
<li>
<p>fix: freeze deriveds once their containing effects are destroyed (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17921">#17921</a>)</p>
</li>
<li>
<p>fix: defer error boundary rendering in forks (<a
href="https://redirect.github.com/sveltejs/svelte/pull/18076">#18076</a>)</p>
</li>
<li>
<p>fix: avoid false positives for reactivity loss warning (<a
href="https://redirect.github.com/sveltejs/svelte/pull/18088">#18088</a>)</p>
</li>
</ul>
<h2>5.55.2</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p>fix: invalidate <code>@const</code> tags based on visible references
in legacy mode (<a
href="https://redirect.github.com/sveltejs/svelte/pull/18041">#18041</a>)</p>
</li>
<li>
<p>fix: handle parens in template expressions more robustly (<a
href="https://redirect.github.com/sveltejs/svelte/pull/18075">#18075</a>)</p>
</li>
<li>
<p>fix: disallow <code>--</code> in <code>idPrefix</code> (<a
href="https://redirect.github.com/sveltejs/svelte/pull/18038">#18038</a>)</p>
</li>
<li>
<p>fix: correct types for <code>ontoggle</code> on
<code>&lt;details&gt;</code> elements (<a
href="https://redirect.github.com/sveltejs/svelte/pull/18063">#18063</a>)</p>
</li>
<li>
<p>fix: don't override <code>$destroy/set/on</code> instance methods in
dev mode (<a
href="https://redirect.github.com/sveltejs/svelte/pull/18034">#18034</a>)</p>
</li>
<li>
<p>fix: unskip branches of earlier batches after commit (<a
href="https://redirect.github.com/sveltejs/svelte/pull/18048">#18048</a>)</p>
</li>
<li>
<p>fix: never set derived.v inside fork (<a
href="https://redirect.github.com/sveltejs/svelte/pull/18037">#18037</a>)</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b771df3464"><code>b771df3</code></a>
Version Packages (<a
href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18125">#18125</a>)</li>
<li><a
href="8e7319063a"><code>8e73190</code></a>
fix: don't mark deriveds while an effect is updating (<a
href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18124">#18124</a>)</li>
<li><a
href="51736e576d"><code>51736e5</code></a>
fix: do not dispatch transition event with animation (<a
href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18122">#18122</a>)</li>
<li><a
href="7fddfbdbbd"><code>7fddfbd</code></a>
Version Packages (<a
href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18105">#18105</a>)</li>
<li><a
href="671fc2ea11"><code>671fc2e</code></a>
fix: never mark a child effect root as inert (<a
href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18111">#18111</a>)</li>
<li><a
href="0ed8c282f9"><code>0ed8c28</code></a>
fix: reset context after waiting on blockers of <code>@const</code>
expressions (<a
href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18100">#18100</a>)</li>
<li><a
href="273f1a85a4"><code>273f1a8</code></a>
fix: keep flushing new eager effects (<a
href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18102">#18102</a>)</li>
<li><a
href="4a50e8ea3b"><code>4a50e8e</code></a>
Version Packages (<a
href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18085">#18085</a>)</li>
<li><a
href="15588f5fbf"><code>15588f5</code></a>
fix: avoid false positives for reactivity loss warning (<a
href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18088">#18088</a>)</li>
<li><a
href="0e9e76f292"><code>0e9e76f</code></a>
fix: freeze deriveds once their containing effects are destroyed (<a
href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17921">#17921</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/sveltejs/svelte/commits/svelte@5.55.5/packages/svelte">compare
view</a></li>
</ul>
</details>
<br />

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-01 17:28:10 +02:00
dependabot[bot]
b7f2a74746 Bump docker/login-action from 3 to 4 (#478) 
Bumps [docker/login-action](https://github.com/docker/login-action) from
3 to 4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/login-action/releases">docker/login-action's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.0</h2>
<ul>
<li>Node 24 as default runtime (requires <a
href="https://github.com/actions/runner/releases/tag/v2.327.1">Actions
Runner v2.327.1</a> or later) by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/login-action/pull/929">docker/login-action#929</a></li>
<li>Switch to ESM and update config/test wiring by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/login-action/pull/927">docker/login-action#927</a></li>
<li>Bump <code>@​actions/core</code> from 1.11.1 to 3.0.0 in <a
href="https://redirect.github.com/docker/login-action/pull/919">docker/login-action#919</a></li>
<li>Bump <code>@​aws-sdk/client-ecr</code> from 3.890.0 to 3.1000.0 in
<a
href="https://redirect.github.com/docker/login-action/pull/909">docker/login-action#909</a>
<a
href="https://redirect.github.com/docker/login-action/pull/920">docker/login-action#920</a></li>
<li>Bump <code>@​aws-sdk/client-ecr-public</code> from 3.890.0 to
3.1000.0 in <a
href="https://redirect.github.com/docker/login-action/pull/909">docker/login-action#909</a>
<a
href="https://redirect.github.com/docker/login-action/pull/920">docker/login-action#920</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.63.0 to 0.77.0 in
<a
href="https://redirect.github.com/docker/login-action/pull/910">docker/login-action#910</a>
<a
href="https://redirect.github.com/docker/login-action/pull/928">docker/login-action#928</a></li>
<li>Bump <code>@​isaacs/brace-expansion</code> from 5.0.0 to 5.0.1 in <a
href="https://redirect.github.com/docker/login-action/pull/921">docker/login-action#921</a></li>
<li>Bump js-yaml from 4.1.0 to 4.1.1 in <a
href="https://redirect.github.com/docker/login-action/pull/901">docker/login-action#901</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/login-action/compare/v3.7.0...v4.0.0">https://github.com/docker/login-action/compare/v3.7.0...v4.0.0</a></p>
<h2>v3.7.0</h2>
<ul>
<li>Add <code>scope</code> input to set scopes for the authentication
token by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/login-action/pull/912">docker/login-action#912</a></li>
<li>Add support for AWS European Sovereign Cloud ECR by <a
href="https://github.com/dphi"><code>@​dphi</code></a> in <a
href="https://redirect.github.com/docker/login-action/pull/914">docker/login-action#914</a></li>
<li>Ensure passwords are redacted with <code>registry-auth</code> input
by <a href="https://github.com/crazy-max"><code>@​crazy-max</code></a>
in <a
href="https://redirect.github.com/docker/login-action/pull/911">docker/login-action#911</a></li>
<li>build(deps): bump lodash from 4.17.21 to 4.17.23 in <a
href="https://redirect.github.com/docker/login-action/pull/915">docker/login-action#915</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/login-action/compare/v3.6.0...v3.7.0">https://github.com/docker/login-action/compare/v3.6.0...v3.7.0</a></p>
<h2>v3.6.0</h2>
<ul>
<li>Add <code>registry-auth</code> input for raw authentication to
registries by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/login-action/pull/887">docker/login-action#887</a></li>
<li>Bump <code>@​aws-sdk/client-ecr</code> to 3.890.0 in <a
href="https://redirect.github.com/docker/login-action/pull/882">docker/login-action#882</a>
<a
href="https://redirect.github.com/docker/login-action/pull/890">docker/login-action#890</a></li>
<li>Bump <code>@​aws-sdk/client-ecr-public</code> to 3.890.0 in <a
href="https://redirect.github.com/docker/login-action/pull/882">docker/login-action#882</a>
<a
href="https://redirect.github.com/docker/login-action/pull/890">docker/login-action#890</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.62.1 to 0.63.0 in
<a
href="https://redirect.github.com/docker/login-action/pull/883">docker/login-action#883</a></li>
<li>Bump brace-expansion from 1.1.11 to 1.1.12 in <a
href="https://redirect.github.com/docker/login-action/pull/880">docker/login-action#880</a></li>
<li>Bump undici from 5.28.4 to 5.29.0 in <a
href="https://redirect.github.com/docker/login-action/pull/879">docker/login-action#879</a></li>
<li>Bump tmp from 0.2.3 to 0.2.4 in <a
href="https://redirect.github.com/docker/login-action/pull/881">docker/login-action#881</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/login-action/compare/v3.5.0...v3.6.0">https://github.com/docker/login-action/compare/v3.5.0...v3.6.0</a></p>
<h2>v3.5.0</h2>
<ul>
<li>Support dual-stack endpoints for AWS ECR by <a
href="https://github.com/Spacefish"><code>@​Spacefish</code></a> <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/login-action/pull/874">docker/login-action#874</a>
<a
href="https://redirect.github.com/docker/login-action/pull/876">docker/login-action#876</a></li>
<li>Bump <code>@​aws-sdk/client-ecr</code> to 3.859.0 in <a
href="https://redirect.github.com/docker/login-action/pull/860">docker/login-action#860</a>
<a
href="https://redirect.github.com/docker/login-action/pull/878">docker/login-action#878</a></li>
<li>Bump <code>@​aws-sdk/client-ecr-public</code> to 3.859.0 in <a
href="https://redirect.github.com/docker/login-action/pull/860">docker/login-action#860</a>
<a
href="https://redirect.github.com/docker/login-action/pull/878">docker/login-action#878</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.57.0 to 0.62.1 in
<a
href="https://redirect.github.com/docker/login-action/pull/870">docker/login-action#870</a></li>
<li>Bump form-data from 2.5.1 to 2.5.5 in <a
href="https://redirect.github.com/docker/login-action/pull/875">docker/login-action#875</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/login-action/compare/v3.4.0...v3.5.0">https://github.com/docker/login-action/compare/v3.4.0...v3.5.0</a></p>
<h2>v3.4.0</h2>
<ul>
<li>Bump <code>@​actions/core</code> from 1.10.1 to 1.11.1 in <a
href="https://redirect.github.com/docker/login-action/pull/791">docker/login-action#791</a></li>
<li>Bump <code>@​aws-sdk/client-ecr</code> to 3.766.0 in <a
href="https://redirect.github.com/docker/login-action/pull/789">docker/login-action#789</a>
<a
href="https://redirect.github.com/docker/login-action/pull/856">docker/login-action#856</a></li>
<li>Bump <code>@​aws-sdk/client-ecr-public</code> to 3.758.0 in <a
href="https://redirect.github.com/docker/login-action/pull/789">docker/login-action#789</a>
<a
href="https://redirect.github.com/docker/login-action/pull/856">docker/login-action#856</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.35.0 to 0.57.0 in
<a
href="https://redirect.github.com/docker/login-action/pull/801">docker/login-action#801</a>
<a
href="https://redirect.github.com/docker/login-action/pull/806">docker/login-action#806</a>
<a
href="https://redirect.github.com/docker/login-action/pull/858">docker/login-action#858</a></li>
<li>Bump cross-spawn from 7.0.3 to 7.0.6 in <a
href="https://redirect.github.com/docker/login-action/pull/814">docker/login-action#814</a></li>
<li>Bump https-proxy-agent from 7.0.5 to 7.0.6 in <a
href="https://redirect.github.com/docker/login-action/pull/823">docker/login-action#823</a></li>
<li>Bump path-to-regexp from 6.2.2 to 6.3.0 in <a
href="https://redirect.github.com/docker/login-action/pull/777">docker/login-action#777</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/login-action/compare/v3.3.0...v3.4.0">https://github.com/docker/login-action/compare/v3.3.0...v3.4.0</a></p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b45d80f862"><code>b45d80f</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/929">#929</a>
from crazy-max/node24</li>
<li><a
href="176cb9c12a"><code>176cb9c</code></a>
node 24 as default runtime</li>
<li><a
href="cad8984310"><code>cad8984</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/920">#920</a>
from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...</li>
<li><a
href="92cbcb231e"><code>92cbcb2</code></a>
chore: update generated content</li>
<li><a
href="5a2d6a71bd"><code>5a2d6a7</code></a>
build(deps): bump the aws-sdk-dependencies group with 2 updates</li>
<li><a
href="44512b6b2e"><code>44512b6</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/928">#928</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="28737a5e46"><code>28737a5</code></a>
chore: update generated content</li>
<li><a
href="dac079354a"><code>dac0793</code></a>
build(deps): bump <code>@​docker/actions-toolkit</code> from 0.76.0 to
0.77.0</li>
<li><a
href="62029f315d"><code>62029f3</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/919">#919</a>
from docker/dependabot/npm_and_yarn/actions/core-3.0.0</li>
<li><a
href="08c8f064bf"><code>08c8f06</code></a>
chore: update generated content</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/login-action/compare/v3...v4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/login-action&package-manager=github_actions&previous-version=3&new-version=4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

You can trigger a rebase of this PR by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

> **Note**
> Automatic rebases have been disabled on this pull request as it has
been open for over 30 days.

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-01 17:24:27 +02:00
dependabot[bot]
86b7a1e1bd Bump docker/metadata-action from 5 to 6 (#493) 
Bumps
[docker/metadata-action](https://github.com/docker/metadata-action) from
5 to 6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/metadata-action/releases">docker/metadata-action's
releases</a>.</em></p>
<blockquote>
<h2>v6.0.0</h2>
<ul>
<li>Node 24 as default runtime (requires <a
href="https://github.com/actions/runner/releases/tag/v2.327.1">Actions
Runner v2.327.1</a> or later) by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/metadata-action/pull/605">docker/metadata-action#605</a></li>
<li>List inputs now preserve <code>#</code> inside values while still
supporting full-line <code>#</code> comments by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/metadata-action/pull/607">docker/metadata-action#607</a></li>
<li>Switch to ESM and update config/test wiring by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/metadata-action/pull/602">docker/metadata-action#602</a></li>
<li>Bump lodash from 4.17.21 to 4.17.23 in <a
href="https://redirect.github.com/docker/metadata-action/pull/588">docker/metadata-action#588</a></li>
<li>Bump <code>@​actions/core</code> from 1.11.1 to 3.0.0 in <a
href="https://redirect.github.com/docker/metadata-action/pull/599">docker/metadata-action#599</a></li>
<li>Bump <code>@​actions/github</code> from 6.0.1 to 9.0.0 in <a
href="https://redirect.github.com/docker/metadata-action/pull/597">docker/metadata-action#597</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.68.0 to 0.79.0 in
<a
href="https://redirect.github.com/docker/metadata-action/pull/604">docker/metadata-action#604</a></li>
<li>Bump <code>@​isaacs/brace-expansion</code> from 5.0.0 to 5.0.1 in <a
href="https://redirect.github.com/docker/metadata-action/pull/600">docker/metadata-action#600</a></li>
<li>Bump semver from 7.7.3 to 7.7.4 in <a
href="https://redirect.github.com/docker/metadata-action/pull/603">docker/metadata-action#603</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/metadata-action/compare/v5.10.0...v6.0.0">https://github.com/docker/metadata-action/compare/v5.10.0...v6.0.0</a></p>
<h2>v5.10.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.66.0 to 0.68.0 in
<a
href="https://redirect.github.com/docker/metadata-action/pull/559">docker/metadata-action#559</a>
<a
href="https://redirect.github.com/docker/metadata-action/pull/569">docker/metadata-action#569</a></li>
<li>Bump js-yaml from 3.14.1 to 3.14.2 in <a
href="https://redirect.github.com/docker/metadata-action/pull/564">docker/metadata-action#564</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/metadata-action/compare/v5.9.0...v5.10.0">https://github.com/docker/metadata-action/compare/v5.9.0...v5.10.0</a></p>
<h2>v5.9.0</h2>
<ul>
<li>Add <code>tag-names</code> output to return tag names without image
base name by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/metadata-action/pull/553">docker/metadata-action#553</a></li>
<li>Bump <code>@​babel/runtime-corejs3</code> from 7.14.7 to 7.28.2 in
<a
href="https://redirect.github.com/docker/metadata-action/pull/539">docker/metadata-action#539</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.62.1 to 0.66.0 in
<a
href="https://redirect.github.com/docker/metadata-action/pull/555">docker/metadata-action#555</a></li>
<li>Bump brace-expansion from 1.1.11 to 1.1.12 in <a
href="https://redirect.github.com/docker/metadata-action/pull/540">docker/metadata-action#540</a></li>
<li>Bump csv-parse from 5.6.0 to 6.1.0 in <a
href="https://redirect.github.com/docker/metadata-action/pull/532">docker/metadata-action#532</a></li>
<li>Bump semver from 7.7.2 to 7.7.3 in in <a
href="https://redirect.github.com/docker/metadata-action/pull/554">docker/metadata-action#554</a></li>
<li>Bump tmp from 0.2.3 to 0.2.5 in <a
href="https://redirect.github.com/docker/metadata-action/pull/541">docker/metadata-action#541</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/metadata-action/compare/v5.8.0...v5.9.0">https://github.com/docker/metadata-action/compare/v5.8.0...v5.9.0</a></p>
<h2>v5.8.0</h2>
<ul>
<li>New <code>is_not_default_branch</code> global expression by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/metadata-action/pull/535">docker/metadata-action#535</a></li>
<li>Allow to match part of the git tag or value for semver/pep440 types
by <a href="https://github.com/crazy-max"><code>@​crazy-max</code></a>
in <a
href="https://redirect.github.com/docker/metadata-action/pull/536">docker/metadata-action#536</a>
<a
href="https://redirect.github.com/docker/metadata-action/pull/537">docker/metadata-action#537</a></li>
<li>Bump <code>@​actions/github</code> from 6.0.0 to 6.0.1 in <a
href="https://redirect.github.com/docker/metadata-action/pull/523">docker/metadata-action#523</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.56.0 to 0.62.1 in
<a
href="https://redirect.github.com/docker/metadata-action/pull/526">docker/metadata-action#526</a></li>
<li>Bump form-data from 2.5.1 to 2.5.5 in <a
href="https://redirect.github.com/docker/metadata-action/pull/533">docker/metadata-action#533</a></li>
<li>Bump moment-timezone from 0.5.47 to 0.6.0 in <a
href="https://redirect.github.com/docker/metadata-action/pull/525">docker/metadata-action#525</a></li>
<li>Bump semver from 7.7.1 to 7.7.2 in <a
href="https://redirect.github.com/docker/metadata-action/pull/524">docker/metadata-action#524</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/metadata-action/compare/v5.7.0...v5.8.0">https://github.com/docker/metadata-action/compare/v5.7.0...v5.8.0</a></p>
<h2>v5.7.0</h2>
<ul>
<li>Global expressions support for labels and annotations by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/metadata-action/pull/489">docker/metadata-action#489</a></li>
<li>Support disabling outputs as environment variables by <a
href="https://github.com/omus"><code>@​omus</code></a> in <a
href="https://redirect.github.com/docker/metadata-action/pull/497">docker/metadata-action#497</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.44.0 to 0.56.0 in
<a
href="https://redirect.github.com/docker/metadata-action/pull/507">docker/metadata-action#507</a>
<a
href="https://redirect.github.com/docker/metadata-action/pull/509">docker/metadata-action#509</a></li>
<li>Bump csv-parse from 5.5.6 to 5.6.0 in <a
href="https://redirect.github.com/docker/metadata-action/pull/482">docker/metadata-action#482</a></li>
<li>Bump moment-timezone from 0.5.46 to 0.5.47 in <a
href="https://redirect.github.com/docker/metadata-action/pull/501">docker/metadata-action#501</a></li>
<li>Bump semver from 7.6.3 to 7.7.1 in <a
href="https://redirect.github.com/docker/metadata-action/pull/504">docker/metadata-action#504</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/metadata-action/compare/v5.6.1...v5.7.0">https://github.com/docker/metadata-action/compare/v5.6.1...v5.7.0</a></p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="030e881283"><code>030e881</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/metadata-action/issues/607">#607</a>
from crazy-max/allow-comments</li>
<li><a
href="4b529ac4e5"><code>4b529ac</code></a>
chore: update generated content</li>
<li><a
href="b0082b33bc"><code>b0082b3</code></a>
preserve comments in list input values with commentNoInfix</li>
<li><a
href="7b19fec715"><code>7b19fec</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/metadata-action/issues/604">#604</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="281c9b0599"><code>281c9b0</code></a>
chore: update generated content</li>
<li><a
href="5f43b3b4f4"><code>5f43b3b</code></a>
test: stabilize github mock setup since ESM</li>
<li><a
href="9d53276575"><code>9d53276</code></a>
github class moved since actions-toolkit v0.77.0</li>
<li><a
href="eaa3d3973e"><code>eaa3d39</code></a>
chore(deps): Bump <code>@​docker/actions-toolkit</code> from 0.68.0 to
0.77.0</li>
<li><a
href="6b695f7a8a"><code>6b695f7</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/metadata-action/issues/605">#605</a>
from crazy-max/node24</li>
<li><a
href="a1afadcb28"><code>a1afadc</code></a>
node 24 as default runtime</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/metadata-action/compare/v5...v6">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/metadata-action&package-manager=github_actions&previous-version=5&new-version=6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

You can trigger a rebase of this PR by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

> **Note**
> Automatic rebases have been disabled on this pull request as it has
been open for over 30 days.

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-01 17:24:12 +02:00
dependabot[bot]
24047855f9 Bump docker/build-push-action from 6 to 7 (#491) 
Bumps
[docker/build-push-action](https://github.com/docker/build-push-action)
from 6 to 7.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/build-push-action/releases">docker/build-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v7.0.0</h2>
<ul>
<li>Node 24 as default runtime (requires <a
href="https://github.com/actions/runner/releases/tag/v2.327.1">Actions
Runner v2.327.1</a> or later) by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1470">docker/build-push-action#1470</a></li>
<li>Remove deprecated <code>DOCKER_BUILD_NO_SUMMARY</code> and
<code>DOCKER_BUILD_EXPORT_RETENTION_DAYS</code> envs by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1473">docker/build-push-action#1473</a></li>
<li>Remove legacy export-build tool support for build summary by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1474">docker/build-push-action#1474</a></li>
<li>Switch to ESM and update config/test wiring by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1466">docker/build-push-action#1466</a></li>
<li>Bump <code>@​actions/core</code> from 1.11.1 to 3.0.0 in <a
href="https://redirect.github.com/docker/build-push-action/pull/1454">docker/build-push-action#1454</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.62.1 to 0.79.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1453">docker/build-push-action#1453</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/1472">docker/build-push-action#1472</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/1479">docker/build-push-action#1479</a></li>
<li>Bump minimatch from 3.1.2 to 3.1.5 in <a
href="https://redirect.github.com/docker/build-push-action/pull/1463">docker/build-push-action#1463</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v6.19.2...v7.0.0">https://github.com/docker/build-push-action/compare/v6.19.2...v7.0.0</a></p>
<h2>v6.19.2</h2>
<ul>
<li>Preserve port in <code>GIT_AUTH_TOKEN</code> host by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1458">docker/build-push-action#1458</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v6.19.1...v6.19.2">https://github.com/docker/build-push-action/compare/v6.19.1...v6.19.2</a></p>
<h2>v6.19.1</h2>
<ul>
<li>Derive <code>GIT_AUTH_TOKEN</code> host from GitHub server URL by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1456">docker/build-push-action#1456</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v6.19.0...v6.19.1">https://github.com/docker/build-push-action/compare/v6.19.0...v6.19.1</a></p>
<h2>v6.19.0</h2>
<ul>
<li>Scope default git auth token to <code>github.com</code> by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1451">docker/build-push-action#1451</a></li>
<li>Bump brace-expansion from 1.1.11 to 1.1.12 in <a
href="https://redirect.github.com/docker/build-push-action/pull/1396">docker/build-push-action#1396</a></li>
<li>Bump form-data from 2.5.1 to 2.5.5 in <a
href="https://redirect.github.com/docker/build-push-action/pull/1391">docker/build-push-action#1391</a></li>
<li>Bump js-yaml from 3.14.1 to 3.14.2 in <a
href="https://redirect.github.com/docker/build-push-action/pull/1429">docker/build-push-action#1429</a></li>
<li>Bump lodash from 4.17.21 to 4.17.23 in <a
href="https://redirect.github.com/docker/build-push-action/pull/1446">docker/build-push-action#1446</a></li>
<li>Bump tmp from 0.2.3 to 0.2.4 in <a
href="https://redirect.github.com/docker/build-push-action/pull/1398">docker/build-push-action#1398</a></li>
<li>Bump undici from 5.28.4 to 5.29.0 in <a
href="https://redirect.github.com/docker/build-push-action/pull/1397">docker/build-push-action#1397</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v6.18.0...v6.19.0">https://github.com/docker/build-push-action/compare/v6.18.0...v6.19.0</a></p>
<h2>v6.18.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.61.0 to 0.62.1 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1381">docker/build-push-action#1381</a></li>
</ul>
<blockquote>
<p>[!NOTE]
<a
href="https://docs.docker.com/build/ci/github-actions/build-summary/">Build
summary</a> is now supported with <a
href="https://docs.docker.com/build-cloud/">Docker Build Cloud</a>.</p>
</blockquote>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v6.17.0...v6.18.0">https://github.com/docker/build-push-action/compare/v6.17.0...v6.18.0</a></p>
<h2>v6.17.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.59.0 to 0.61.0 by
<a href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1364">docker/build-push-action#1364</a></li>
</ul>
<blockquote>
<p>[!NOTE]
Build record is now exported using the <a
href="https://docs.docker.com/reference/cli/docker/buildx/history/export/"><code>buildx
history export</code></a> command instead of the legacy export-build
tool.</p>
</blockquote>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v6.16.0...v6.17.0">https://github.com/docker/build-push-action/compare/v6.16.0...v6.17.0</a></p>
<h2>v6.16.0</h2>
<ul>
<li>Handle no default attestations env var by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1343">docker/build-push-action#1343</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="d08e5c354a"><code>d08e5c3</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1479">#1479</a>
from docker/dependabot/npm_and_yarn/docker/actions-t...</li>
<li><a
href="cbd2dff9a0"><code>cbd2dff</code></a>
chore: update generated content</li>
<li><a
href="f76f51f129"><code>f76f51f</code></a>
chore(deps): Bump <code>@​docker/actions-toolkit</code> from 0.78.0 to
0.79.0</li>
<li><a
href="7d03e66b5f"><code>7d03e66</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1473">#1473</a>
from crazy-max/rm-deprecated-envs</li>
<li><a
href="98f853d923"><code>98f853d</code></a>
chore: update generated content</li>
<li><a
href="cadccf6e8c"><code>cadccf6</code></a>
remove deprecated envs</li>
<li><a
href="03fe8775e3"><code>03fe877</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1478">#1478</a>
from docker/dependabot/github_actions/docker/setup-b...</li>
<li><a
href="827e36650e"><code>827e366</code></a>
chore(deps): Bump docker/setup-buildx-action from 3 to 4</li>
<li><a
href="e25db879d0"><code>e25db87</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1474">#1474</a>
from crazy-max/rm-export-build-tool</li>
<li><a
href="1ac2573b5c"><code>1ac2573</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1470">#1470</a>
from crazy-max/node24</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/build-push-action/compare/v6...v7">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/build-push-action&package-manager=github_actions&previous-version=6&new-version=7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

You can trigger a rebase of this PR by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

> **Note**
> Automatic rebases have been disabled on this pull request as it has
been open for over 30 days.

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-01 17:23:51 +02:00
dependabot[bot]
cb13917737 Bump docker/setup-buildx-action from 3 to 4 (#492) 
Bumps
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action)
from 3 to 4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.0</h2>
<ul>
<li>Node 24 as default runtime (requires <a
href="https://github.com/actions/runner/releases/tag/v2.327.1">Actions
Runner v2.327.1</a> or later) by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/483">docker/setup-buildx-action#483</a></li>
<li>Remove deprecated inputs/outputs by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/464">docker/setup-buildx-action#464</a></li>
<li>Switch to ESM and update config/test wiring by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/481">docker/setup-buildx-action#481</a></li>
<li>Bump <code>@​actions/core</code> from 1.11.1 to 3.0.0 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/475">docker/setup-buildx-action#475</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.63.0 to 0.79.0 in
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/482">docker/setup-buildx-action#482</a>
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/485">docker/setup-buildx-action#485</a></li>
<li>Bump js-yaml from 4.1.0 to 4.1.1 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/452">docker/setup-buildx-action#452</a></li>
<li>Bump lodash from 4.17.21 to 4.17.23 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/472">docker/setup-buildx-action#472</a></li>
<li>Bump minimatch from 3.1.2 to 3.1.5 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/480">docker/setup-buildx-action#480</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v3.12.0...v4.0.0">https://github.com/docker/setup-buildx-action/compare/v3.12.0...v4.0.0</a></p>
<h2>v3.12.0</h2>
<ul>
<li>Deprecate <code>install</code> input by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/455">docker/setup-buildx-action#455</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.62.1 to 0.63.0 in
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/434">docker/setup-buildx-action#434</a></li>
<li>Bump brace-expansion from 1.1.11 to 1.1.12 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/436">docker/setup-buildx-action#436</a></li>
<li>Bump form-data from 2.5.1 to 2.5.5 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/432">docker/setup-buildx-action#432</a></li>
<li>Bump undici from 5.28.4 to 5.29.0 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/435">docker/setup-buildx-action#435</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v3.11.1...v3.12.0">https://github.com/docker/setup-buildx-action/compare/v3.11.1...v3.12.0</a></p>
<h2>v3.11.1</h2>
<ul>
<li>Fix <code>keep-state</code> not being respected by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/429">docker/setup-buildx-action#429</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v3.11.0...v3.11.1">https://github.com/docker/setup-buildx-action/compare/v3.11.0...v3.11.1</a></p>
<h2>v3.11.0</h2>
<ul>
<li>Keep BuildKit state support by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/427">docker/setup-buildx-action#427</a></li>
<li>Remove aliases created when installing by default by <a
href="https://github.com/hashhar"><code>@​hashhar</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/139">docker/setup-buildx-action#139</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.56.0 to 0.62.1 in
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/422">docker/setup-buildx-action#422</a>
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/425">docker/setup-buildx-action#425</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v3.10.0...v3.11.0">https://github.com/docker/setup-buildx-action/compare/v3.10.0...v3.11.0</a></p>
<h2>v3.10.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.54.0 to 0.56.0 in
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/408">docker/setup-buildx-action#408</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v3.9.0...v3.10.0">https://github.com/docker/setup-buildx-action/compare/v3.9.0...v3.10.0</a></p>
<h2>v3.9.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.48.0 to 0.54.0 in
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/402">docker/setup-buildx-action#402</a>
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/404">docker/setup-buildx-action#404</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v3.8.0...v3.9.0">https://github.com/docker/setup-buildx-action/compare/v3.8.0...v3.9.0</a></p>
<h2>v3.8.0</h2>
<ul>
<li>Make cloud prefix optional to download buildx if driver is cloud by
<a href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/390">docker/setup-buildx-action#390</a></li>
<li>Bump <code>@​actions/core</code> from 1.10.1 to 1.11.1 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/370">docker/setup-buildx-action#370</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.39.0 to 0.48.0 in
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/389">docker/setup-buildx-action#389</a></li>
<li>Bump cross-spawn from 7.0.3 to 7.0.6 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/382">docker/setup-buildx-action#382</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v3.7.1...v3.8.0">https://github.com/docker/setup-buildx-action/compare/v3.7.1...v3.8.0</a></p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4d04d5d948"><code>4d04d5d</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/485">#485</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="cd74e05d9b"><code>cd74e05</code></a>
chore: update generated content</li>
<li><a
href="eee38ec7b3"><code>eee38ec</code></a>
build(deps): bump <code>@​docker/actions-toolkit</code> from 0.77.0 to
0.79.0</li>
<li><a
href="7a83f65b5a"><code>7a83f65</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/484">#484</a>
from docker/dependabot/github_actions/docker/setup-qe...</li>
<li><a
href="a5aa96747d"><code>a5aa967</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/464">#464</a>
from crazy-max/rm-deprecated</li>
<li><a
href="e73d53fa4e"><code>e73d53f</code></a>
build(deps): bump docker/setup-qemu-action from 3 to 4</li>
<li><a
href="28a438e9ed"><code>28a438e</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/483">#483</a>
from crazy-max/node24</li>
<li><a
href="034e9d37dd"><code>034e9d3</code></a>
chore: update generated content</li>
<li><a
href="b4664d8fd0"><code>b4664d8</code></a>
remove deprecated inputs/outputs</li>
<li><a
href="a8257dec35"><code>a8257de</code></a>
node 24 as default runtime</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/setup-buildx-action/compare/v3...v4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-buildx-action&package-manager=github_actions&previous-version=3&new-version=4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-01 17:23:27 +02:00
dependabot[bot]
9874390d16 Bump ruff from 0.15.9 to 0.15.12 (#502) 
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.15.9 to 0.15.12.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/astral-sh/ruff/releases">ruff's
releases</a>.</em></p>
<blockquote>
<h2>0.15.12</h2>
<h2>Release Notes</h2>
<p>Released on 2026-04-24.</p>
<h3>Preview features</h3>
<ul>
<li>Implement <code>#ruff:file-ignore</code> file-level suppressions (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23599">#23599</a>)</li>
<li>Implement <code>#ruff:ignore</code> logical-line suppressions (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23404">#23404</a>)</li>
<li>Revert preview changes to displayed diagnostic severity in LSP (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24789">#24789</a>)</li>
<li>[<code>airflow</code>] Implement
<code>task-branch-as-short-circuit</code> (<code>AIR004</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23579">#23579</a>)</li>
<li>[<code>flake8-bugbear</code>] Fix
<code>break</code>/<code>continue</code> handling in
<code>loop-iterator-mutation</code> (<code>B909</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24440">#24440</a>)</li>
<li>[<code>pylint</code>] Fix <code>PLC2701</code> for type parameter
scopes (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24576">#24576</a>)</li>
</ul>
<h3>Rule changes</h3>
<ul>
<li>[<code>pandas-vet</code>] Suggest <code>.array</code> as well in
<code>PD011</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24805">#24805</a>)</li>
</ul>
<h3>CLI</h3>
<ul>
<li>Respect default Unix permissions for cache files (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24794">#24794</a>)</li>
</ul>
<h3>Documentation</h3>
<ul>
<li>[<code>pylint</code>] Fix <code>PLR0124</code> description not to
claim self-comparison always returns the same value (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24749">#24749</a>)</li>
<li>[<code>pyupgrade</code>] Expand docs on reusable
<code>TypeVar</code>s and scoping (<code>UP046</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24153">#24153</a>)</li>
<li>Improve rules table accessibility (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24711">#24711</a>)</li>
</ul>
<h3>Contributors</h3>
<ul>
<li><a href="https://github.com/dylwil3"><code>@​dylwil3</code></a></li>
<li><a
href="https://github.com/AlexWaygood"><code>@​AlexWaygood</code></a></li>
<li><a
href="https://github.com/woodruffw"><code>@​woodruffw</code></a></li>
<li><a
href="https://github.com/avasis-ai"><code>@​avasis-ai</code></a></li>
<li><a href="https://github.com/Dev-iL"><code>@​Dev-iL</code></a></li>
<li><a
href="https://github.com/denyszhak"><code>@​denyszhak</code></a></li>
<li><a
href="https://github.com/ShipItAndPray"><code>@​ShipItAndPray</code></a></li>
<li><a
href="https://github.com/anishgirianish"><code>@​anishgirianish</code></a></li>
<li><a
href="https://github.com/augustelalande"><code>@​augustelalande</code></a></li>
<li><a
href="https://github.com/amyreese"><code>@​amyreese</code></a></li>
<li><a
href="https://github.com/majiayu000"><code>@​majiayu000</code></a></li>
</ul>
<h2>Install ruff 0.15.12</h2>
<h3>Install prebuilt binaries via shell script</h3>
<pre lang="sh"><code>curl --proto '=https' --tlsv1.2 -LsSf
https://releases.astral.sh/github/ruff/releases/download/0.15.12/ruff-installer.sh
| sh
</code></pre>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md">ruff's
changelog</a>.</em></p>
<blockquote>
<h2>0.15.12</h2>
<p>Released on 2026-04-24.</p>
<h3>Preview features</h3>
<ul>
<li>Implement <code>#ruff:file-ignore</code> file-level suppressions (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23599">#23599</a>)</li>
<li>Implement <code>#ruff:ignore</code> logical-line suppressions (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23404">#23404</a>)</li>
<li>Revert preview changes to displayed diagnostic severity in LSP (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24789">#24789</a>)</li>
<li>[<code>airflow</code>] Implement
<code>task-branch-as-short-circuit</code> (<code>AIR004</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23579">#23579</a>)</li>
<li>[<code>flake8-bugbear</code>] Fix
<code>break</code>/<code>continue</code> handling in
<code>loop-iterator-mutation</code> (<code>B909</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24440">#24440</a>)</li>
<li>[<code>pylint</code>] Fix <code>PLC2701</code> for type parameter
scopes (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24576">#24576</a>)</li>
</ul>
<h3>Rule changes</h3>
<ul>
<li>[<code>pandas-vet</code>] Suggest <code>.array</code> as well in
<code>PD011</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24805">#24805</a>)</li>
</ul>
<h3>CLI</h3>
<ul>
<li>Respect default Unix permissions for cache files (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24794">#24794</a>)</li>
</ul>
<h3>Documentation</h3>
<ul>
<li>[<code>pylint</code>] Fix <code>PLR0124</code> description not to
claim self-comparison always returns the same value (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24749">#24749</a>)</li>
<li>[<code>pyupgrade</code>] Expand docs on reusable
<code>TypeVar</code>s and scoping (<code>UP046</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24153">#24153</a>)</li>
<li>Improve rules table accessibility (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24711">#24711</a>)</li>
</ul>
<h3>Contributors</h3>
<ul>
<li><a href="https://github.com/dylwil3"><code>@​dylwil3</code></a></li>
<li><a
href="https://github.com/AlexWaygood"><code>@​AlexWaygood</code></a></li>
<li><a
href="https://github.com/woodruffw"><code>@​woodruffw</code></a></li>
<li><a
href="https://github.com/avasis-ai"><code>@​avasis-ai</code></a></li>
<li><a href="https://github.com/Dev-iL"><code>@​Dev-iL</code></a></li>
<li><a
href="https://github.com/denyszhak"><code>@​denyszhak</code></a></li>
<li><a
href="https://github.com/ShipItAndPray"><code>@​ShipItAndPray</code></a></li>
<li><a
href="https://github.com/anishgirianish"><code>@​anishgirianish</code></a></li>
<li><a
href="https://github.com/augustelalande"><code>@​augustelalande</code></a></li>
<li><a
href="https://github.com/amyreese"><code>@​amyreese</code></a></li>
<li><a
href="https://github.com/majiayu000"><code>@​majiayu000</code></a></li>
</ul>
<h2>0.15.11</h2>
<p>Released on 2026-04-16.</p>
<h3>Preview features</h3>
<ul>
<li>[<code>ruff</code>] Ignore <code>RUF029</code> when function is
decorated with <code>asynccontextmanager</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24642">#24642</a>)</li>
<li>[<code>airflow</code>] Implement
<code>airflow-xcom-pull-in-template-string</code> (<code>AIR201</code>)
(<a
href="https://redirect.github.com/astral-sh/ruff/pull/23583">#23583</a>)</li>
<li>[<code>flake8-bandit</code>] Fix <code>S103</code> false positives
and negatives in mask analysis (<a
href="https://redirect.github.com/astral-sh/ruff/pull/24424">#24424</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="66f93cf7ed"><code>66f93cf</code></a>
Bump 0.15.12 (<a
href="https://redirect.github.com/astral-sh/ruff/issues/24815">#24815</a>)</li>
<li><a
href="476a4d02e8"><code>476a4d0</code></a>
[ty] Complete support for more detailed diagnostics on possibly unbound
error...</li>
<li><a
href="ed669eab30"><code>ed669ea</code></a>
Implement <code>#ruff:file-ignore</code> file-level suppressions (<a
href="https://redirect.github.com/astral-sh/ruff/issues/23599">#23599</a>)</li>
<li><a
href="e73d952e43"><code>e73d952</code></a>
[ty] Include inferred type in <code>invalid-key</code> concise
diagnostic for union/inte...</li>
<li><a
href="80feb29b31"><code>80feb29</code></a>
[ty] report only dead annotation-only locals as unused (<a
href="https://redirect.github.com/astral-sh/ruff/issues/24811">#24811</a>)</li>
<li><a
href="0fbf2bc273"><code>0fbf2bc</code></a>
Drop deprecated license classifier (<a
href="https://redirect.github.com/astral-sh/ruff/issues/24808">#24808</a>)</li>
<li><a
href="43b174cc7f"><code>43b174c</code></a>
[ty] Infer lambda parameter types with <code>Callable</code> type
context (<a
href="https://redirect.github.com/astral-sh/ruff/issues/24317">#24317</a>)</li>
<li><a
href="4f449ae4a2"><code>4f449ae</code></a>
[ty] Add error context for intersection types (<a
href="https://redirect.github.com/astral-sh/ruff/issues/24772">#24772</a>)</li>
<li><a
href="5b4e753acb"><code>5b4e753</code></a>
[ty] Add support for goto in literal enum member inlay hint (<a
href="https://redirect.github.com/astral-sh/ruff/issues/24792">#24792</a>)</li>
<li><a
href="e7cc76275a"><code>e7cc762</code></a>
[ty] Add error context for TypedDict assignments (<a
href="https://redirect.github.com/astral-sh/ruff/issues/24790">#24790</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/astral-sh/ruff/compare/0.15.9...0.15.12">compare
view</a></li>
</ul>
</details>
<br />

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-01 17:22:38 +02:00
dependabot[bot]
861380af7b Bump the uv group across 1 directory with 2 updates (#523) 
Bumps the uv group with 2 updates in the /metadata_relay directory:
[python-dotenv](https://github.com/theskumar/python-dotenv) and
[python-multipart](https://github.com/Kludex/python-multipart).

Updates `python-dotenv` from 1.2.1 to 1.2.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/theskumar/python-dotenv/releases">python-dotenv's
releases</a>.</em></p>
<blockquote>
<h2>v1.2.2</h2>
<h3>Added</h3>
<ul>
<li>Support for Python 3.14, including the free-threaded (3.14t) build.
(#)</li>
</ul>
<h3>Changed</h3>
<ul>
<li>The <code>dotenv run</code> command now forwards flags directly to
the specified command by <a
href="https://github.com/bbc2"><code>@​bbc2</code></a> in <a
href="https://redirect.github.com/theskumar/python-dotenv/pull/607">theskumar/python-dotenv#607</a></li>
<li>Improved documentation clarity regarding override behavior and the
reference page.</li>
<li>Updated PyPy support to version 3.11.</li>
<li>Documentation for FIFO file support.</li>
<li>Support for Python 3.9.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Improved <code>set_key</code> and <code>unset_key</code> behavior
when interacting with symlinks by <a
href="https://github.com/bbc2"><code>@​bbc2</code></a> in <a
href="790c5c0299">#790c5</a></li>
<li>Corrected the license specifier and added missing Python 3.14
classifiers in package metadata by <a
href="https://github.com/JYOuyang"><code>@​JYOuyang</code></a> in <a
href="https://redirect.github.com/theskumar/python-dotenv/pull/590">theskumar/python-dotenv#590</a></li>
</ul>
<h3>Breaking Changes</h3>
<ul>
<li>
<p><code>dotenv.set_key</code> and <code>dotenv.unset_key</code> used to
follow symlinks in some
situations. This is no longer the case. For that behavior to be restored
in
all cases, <code>follow_symlinks=True</code> should be used.</p>
</li>
<li>
<p>In the CLI, <code>set</code> and <code>unset</code> used to follow
symlinks in some situations. This
is no longer the case.</p>
</li>
<li>
<p><code>dotenv.set_key</code>, <code>dotenv.unset_key</code> and the
CLI commands <code>set</code> and <code>unset</code>
used to reset the file mode of the modified .env file to
<code>0o600</code> in some
situations. This is no longer the case: The original mode of the file is
now
preserved. Is the file needed to be created or wasn't a regular file,
mode
<code>0o600</code> is used.</p>
</li>
</ul>
<h3>Misc</h3>
<ul>
<li>skip 000 permission tests for root user by <a
href="https://github.com/burnout-projects"><code>@​burnout-projects</code></a>
in <a
href="https://redirect.github.com/theskumar/python-dotenv/pull/561">theskumar/python-dotenv#561</a></li>
<li>Bump actions/checkout from 5 to 6 in the github-actions group by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/theskumar/python-dotenv/pull/593">theskumar/python-dotenv#593</a></li>
<li>Add Windows testing to CI by <a
href="https://github.com/bbc2"><code>@​bbc2</code></a> in <a
href="https://redirect.github.com/theskumar/python-dotenv/pull/604">theskumar/python-dotenv#604</a></li>
<li>Improve workflow efficiency with best practices by <a
href="https://github.com/theskumar"><code>@​theskumar</code></a> in <a
href="https://redirect.github.com/theskumar/python-dotenv/pull/609">theskumar/python-dotenv#609</a></li>
<li>Remove the use of <code>sh</code> in tests by <a
href="https://github.com/bbc2"><code>@​bbc2</code></a> in <a
href="https://redirect.github.com/theskumar/python-dotenv/pull/612">theskumar/python-dotenv#612</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/JYOuyang"><code>@​JYOuyang</code></a>
made their first contribution in <a
href="https://redirect.github.com/theskumar/python-dotenv/pull/590">theskumar/python-dotenv#590</a></li>
<li><a
href="https://github.com/burnout-projects"><code>@​burnout-projects</code></a>
made their first contribution in <a
href="https://redirect.github.com/theskumar/python-dotenv/pull/561">theskumar/python-dotenv#561</a></li>
<li><a
href="https://github.com/cpackham-atlnz"><code>@​cpackham-atlnz</code></a>
made their first contribution in <a
href="https://redirect.github.com/theskumar/python-dotenv/pull/597">theskumar/python-dotenv#597</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/theskumar/python-dotenv/compare/v1.2.1...v1.2.2">https://github.com/theskumar/python-dotenv/compare/v1.2.1...v1.2.2</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/theskumar/python-dotenv/blob/main/CHANGELOG.md">python-dotenv's
changelog</a>.</em></p>
<blockquote>
<h2>[1.2.2] - 2026-03-01</h2>
<h3>Added</h3>
<ul>
<li>Support for Python 3.14, including the free-threaded (3.14t) build.
(<a
href="https://redirect.github.com/theskumar/python-dotenv/issues/588">#588</a>)</li>
</ul>
<h3>Changed</h3>
<ul>
<li>The <code>dotenv run</code> command now forwards flags directly to
the specified command by [<a
href="https://github.com/bbc2"><code>@​bbc2</code></a>] in <a
href="https://redirect.github.com/theskumar/python-dotenv/issues/607">#607</a></li>
<li>Improved documentation clarity regarding override behavior and the
reference page.</li>
<li>Updated PyPy support to version 3.11.</li>
<li>Documentation for FIFO file support.</li>
<li>Dropped Support for Python 3.9.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Improved <code>set_key</code> and <code>unset_key</code> behavior
when interacting with symlinks by [<a
href="https://github.com/bbc2"><code>@​bbc2</code></a>] in
[790c5c0]</li>
<li>Corrected the license specifier and added missing Python 3.14
classifiers in package metadata by [<a
href="https://github.com/JYOuyang"><code>@​JYOuyang</code></a>] in <a
href="https://redirect.github.com/theskumar/python-dotenv/issues/590">#590</a></li>
</ul>
<h3>Breaking Changes</h3>
<ul>
<li>
<p><code>dotenv.set_key</code> and <code>dotenv.unset_key</code> used to
follow symlinks in some
situations. This is no longer the case. For that behavior to be restored
in
all cases, <code>follow_symlinks=True</code> should be used.</p>
</li>
<li>
<p>In the CLI, <code>set</code> and <code>unset</code> used to follow
symlinks in some situations. This
is no longer the case.</p>
</li>
<li>
<p><code>dotenv.set_key</code>, <code>dotenv.unset_key</code> and the
CLI commands <code>set</code> and <code>unset</code>
used to reset the file mode of the modified .env file to
<code>0o600</code> in some
situations. This is no longer the case: The original mode of the file is
now
preserved. Is the file needed to be created or wasn't a regular file,
mode
<code>0o600</code> is used.</p>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="36004e0e34"><code>36004e0</code></a>
Bump version: 1.2.1 → 1.2.2</li>
<li><a
href="eb202520e5"><code>eb20252</code></a>
docs: update changelog for v1.2.2</li>
<li><a
href="790c5c0299"><code>790c5c0</code></a>
Merge commit from fork</li>
<li><a
href="43340da220"><code>43340da</code></a>
Remove the use of <code>sh</code> in tests (<a
href="https://redirect.github.com/theskumar/python-dotenv/issues/612">#612</a>)</li>
<li><a
href="09d7cee324"><code>09d7cee</code></a>
docs: clarify override behavior and document FIFO support (<a
href="https://redirect.github.com/theskumar/python-dotenv/issues/610">#610</a>)</li>
<li><a
href="c8de2887c0"><code>c8de288</code></a>
ci: improve workflow efficiency with best practices (<a
href="https://redirect.github.com/theskumar/python-dotenv/issues/609">#609</a>)</li>
<li><a
href="7bd9e3dbfe"><code>7bd9e3d</code></a>
Add Windows testing to CI (<a
href="https://redirect.github.com/theskumar/python-dotenv/issues/604">#604</a>)</li>
<li><a
href="1baaf04f33"><code>1baaf04</code></a>
Drop Python 3.9 support and update to PyPy 3.11 (<a
href="https://redirect.github.com/theskumar/python-dotenv/issues/608">#608</a>)</li>
<li><a
href="4a22cf8993"><code>4a22cf8</code></a>
ci: enable testing on Python 3.14t (free-threaded) (<a
href="https://redirect.github.com/theskumar/python-dotenv/issues/588">#588</a>)</li>
<li><a
href="e2e8e776b4"><code>e2e8e77</code></a>
Fix license specifier (<a
href="https://redirect.github.com/theskumar/python-dotenv/issues/597">#597</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/theskumar/python-dotenv/compare/v1.2.1...v1.2.2">compare
view</a></li>
</ul>
</details>
<br />

Updates `python-multipart` from 0.0.22 to 0.0.26
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/Kludex/python-multipart/releases">python-multipart's
releases</a>.</em></p>
<blockquote>
<h2>Version 0.0.26</h2>
<h2>What's Changed</h2>
<ul>
<li>Skip preamble before first multipart boundary by <a
href="https://github.com/Kludex"><code>@​Kludex</code></a> in <a
href="https://redirect.github.com/Kludex/python-multipart/pull/262">Kludex/python-multipart#262</a></li>
<li>Silently discard epilogue data after the closing boundary by <a
href="https://github.com/Kludex"><code>@​Kludex</code></a> in <a
href="https://redirect.github.com/Kludex/python-multipart/pull/259">Kludex/python-multipart#259</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Kludex/python-multipart/compare/0.0.25...0.0.26">https://github.com/Kludex/python-multipart/compare/0.0.25...0.0.26</a></p>
<h2>Version 0.0.25</h2>
<h2>What's Changed</h2>
<ul>
<li>Apply Apache-2.0 properly by <a
href="https://github.com/Kludex"><code>@​Kludex</code></a> in <a
href="https://redirect.github.com/Kludex/python-multipart/pull/247">Kludex/python-multipart#247</a></li>
<li>Handle multipart headers case-insensitively by <a
href="https://github.com/Kludex"><code>@​Kludex</code></a> in <a
href="https://redirect.github.com/Kludex/python-multipart/pull/252">Kludex/python-multipart#252</a></li>
<li>Emit <code>field_end</code> for trailing bare field names on
finalize by <a
href="https://github.com/bysiber"><code>@​bysiber</code></a> in <a
href="https://redirect.github.com/Kludex/python-multipart/pull/230">Kludex/python-multipart#230</a></li>
<li>Add <code>UPLOAD_DELETE_TMP</code> to <code>FormParser</code> config
by <a href="https://github.com/Kludex"><code>@​Kludex</code></a> in <a
href="https://redirect.github.com/Kludex/python-multipart/pull/254">Kludex/python-multipart#254</a></li>
<li>Remove custom FormParser classes by <a
href="https://github.com/Kludex"><code>@​Kludex</code></a> in <a
href="https://redirect.github.com/Kludex/python-multipart/pull/257">Kludex/python-multipart#257</a></li>
<li>Handle CTE values case-insensitively by <a
href="https://github.com/Kludex"><code>@​Kludex</code></a> in <a
href="https://redirect.github.com/Kludex/python-multipart/pull/258">Kludex/python-multipart#258</a></li>
<li>Add MIME content type info to File by <a
href="https://github.com/jhnstrk"><code>@​jhnstrk</code></a> in <a
href="https://redirect.github.com/Kludex/python-multipart/pull/143">Kludex/python-multipart#143</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Kludex/python-multipart/compare/0.0.24...0.0.25">https://github.com/Kludex/python-multipart/compare/0.0.24...0.0.25</a></p>
<h2>Version 0.0.24</h2>
<h2>What's Changed</h2>
<ul>
<li>Validate <code>chunk_size</code> in <code>parse_form()</code> by <a
href="https://github.com/Kludex"><code>@​Kludex</code></a> in <a
href="https://redirect.github.com/Kludex/python-multipart/pull/244">Kludex/python-multipart#244</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Kludex/python-multipart/compare/0.0.23...0.0.24">https://github.com/Kludex/python-multipart/compare/0.0.23...0.0.24</a></p>
<h2>Version 0.0.23</h2>
<h2>What's Changed</h2>
<ul>
<li>Remove unused <code>trust_x_headers</code> parameter and
<code>X-File-Name</code> fallback by <a
href="https://github.com/jhnstrk"><code>@​jhnstrk</code></a> in <a
href="https://redirect.github.com/Kludex/python-multipart/pull/196">Kludex/python-multipart#196</a></li>
<li>Return processed length from
<code>QuerystringParser._internal_write</code> by <a
href="https://github.com/bysiber"><code>@​bysiber</code></a> in <a
href="https://redirect.github.com/Kludex/python-multipart/pull/229">Kludex/python-multipart#229</a></li>
<li>Cleanup metadata dunders from <code>__init__.py</code> by <a
href="https://github.com/Chesars"><code>@​Chesars</code></a> in <a
href="https://redirect.github.com/Kludex/python-multipart/pull/227">Kludex/python-multipart#227</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/Chesars"><code>@​Chesars</code></a> made
their first contribution in <a
href="https://redirect.github.com/Kludex/python-multipart/pull/227">Kludex/python-multipart#227</a></li>
<li><a href="https://github.com/bysiber"><code>@​bysiber</code></a> made
their first contribution in <a
href="https://redirect.github.com/Kludex/python-multipart/pull/229">Kludex/python-multipart#229</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Kludex/python-multipart/compare/0.0.22...0.0.23">https://github.com/Kludex/python-multipart/compare/0.0.22...0.0.23</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/Kludex/python-multipart/blob/main/CHANGELOG.md">python-multipart's
changelog</a>.</em></p>
<blockquote>
<h2>0.0.26 (2026-04-10)</h2>
<ul>
<li>Skip preamble before the first multipart boundary more efficiently
<a
href="https://redirect.github.com/Kludex/python-multipart/pull/262">#262</a>.</li>
<li>Silently discard epilogue data after the closing multipart boundary
<a
href="https://redirect.github.com/Kludex/python-multipart/pull/259">#259</a>.</li>
</ul>
<h2>0.0.25 (2026-04-10)</h2>
<ul>
<li>Add MIME content type info to <code>File</code> <a
href="https://redirect.github.com/Kludex/python-multipart/pull/143">#143</a>.</li>
<li>Handle CTE values case-insensitively <a
href="https://redirect.github.com/Kludex/python-multipart/pull/258">#258</a>.</li>
<li>Remove custom <code>FormParser</code> classes <a
href="https://redirect.github.com/Kludex/python-multipart/pull/257">#257</a>.</li>
<li>Add <code>UPLOAD_DELETE_TMP</code> to <code>FormParser</code> config
<a
href="https://redirect.github.com/Kludex/python-multipart/pull/254">#254</a>.</li>
<li>Emit <code>field_end</code> for trailing bare field names on
finalize <a
href="https://redirect.github.com/Kludex/python-multipart/pull/230">#230</a>.</li>
<li>Handle multipart headers case-insensitively <a
href="https://redirect.github.com/Kludex/python-multipart/pull/252">#252</a>.</li>
<li>Apply Apache-2.0 properly <a
href="https://redirect.github.com/Kludex/python-multipart/pull/247">#247</a>.</li>
</ul>
<h2>0.0.24 (2026-04-05)</h2>
<ul>
<li>Validate <code>chunk_size</code> in <code>parse_form()</code> <a
href="https://redirect.github.com/Kludex/python-multipart/pull/244">#244</a>.</li>
</ul>
<h2>0.0.23 (2026-04-05)</h2>
<ul>
<li>Remove unused <code>trust_x_headers</code> parameter and
<code>X-File-Name</code> fallback <a
href="https://redirect.github.com/Kludex/python-multipart/pull/196">#196</a>.</li>
<li>Return processed length from
<code>QuerystringParser._internal_write</code> <a
href="https://redirect.github.com/Kludex/python-multipart/pull/229">#229</a>.</li>
<li>Cleanup metadata dunders from <code>__init__.py</code> <a
href="https://redirect.github.com/Kludex/python-multipart/pull/227">#227</a>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="28f47859b4"><code>28f4785</code></a>
Version 0.0.26 (<a
href="https://redirect.github.com/Kludex/python-multipart/issues/263">#263</a>)</li>
<li><a
href="d4452a78bb"><code>d4452a7</code></a>
Silently discard epilogue data after the closing boundary (<a
href="https://redirect.github.com/Kludex/python-multipart/issues/259">#259</a>)</li>
<li><a
href="6a7b76dd26"><code>6a7b76d</code></a>
Skip preamble before first multipart boundary (<a
href="https://redirect.github.com/Kludex/python-multipart/issues/262">#262</a>)</li>
<li><a
href="4addb60350"><code>4addb60</code></a>
Version 0.0.25 (<a
href="https://redirect.github.com/Kludex/python-multipart/issues/261">#261</a>)</li>
<li><a
href="d3a4698e0d"><code>d3a4698</code></a>
Add MIME content type info to File (<a
href="https://redirect.github.com/Kludex/python-multipart/issues/143">#143</a>)</li>
<li><a
href="9a1ecbd074"><code>9a1ecbd</code></a>
Handle CTE values case-insensitively (<a
href="https://redirect.github.com/Kludex/python-multipart/issues/258">#258</a>)</li>
<li><a
href="ef2a0b94f9"><code>ef2a0b9</code></a>
Remove custom FormParser classes (<a
href="https://redirect.github.com/Kludex/python-multipart/issues/257">#257</a>)</li>
<li><a
href="3a757d7cf2"><code>3a757d7</code></a>
Ignore local Claude state (<a
href="https://redirect.github.com/Kludex/python-multipart/issues/255">#255</a>)</li>
<li><a
href="55e739617d"><code>55e7396</code></a>
fuzz: Add cifuzz (<a
href="https://redirect.github.com/Kludex/python-multipart/issues/186">#186</a>)</li>
<li><a
href="d6d1d111e7"><code>d6d1d11</code></a>
Bump the github-actions group with 2 updates (<a
href="https://redirect.github.com/Kludex/python-multipart/issues/249">#249</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/Kludex/python-multipart/compare/0.0.22...0.0.26">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/maxdorninger/MediaManager/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-01 17:20:59 +02:00
dependabot[bot]
b024c78fa9 Bump @lucide/svelte from 0.482.0 to 0.577.0 in /web (#479) 
Bumps
[@lucide/svelte](https://github.com/lucide-icons/lucide/tree/HEAD/packages/svelte)
from 0.482.0 to 0.577.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/lucide-icons/lucide/releases"><code>@​lucide/svelte</code>'s
releases</a>.</em></p>
<blockquote>
<h2>Version 0.577.0</h2>
<h2>What's Changed</h2>
<ul>
<li>chore(deps): bump rollup from 4.53.3 to 4.59.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/4106">lucide-icons/lucide#4106</a></li>
<li>fix(repo): correctly ignore docs/releaseMetadata via .gitignore by
<a href="https://github.com/bhavberi"><code>@​bhavberi</code></a> in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/4100">lucide-icons/lucide#4100</a></li>
<li>feat(icons): added <code>ellipse</code> icon by <a
href="https://github.com/KISHORE-KUMAR-S"><code>@​KISHORE-KUMAR-S</code></a>
in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/3749">lucide-icons/lucide#3749</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/bhavberi"><code>@​bhavberi</code></a>
made their first contribution in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/4100">lucide-icons/lucide#4100</a></li>
<li><a
href="https://github.com/KISHORE-KUMAR-S"><code>@​KISHORE-KUMAR-S</code></a>
made their first contribution in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/3749">lucide-icons/lucide#3749</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/lucide-icons/lucide/compare/0.576.0...0.577.0">https://github.com/lucide-icons/lucide/compare/0.576.0...0.577.0</a></p>
<h2>Version 0.576.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Added zodiac signs by <a
href="https://github.com/karsa-mistmere"><code>@​karsa-mistmere</code></a>
in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/712">lucide-icons/lucide#712</a></li>
<li>fix(icons): fixes guideline violations in <code>package-*</code>
icons. by <a
href="https://github.com/karsa-mistmere"><code>@​karsa-mistmere</code></a>
in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/4074">lucide-icons/lucide#4074</a></li>
<li>fix(icons): changed <code>receipt</code> icon by <a
href="https://github.com/karsa-mistmere"><code>@​karsa-mistmere</code></a>
in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/4075">lucide-icons/lucide#4075</a></li>
<li>fix(icons): updated <code>cuboid</code> icon tags and categories by
<a
href="https://github.com/karsa-mistmere"><code>@​karsa-mistmere</code></a>
in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/4095">lucide-icons/lucide#4095</a></li>
<li>fix(icons): changed <code>cuboid</code> icon by <a
href="https://github.com/jamiemlaw"><code>@​jamiemlaw</code></a> in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/4098">lucide-icons/lucide#4098</a></li>
<li>fix(lucide-font, lucide-static): Fixing stable code points by <a
href="https://github.com/ericfennis"><code>@​ericfennis</code></a> in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/3894">lucide-icons/lucide#3894</a></li>
<li>feat(icons): added <code>fishing-rod</code> icon by <a
href="https://github.com/7ender"><code>@​7ender</code></a> in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/3839">lucide-icons/lucide#3839</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/lucide-icons/lucide/compare/0.575.0...0.576.0">https://github.com/lucide-icons/lucide/compare/0.575.0...0.576.0</a></p>
<h2>Version 0.575.0</h2>
<h2>What's Changed</h2>
<ul>
<li>feat(icons): added <code>message-square-check</code> icon by <a
href="https://github.com/karsa-mistmere"><code>@​karsa-mistmere</code></a>
in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/4076">lucide-icons/lucide#4076</a></li>
<li>fix(lucide): Fix ESM Module output path in build by <a
href="https://github.com/ericfennis"><code>@​ericfennis</code></a> in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/4084">lucide-icons/lucide#4084</a></li>
<li>feat(icons): added <code>metronome</code> icon by <a
href="https://github.com/edwloef"><code>@​edwloef</code></a> in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/4063">lucide-icons/lucide#4063</a></li>
<li>fix(icons): remove execution permission of SVG files by <a
href="https://github.com/duckafire"><code>@​duckafire</code></a> in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/4053">lucide-icons/lucide#4053</a></li>
<li>fix(icons): changed <code>file-pen-line</code> icon by <a
href="https://github.com/jguddas"><code>@​jguddas</code></a> in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/3970">lucide-icons/lucide#3970</a></li>
<li>feat(icons): added <code>square-arrow-right-exit</code> and
<code>square-arrow-right-enter</code> icons by <a
href="https://github.com/EthanHazel"><code>@​EthanHazel</code></a> in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/3958">lucide-icons/lucide#3958</a></li>
<li>fix(icons): renamed <code>flip-*</code> to
<code>square-centerline-dashed-*</code> by <a
href="https://github.com/jguddas"><code>@​jguddas</code></a> in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/3945">lucide-icons/lucide#3945</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/edwloef"><code>@​edwloef</code></a> made
their first contribution in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/4063">lucide-icons/lucide#4063</a></li>
<li><a href="https://github.com/duckafire"><code>@​duckafire</code></a>
made their first contribution in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/4053">lucide-icons/lucide#4053</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/lucide-icons/lucide/compare/0.573.0...0.575.0">https://github.com/lucide-icons/lucide/compare/0.573.0...0.575.0</a></p>
<h2>Version 0.574.0</h2>
<h2>What's Changed</h2>
<ul>
<li>fix(icons): changed <code>rocking-chair</code> icon by <a
href="https://github.com/jamiemlaw"><code>@​jamiemlaw</code></a> in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/3445">lucide-icons/lucide#3445</a></li>
<li>fix(icons): flipped <code>coins</code> icon by <a
href="https://github.com/jguddas"><code>@​jguddas</code></a> in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/3158">lucide-icons/lucide#3158</a></li>
<li>feat(icons): added <code>x-line-top</code> icon by <a
href="https://github.com/jguddas"><code>@​jguddas</code></a> in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/2838">lucide-icons/lucide#2838</a></li>
<li>feat(icons): added <code>mouse-left</code> icon by <a
href="https://github.com/marvfash"><code>@​marvfash</code></a> in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/2788">lucide-icons/lucide#2788</a></li>
<li>feat(icons): added <code>mouse-right</code> icon by <a
href="https://github.com/marvfash"><code>@​marvfash</code></a> in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/2787">lucide-icons/lucide#2787</a></li>
</ul>
<h2>New Contributors</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="cbaaf4e21e"><code>cbaaf4e</code></a>
fix(<code>@​lucide/svelte</code>): Fix build in (<a
href="https://github.com/lucide-icons/lucide/tree/HEAD/packages/svelte/issues/4026">#4026</a>)</li>
<li><a
href="67c0485457"><code>67c0485</code></a>
feat(scripts): added helper script to automatically update
OpenCollective bac...</li>
<li><a
href="b6ed43d48c"><code>b6ed43d</code></a>
feat(packages): Added aria-hidden fallback for decorative icons to all
packag...</li>
<li><a
href="076e0bbcd9"><code>076e0bb</code></a>
chore(dependencies): Update dependencies (<a
href="https://github.com/lucide-icons/lucide/tree/HEAD/packages/svelte/issues/3809">#3809</a>)</li>
<li><a
href="673e76831d"><code>673e768</code></a>
fix: add extensions to imports (<a
href="https://github.com/lucide-icons/lucide/tree/HEAD/packages/svelte/issues/2950">#2950</a>)</li>
<li><a
href="3e644fda2d"><code>3e644fd</code></a>
chore(scripts): Refactor scripts to typescript (<a
href="https://github.com/lucide-icons/lucide/tree/HEAD/packages/svelte/issues/3316">#3316</a>)</li>
<li><a
href="239bbd9a9a"><code>239bbd9</code></a>
build(deps-dev): bump vite from 6.0.7 to 6.1.6 (<a
href="https://github.com/lucide-icons/lucide/tree/HEAD/packages/svelte/issues/3236">#3236</a>)</li>
<li><a
href="19fa01b5fc"><code>19fa01b</code></a>
build(deps-dev): bump vite from 6.3.2 to 6.3.4 (<a
href="https://github.com/lucide-icons/lucide/tree/HEAD/packages/svelte/issues/3181">#3181</a>)</li>
<li><a
href="0fccc276c3"><code>0fccc27</code></a>
Bump dependencies (<a
href="https://github.com/lucide-icons/lucide/tree/HEAD/packages/svelte/issues/3096">#3096</a>)</li>
<li><a
href="7b954807da"><code>7b95480</code></a>
Added periods (<a
href="https://github.com/lucide-icons/lucide/tree/HEAD/packages/svelte/issues/3065">#3065</a>)</li>
<li>See full diff in <a
href="https://github.com/lucide-icons/lucide/commits/0.577.0/packages/svelte">compare
view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by [GitHub Actions](<a
href="https://www.npmjs.com/~GitHub">https://www.npmjs.com/~GitHub</a>
Actions), a new releaser for <code>@​lucide/svelte</code> since your
current version.</p>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@lucide/svelte&package-manager=npm_and_yarn&previous-version=0.482.0&new-version=0.577.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

You can trigger a rebase of this PR by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

> **Note**
> Automatic rebases have been disabled on this pull request as it has
been open for over 30 days.

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-01 17:17:20 +02:00
dependabot[bot]
c552aa3dd8 Bump cachetools from 7.0.1 to 7.0.5 (#494) 
Bumps [cachetools](https://github.com/tkem/cachetools) from 7.0.1 to
7.0.5.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tkem/cachetools/blob/master/CHANGELOG.rst">cachetools's
changelog</a>.</em></p>
<blockquote>
<h1>v7.0.5 (2026-03-09)</h1>
<ul>
<li>Minor <code>@cachedmethod</code> performance improvements.</li>
</ul>
<h1>v7.0.4 (2026-03-08)</h1>
<ul>
<li>
<p>Fix and properly document <code>@cachedmethod.cache_key</code>
behavior.</p>
</li>
<li>
<p>Minor documentation improvements.</p>
</li>
</ul>
<h1>v7.0.3 (2026-03-05)</h1>
<ul>
<li>Fix <code>DeprecationWarning</code> when creating an autospec mock
with
<code>@cachedmethod</code> decorations.</li>
</ul>
<h1>v7.0.2 (2026-03-02)</h1>
<ul>
<li>Provide more efficient <code>clear()</code> implementation for all
support
Cache classes (courtesy Josep Pon Farreny).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="5dce86fc5c"><code>5dce86f</code></a>
Release v7.0.5.</li>
<li><a
href="af5e68812b"><code>af5e688</code></a>
Minor <a
href="https://github.com/cachedmethod"><code>@​cachedmethod</code></a>
performance improvements.</li>
<li><a
href="0ca75e6049"><code>0ca75e6</code></a>
Relase v7.0.4.</li>
<li><a
href="5b1fa392d0"><code>5b1fa39</code></a>
Prepare v7.0.4.</li>
<li><a
href="18e5930ced"><code>18e5930</code></a>
Fix <a
href="https://redirect.github.com/tkem/cachetools/issues/218">#218</a>:
Fix and properly document <a
href="https://github.com/cachedmethod"><code>@​cachedmethod</code></a>.cache_key
handling.</li>
<li><a
href="98ec79ff8b"><code>98ec79f</code></a>
Drop &quot;class method&quot; from <a
href="https://github.com/cachedmethod"><code>@​cachedmethod</code></a>
docstring.</li>
<li><a
href="93822a30fc"><code>93822a3</code></a>
Release v7.0.3.</li>
<li><a
href="57d2e4813d"><code>57d2e48</code></a>
Fix <a
href="https://redirect.github.com/tkem/cachetools/issues/387">#387</a>:
Handle obj=None case for inspection in _DescriptorBase.</li>
<li><a
href="8011b71949"><code>8011b71</code></a>
Release v7.0.2.</li>
<li><a
href="73d1602569"><code>73d1602</code></a>
Minor cleanups.</li>
<li>Additional commits viewable in <a
href="https://github.com/tkem/cachetools/compare/v7.0.1...v7.0.5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cachetools&package-manager=uv&previous-version=7.0.1&new-version=7.0.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

You can trigger a rebase of this PR by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

> **Note**
> Automatic rebases have been disabled on this pull request as it has
been open for over 30 days.

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-01 17:17:02 +02:00
dependabot[bot]
f8f4fa8e49 Bump the npm_and_yarn group across 1 directory with 8 updates (#522) 
Bumps the npm_and_yarn group with 8 updates in the /web directory:

| Package | From | To |
| --- | --- | --- |
| [uuid](https://github.com/uuidjs/uuid) | `11.1.0` | `14.0.0` |
| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) |
`7.3.1` | `7.3.2` |
| [minimatch](https://github.com/isaacs/minimatch) | `3.1.3` | `3.1.5` |
| [devalue](https://github.com/sveltejs/devalue) | `5.6.3` | `5.8.0` |
|
[effect](https://github.com/Effect-TS/effect/tree/HEAD/packages/effect)
| `3.19.19` | `3.21.2` |
| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` |
`3.4.2` |
| [picomatch](https://github.com/micromatch/picomatch) | `4.0.3` |
`4.0.4` |
| [postcss](https://github.com/postcss/postcss) | `8.5.6` | `8.5.13` |


Updates `uuid` from 11.1.0 to 14.0.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/uuidjs/uuid/releases">uuid's
releases</a>.</em></p>
<blockquote>
<h2>v14.0.0</h2>
<h2><a
href="https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0">14.0.0</a>
(2026-04-19)</h2>
<h3>⚠ BREAKING CHANGES</h3>
<ul>
<li>expect <code>crypto</code> to be global everywhere (requires
node@20+) (<a
href="https://redirect.github.com/uuidjs/uuid/issues/935">#935</a>)</li>
<li>drop node@18 support (<a
href="https://redirect.github.com/uuidjs/uuid/issues/934">#934</a>)</li>
</ul>
<h3>Features</h3>
<ul>
<li>drop node@18 support (<a
href="https://redirect.github.com/uuidjs/uuid/issues/934">#934</a>) (<a
href="dc4ddb8727">dc4ddb8</a>)</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li>expect <code>crypto</code> to be global everywhere (requires
node@20+) (<a
href="https://redirect.github.com/uuidjs/uuid/issues/935">#935</a>) (<a
href="f2c235f930">f2c235f</a>)</li>
<li>Use GITHUB_TOKEN for release-please and enable npm provenance (<a
href="https://redirect.github.com/uuidjs/uuid/issues/925">#925</a>) (<a
href="ffa31383e8">ffa3138</a>)</li>
</ul>
<h2>v13.0.1</h2>
<h2><a
href="https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1">13.0.1</a>
(2026-04-27)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>backport fix for GHSA-w5hq-g745-h8pq (<a
href="9d27ddf704">9d27ddf</a>)</li>
</ul>
<h2>v13.0.0</h2>
<h2><a
href="https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0">13.0.0</a>
(2025-09-08)</h2>
<h3>⚠ BREAKING CHANGES</h3>
<ul>
<li>make browser exports the default (<a
href="https://redirect.github.com/uuidjs/uuid/issues/901">#901</a>)</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li>make browser exports the default (<a
href="https://redirect.github.com/uuidjs/uuid/issues/901">#901</a>) (<a
href="bce9d72a3a">bce9d72</a>)</li>
</ul>
<h2>v12.0.1</h2>
<h2><a
href="https://github.com/uuidjs/uuid/compare/v12.0.0...v12.0.1">12.0.1</a>
(2026-04-29)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>backport fix for GHSA-w5hq-g745-h8pq (<a
href="3d61d6ac1f">3d61d6a</a>)</li>
</ul>
<h2>v12.0.0</h2>
<h2><a
href="https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0">12.0.0</a>
(2025-09-05)</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md">uuid's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0">14.0.0</a>
(2026-04-19)</h2>
<h3>Security</h3>
<ul>
<li>Fixes <a
href="https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq">GHSA-w5hq-g745-h8pq</a>:
<code>v3()</code>, <code>v5()</code>, and <code>v6()</code> did not
validate that writes would remain within the bounds of a caller-supplied
buffer, allowing out-of-bounds writes when an invalid
<code>offset</code> was provided. A <code>RangeError</code> is now
thrown if <code>offset &lt; 0</code> or <code>offset + 16 &gt;
buf.length</code>.</li>
</ul>
<h3>⚠ BREAKING CHANGES</h3>
<ul>
<li><code>crypto</code> is now expected to be globally defined (requires
node@20+) (<a
href="https://redirect.github.com/uuidjs/uuid/issues/935">#935</a>)</li>
<li>drop node@18 support (<a
href="https://redirect.github.com/uuidjs/uuid/issues/934">#934</a>)</li>
<li>upgrade minimum supported TypeScript version to 5.4.3, in keeping
with the project's policy of supporting TypeScript versions released
within the last two years</li>
</ul>
<h2><a
href="https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0">13.0.0</a>
(2025-09-08)</h2>
<h3>⚠ BREAKING CHANGES</h3>
<ul>
<li>make browser exports the default (<a
href="https://redirect.github.com/uuidjs/uuid/issues/901">#901</a>)</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li>make browser exports the default (<a
href="https://redirect.github.com/uuidjs/uuid/issues/901">#901</a>) (<a
href="bce9d72a3a">bce9d72</a>)</li>
</ul>
<h2><a
href="https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0">12.0.0</a>
(2025-09-05)</h2>
<h3>⚠ BREAKING CHANGES</h3>
<ul>
<li>update to typescript@5.2 (<a
href="https://redirect.github.com/uuidjs/uuid/issues/887">#887</a>)</li>
<li>remove CommonJS support (<a
href="https://redirect.github.com/uuidjs/uuid/issues/886">#886</a>)</li>
<li>drop node@16 support (<a
href="https://redirect.github.com/uuidjs/uuid/issues/883">#883</a>)</li>
</ul>
<h3>Features</h3>
<ul>
<li>add node@24 to ci matrix (<a
href="https://redirect.github.com/uuidjs/uuid/issues/879">#879</a>) (<a
href="42b6178aa2">42b6178</a>)</li>
<li>drop node@16 support (<a
href="https://redirect.github.com/uuidjs/uuid/issues/883">#883</a>) (<a
href="0f38cf1036">0f38cf1</a>)</li>
<li>remove CommonJS support (<a
href="https://redirect.github.com/uuidjs/uuid/issues/886">#886</a>) (<a
href="ae786e2726">ae786e2</a>)</li>
<li>update to typescript@5.2 (<a
href="https://redirect.github.com/uuidjs/uuid/issues/887">#887</a>) (<a
href="c7ee40598e">c7ee405</a>)</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li>improve v4() performance (<a
href="https://redirect.github.com/uuidjs/uuid/issues/894">#894</a>) (<a
href="5fd974c127">5fd974c</a>)</li>
<li>restore node: prefix (<a
href="https://redirect.github.com/uuidjs/uuid/issues/889">#889</a>) (<a
href="e1f42a3545">e1f42a3</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="7c1ea087a8"><code>7c1ea08</code></a>
chore(main): release 14.0.0 (<a
href="https://redirect.github.com/uuidjs/uuid/issues/926">#926</a>)</li>
<li><a
href="3d2c5b0342"><code>3d2c5b0</code></a>
Merge commit from fork</li>
<li><a
href="f2c235f930"><code>f2c235f</code></a>
fix!: expect <code>crypto</code> to be global everywhere (requires
node@20+) (<a
href="https://redirect.github.com/uuidjs/uuid/issues/935">#935</a>)</li>
<li><a
href="529ef0899f"><code>529ef08</code></a>
chore: upgrade TypeScript and fixup types (<a
href="https://redirect.github.com/uuidjs/uuid/issues/927">#927</a>)</li>
<li><a
href="086fd7976f"><code>086fd79</code></a>
chore: update dependencies (<a
href="https://redirect.github.com/uuidjs/uuid/issues/933">#933</a>)</li>
<li><a
href="dc4ddb8727"><code>dc4ddb8</code></a>
feat!: drop node@18 support (<a
href="https://redirect.github.com/uuidjs/uuid/issues/934">#934</a>)</li>
<li><a
href="0f1f9c9c9c"><code>0f1f9c9</code></a>
chore: switch to Biome for parsing and linting (<a
href="https://redirect.github.com/uuidjs/uuid/issues/932">#932</a>)</li>
<li><a
href="e2879e64bf"><code>e2879e6</code></a>
chore: use maintained version of npm-run-all (<a
href="https://redirect.github.com/uuidjs/uuid/issues/930">#930</a>)</li>
<li><a
href="ffa31383e8"><code>ffa3138</code></a>
fix: Use GITHUB_TOKEN for release-please and enable npm provenance (<a
href="https://redirect.github.com/uuidjs/uuid/issues/925">#925</a>)</li>
<li><a
href="0423d49df2"><code>0423d49</code></a>
docs: remove obsolete v1 option notes (<a
href="https://redirect.github.com/uuidjs/uuid/issues/915">#915</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/uuidjs/uuid/compare/v11.1.0...v14.0.0">compare
view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by <a
href="https://www.npmjs.com/~GitHub%20Actions">GitHub Actions</a>, a new
releaser for uuid since your current version.</p>
</details>
<br />

Updates `vite` from 7.3.1 to 7.3.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/releases">vite's
releases</a>.</em></p>
<blockquote>
<h2>v7.3.2</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/v7.3.2/packages/vite/CHANGELOG.md">CHANGELOG.md</a>
for details.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/blob/v7.3.2/packages/vite/CHANGELOG.md">vite's
changelog</a>.</em></p>
<blockquote>
<h2><!-- raw HTML omitted --><a
href="https://github.com/vitejs/vite/compare/v7.3.1...v7.3.2">7.3.2</a>
(2026-04-06)<!-- raw HTML omitted --></h2>
<h3>Bug Fixes</h3>
<ul>
<li>avoid path traversal with optimize deps sourcemap handler (<a
href="https://redirect.github.com/vitejs/vite/issues/22161">#22161</a>)
(<a
href="09d8c903bd">09d8c90</a>)</li>
<li>backport <a
href="https://redirect.github.com/vitejs/vite/issues/22159">#22159</a>,
apply server.fs check to env transport (<a
href="https://redirect.github.com/vitejs/vite/issues/22162">#22162</a>)
(<a
href="19db0f29c3">19db0f2</a>)</li>
<li>check <code>server.fs</code> after stripping query as well (<a
href="https://redirect.github.com/vitejs/vite/issues/22160">#22160</a>)
(<a
href="f8103cc946">f8103cc</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="cc383e07b6"><code>cc383e0</code></a>
release: v7.3.2</li>
<li><a
href="09d8c903bd"><code>09d8c90</code></a>
fix: avoid path traversal with optimize deps sourcemap handler (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161">#22161</a>)</li>
<li><a
href="f8103cc946"><code>f8103cc</code></a>
fix: check <code>server.fs</code> after stripping query as well (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22160">#22160</a>)</li>
<li><a
href="19db0f29c3"><code>19db0f2</code></a>
fix: backport <a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159">#22159</a>,
apply server.fs check to env transport (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22162">#22162</a>)</li>
<li>See full diff in <a
href="https://github.com/vitejs/vite/commits/v7.3.2/packages/vite">compare
view</a></li>
</ul>
</details>
<br />

Updates `minimatch` from 3.1.3 to 3.1.5
<details>
<summary>Commits</summary>
<ul>
<li><a
href="7bba97888a"><code>7bba978</code></a>
3.1.5</li>
<li><a
href="bd259425b2"><code>bd25942</code></a>
docs: add warning about ReDoS</li>
<li><a
href="1a9c27c757"><code>1a9c27c</code></a>
fix partial matching of globstar patterns</li>
<li><a
href="1a2e084af5"><code>1a2e084</code></a>
3.1.4</li>
<li><a
href="ae24656237"><code>ae24656</code></a>
update lockfile</li>
<li><a
href="b100374922"><code>b100374</code></a>
limit recursion for **, improve perf considerably</li>
<li><a
href="26ffeaa091"><code>26ffeaa</code></a>
lockfile update</li>
<li><a
href="9eca892a4e"><code>9eca892</code></a>
lock node version to 14</li>
<li>See full diff in <a
href="https://github.com/isaacs/minimatch/compare/v3.1.3...v3.1.5">compare
view</a></li>
</ul>
</details>
<br />

Updates `devalue` from 5.6.3 to 5.8.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sveltejs/devalue/releases">devalue's
releases</a>.</em></p>
<blockquote>
<h2>v5.8.0</h2>
<h3>Minor Changes</h3>
<ul>
<li>c5115b0: feat: add <code>stringifyAsync</code> for async
serialization</li>
</ul>
<h2>v5.7.1</h2>
<h3>Patch Changes</h3>
<ul>
<li>8becc7c: fix: handle regexes consistently in uneval's value and
reference formats</li>
</ul>
<h2>v5.7.0</h2>
<h3>Minor Changes</h3>
<ul>
<li>df2e284: feat: use native alternatives to encode/decode base64</li>
<li>498656e: feat: add <code>DataView</code> support</li>
<li>a210130: feat: whitelist <code>Float16Array</code></li>
<li>df2e284: feat: simplify TypedArray slices</li>
</ul>
<h3>Patch Changes</h3>
<ul>
<li>5590634: fix: get <code>uneval</code> type handling up to parity
with <code>stringify</code></li>
<li>57f73fc: fix: correctly support boxed bigints and sentinel
values</li>
</ul>
<h2>v5.6.4</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p>87c1f3c: fix: reject <code>__proto__</code> keys in malformed
<code>Object</code> wrapper payloads</p>
<p>This validates the <code>&quot;Object&quot;</code> parse path and
throws when the wrapped value has an own <code>__proto__</code> key.</p>
</li>
<li>
<p>40f1db1: fix: ensure sparse array indices are integers</p>
</li>
<li>
<p>87c1f3c: fix: disallow <code>__proto__</code> keys in null-prototype
object parsing</p>
<p>This disallows <code>__proto__</code> keys in the
<code>&quot;null&quot;</code> parse path so null-prototype object
hydration cannot carry that key through parse/unflatten.</p>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/sveltejs/devalue/blob/main/CHANGELOG.md">devalue's
changelog</a>.</em></p>
<blockquote>
<h2>5.8.0</h2>
<h3>Minor Changes</h3>
<ul>
<li>c5115b0: feat: add <code>stringifyAsync</code> for async
serialization</li>
</ul>
<h2>5.7.1</h2>
<h3>Patch Changes</h3>
<ul>
<li>8becc7c: fix: handle regexes consistently in uneval's value and
reference formats</li>
</ul>
<h2>5.7.0</h2>
<h3>Minor Changes</h3>
<ul>
<li>df2e284: feat: use native alternatives to encode/decode base64</li>
<li>498656e: feat: add <code>DataView</code> support</li>
<li>a210130: feat: whitelist <code>Float16Array</code></li>
<li>df2e284: feat: simplify TypedArray slices</li>
</ul>
<h3>Patch Changes</h3>
<ul>
<li>5590634: fix: get <code>uneval</code> type handling up to parity
with <code>stringify</code></li>
<li>57f73fc: fix: correctly support boxed bigints and sentinel
values</li>
</ul>
<h2>5.6.4</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p>87c1f3c: fix: reject <code>__proto__</code> keys in malformed
<code>Object</code> wrapper payloads</p>
<p>This validates the <code>&quot;Object&quot;</code> parse path and
throws when the wrapped value has an own <code>__proto__</code> key.</p>
</li>
<li>
<p>40f1db1: fix: ensure sparse array indices are integers</p>
</li>
<li>
<p>87c1f3c: fix: disallow <code>__proto__</code> keys in null-prototype
object parsing</p>
<p>This disallows <code>__proto__</code> keys in the
<code>&quot;null&quot;</code> parse path so null-prototype object
hydration cannot carry that key through parse/unflatten.</p>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="14933f78ff"><code>14933f7</code></a>
Version Packages (<a
href="https://redirect.github.com/sveltejs/devalue/issues/151">#151</a>)</li>
<li><a
href="c5115b0074"><code>c5115b0</code></a>
feat: <code>stringifyAsync</code> (<a
href="https://redirect.github.com/sveltejs/devalue/issues/150">#150</a>)</li>
<li><a
href="67dad450b5"><code>67dad45</code></a>
docs: update README to reflect serialization stability non-goal (<a
href="https://redirect.github.com/sveltejs/devalue/issues/147">#147</a>)</li>
<li><a
href="6eb920a7db"><code>6eb920a</code></a>
Version Packages (<a
href="https://redirect.github.com/sveltejs/devalue/issues/146">#146</a>)</li>
<li><a
href="8becc7c436"><code>8becc7c</code></a>
fix: handle regexes consistently in uneval's value and reference formats
(<a
href="https://redirect.github.com/sveltejs/devalue/issues/145">#145</a>)</li>
<li><a
href="2eee2e435e"><code>2eee2e4</code></a>
Version Packages (<a
href="https://redirect.github.com/sveltejs/devalue/issues/144">#144</a>)</li>
<li><a
href="498656e75d"><code>498656e</code></a>
DataView support (<a
href="https://redirect.github.com/sveltejs/devalue/issues/143">#143</a>)</li>
<li><a
href="5590634db5"><code>5590634</code></a>
Improve platform types support (<a
href="https://redirect.github.com/sveltejs/devalue/issues/142">#142</a>)</li>
<li><a
href="57f73fc513"><code>57f73fc</code></a>
fix: support boxed <code>bigint</code>s and sentinel values (<a
href="https://redirect.github.com/sveltejs/devalue/issues/141">#141</a>)</li>
<li><a
href="baec4cbcf1"><code>baec4cb</code></a>
Add prettier configuration (<a
href="https://redirect.github.com/sveltejs/devalue/issues/140">#140</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/sveltejs/devalue/compare/v5.6.3...v5.8.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `effect` from 3.19.19 to 3.21.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/Effect-TS/effect/releases">effect's
releases</a>.</em></p>
<blockquote>
<h2>effect@3.21.2</h2>
<h3>Patch Changes</h3>
<ul>
<li><a
href="https://redirect.github.com/Effect-TS/effect/pull/6194">#6194</a>
<a
href="74f3267a6c"><code>74f3267</code></a>
Thanks <a
href="https://github.com/mikearnaldi"><code>@​mikearnaldi</code></a>! -
Fix <code>TestClock.unsafeCurrentTimeNanos()</code> to floor fractional
millisecond instants before converting them to <code>BigInt</code>.</li>
</ul>
<h2>effect@3.21.1</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/Effect-TS/effect/pull/6139">#6139</a>
<a
href="f99048e9f4"><code>f99048e</code></a>
Thanks <a
href="https://github.com/marbemac"><code>@​marbemac</code></a>! - Fix
batched request resolver defects causing consumer fibers to hang
forever.</p>
<p>When a <code>RequestResolver.makeBatched</code> resolver died with a
defect, the request <code>Deferred</code>s were never completed because
the cleanup logic in <code>invokeWithInterrupt</code> used
<code>flatMap</code> (which only runs on success). Changed to
<code>ensuring</code> so uncompleted request entries are always resolved
regardless of exit type.</p>
</li>
</ul>
<h2>effect@3.21.0</h2>
<h3>Minor Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/Effect-TS/effect/pull/5780">#5780</a>
<a
href="f7bb09b022"><code>f7bb09b</code></a>
Thanks <a
href="https://github.com/kitlangton"><code>@​kitlangton</code></a>! -
Add <code>Cron.prev</code> and reverse iteration support, aligning
next/prev lookup tables, fixing DST handling symmetry, and expanding
cron backward/forward test coverage.</p>
</li>
<li>
<p><a
href="https://redirect.github.com/Effect-TS/effect/pull/5780">#5780</a>
<a
href="bd7552a19c"><code>bd7552a</code></a>
Thanks <a
href="https://github.com/mattiamanzati"><code>@​mattiamanzati</code></a>!
- Add type-level utils to asserting layer types</p>
</li>
<li>
<p><a
href="https://redirect.github.com/Effect-TS/effect/pull/5780">#5780</a>
<a
href="ad1a7eb7f6"><code>ad1a7eb</code></a>
Thanks <a
href="https://github.com/schickling"><code>@​schickling</code></a>! -
RcMap: support dynamic <code>idleTimeToLive</code> values per key</p>
<p>The <code>idleTimeToLive</code> option can now be a function that
receives the key and returns a duration, allowing different TTL values
for different resources.</p>
<pre lang="ts"><code>const map =
  yield *
  RcMap.make({
    lookup: (key: string) =&gt; acquireResource(key),
    idleTimeToLive: (key: string) =&gt; {
if (key.startsWith(&quot;premium:&quot;)) return Duration.minutes(10)
      return Duration.minutes(1)
    }
  })
</code></pre>
</li>
<li>
<p><a
href="https://redirect.github.com/Effect-TS/effect/pull/5780">#5780</a>
<a
href="0d32048f98"><code>0d32048</code></a>
Thanks <a
href="https://github.com/mikearnaldi"><code>@​mikearnaldi</code></a>! -
Fix annotateCurrentSpan, add Effect.currentPropagatedSpan</p>
</li>
</ul>
<h3>Patch Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/Effect-TS/effect/pull/5780">#5780</a>
<a
href="0d32048f98"><code>0d32048</code></a>
Thanks <a
href="https://github.com/mikearnaldi"><code>@​mikearnaldi</code></a>! -
Add logs to first propagated span, in the following case before this fix
the log would not be added to the <code>p</code> span because
<code>Effect.fn</code> adds a fake span for the purpose of adding a
stack frame.</p>
<pre lang="ts"><code>import { Effect } from &quot;effect&quot;
<p>const f = Effect.fn(function* () {<br />
yield* Effect.logWarning(&quot;FooBar&quot;)<br />
return yield* Effect.fail(&quot;Oops&quot;)<br />
})</p>
<p>const p = f().pipe(Effect.withSpan(&quot;p&quot;))<br />
</code></pre></p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/Effect-TS/effect/blob/main/packages/effect/CHANGELOG.md">effect's
changelog</a>.</em></p>
<blockquote>
<h2>3.21.2</h2>
<h3>Patch Changes</h3>
<ul>
<li><a
href="https://redirect.github.com/Effect-TS/effect/pull/6194">#6194</a>
<a
href="74f3267a6c"><code>74f3267</code></a>
Thanks <a
href="https://github.com/mikearnaldi"><code>@​mikearnaldi</code></a>! -
Fix <code>TestClock.unsafeCurrentTimeNanos()</code> to floor fractional
millisecond instants before converting them to <code>BigInt</code>.</li>
</ul>
<h2>3.21.1</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/Effect-TS/effect/pull/6139">#6139</a>
<a
href="f99048e9f4"><code>f99048e</code></a>
Thanks <a
href="https://github.com/marbemac"><code>@​marbemac</code></a>! - Fix
batched request resolver defects causing consumer fibers to hang
forever.</p>
<p>When a <code>RequestResolver.makeBatched</code> resolver died with a
defect, the request <code>Deferred</code>s were never completed because
the cleanup logic in <code>invokeWithInterrupt</code> used
<code>flatMap</code> (which only runs on success). Changed to
<code>ensuring</code> so uncompleted request entries are always resolved
regardless of exit type.</p>
</li>
</ul>
<h2>3.21.0</h2>
<h3>Minor Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/Effect-TS/effect/pull/5780">#5780</a>
<a
href="f7bb09b022"><code>f7bb09b</code></a>
Thanks <a
href="https://github.com/kitlangton"><code>@​kitlangton</code></a>! -
Add <code>Cron.prev</code> and reverse iteration support, aligning
next/prev lookup tables, fixing DST handling symmetry, and expanding
cron backward/forward test coverage.</p>
</li>
<li>
<p><a
href="https://redirect.github.com/Effect-TS/effect/pull/5780">#5780</a>
<a
href="bd7552a19c"><code>bd7552a</code></a>
Thanks <a
href="https://github.com/mattiamanzati"><code>@​mattiamanzati</code></a>!
- Add type-level utils to asserting layer types</p>
</li>
<li>
<p><a
href="https://redirect.github.com/Effect-TS/effect/pull/5780">#5780</a>
<a
href="ad1a7eb7f6"><code>ad1a7eb</code></a>
Thanks <a
href="https://github.com/schickling"><code>@​schickling</code></a>! -
RcMap: support dynamic <code>idleTimeToLive</code> values per key</p>
<p>The <code>idleTimeToLive</code> option can now be a function that
receives the key and returns a duration, allowing different TTL values
for different resources.</p>
<pre lang="ts"><code>const map =
  yield *
  RcMap.make({
    lookup: (key: string) =&gt; acquireResource(key),
    idleTimeToLive: (key: string) =&gt; {
if (key.startsWith(&quot;premium:&quot;)) return Duration.minutes(10)
      return Duration.minutes(1)
    }
  })
</code></pre>
</li>
<li>
<p><a
href="https://redirect.github.com/Effect-TS/effect/pull/5780">#5780</a>
<a
href="0d32048f98"><code>0d32048</code></a>
Thanks <a
href="https://github.com/mikearnaldi"><code>@​mikearnaldi</code></a>! -
Fix annotateCurrentSpan, add Effect.currentPropagatedSpan</p>
</li>
</ul>
<h3>Patch Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/Effect-TS/effect/pull/5780">#5780</a>
<a
href="0d32048f98"><code>0d32048</code></a>
Thanks <a
href="https://github.com/mikearnaldi"><code>@​mikearnaldi</code></a>! -
Add logs to first propagated span, in the following case before this fix
the log would not be added to the <code>p</code> span because
<code>Effect.fn</code> adds a fake span for the purpose of adding a
stack frame.</p>
<pre lang="ts"><code>import { Effect } from &quot;effect&quot;
<p>const f = Effect.fn(function* () {<br />
yield* Effect.logWarning(&quot;FooBar&quot;)<br />
return yield* Effect.fail(&quot;Oops&quot;)<br />
</code></pre></p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="39c934c147"><code>39c934c</code></a>
Version Packages (<a
href="https://github.com/Effect-TS/effect/tree/HEAD/packages/effect/issues/6195">#6195</a>)</li>
<li><a
href="74f3267a6c"><code>74f3267</code></a>
fix: floor TestClock nanoseconds before BigInt conversion (<a
href="https://github.com/Effect-TS/effect/tree/HEAD/packages/effect/issues/6194">#6194</a>)</li>
<li><a
href="cc0c40a2fe"><code>cc0c40a</code></a>
Version Packages (<a
href="https://github.com/Effect-TS/effect/tree/HEAD/packages/effect/issues/6142">#6142</a>)</li>
<li><a
href="f99048e9f4"><code>f99048e</code></a>
fix: resolve batched request resolver defects hanging consumer fibers
(<a
href="https://github.com/Effect-TS/effect/tree/HEAD/packages/effect/issues/6139">#6139</a>)</li>
<li><a
href="6e3782af7a"><code>6e3782a</code></a>
Version Packages (<a
href="https://github.com/Effect-TS/effect/tree/HEAD/packages/effect/issues/6135">#6135</a>)</li>
<li><a
href="f7bb09b022"><code>f7bb09b</code></a>
Add Cron.prev reverse iteration support (<a
href="https://github.com/Effect-TS/effect/tree/HEAD/packages/effect/issues/5786">#5786</a>)</li>
<li><a
href="bd7552a19c"><code>bd7552a</code></a>
Add type-level utils to asserting layer types (<a
href="https://github.com/Effect-TS/effect/tree/HEAD/packages/effect/issues/5920">#5920</a>)</li>
<li><a
href="ad1a7eb7f6"><code>ad1a7eb</code></a>
RcMap: support dynamic idleTimeToLive values per key (<a
href="https://github.com/Effect-TS/effect/tree/HEAD/packages/effect/issues/5859">#5859</a>)</li>
<li><a
href="0d32048f98"><code>0d32048</code></a>
Add logs to first propagated span (<a
href="https://github.com/Effect-TS/effect/tree/HEAD/packages/effect/issues/5710">#5710</a>)</li>
<li><a
href="37a8af53e3"><code>37a8af5</code></a>
Version Packages (<a
href="https://github.com/Effect-TS/effect/tree/HEAD/packages/effect/issues/6134">#6134</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/Effect-TS/effect/commits/effect@3.21.2/packages/effect">compare
view</a></li>
</ul>
</details>
<br />

Updates `flatted` from 3.3.3 to 3.4.2
<details>
<summary>Commits</summary>
<ul>
<li><a
href="3bf09091c3"><code>3bf0909</code></a>
3.4.2</li>
<li><a
href="885ddcc33c"><code>885ddcc</code></a>
fix CWE-1321</li>
<li><a
href="0bdba705d1"><code>0bdba70</code></a>
added flatted-view to the benchmark</li>
<li><a
href="2a02dce7c6"><code>2a02dce</code></a>
3.4.1</li>
<li><a
href="fba4e8f2e1"><code>fba4e8f</code></a>
Merge pull request <a
href="https://redirect.github.com/WebReflection/flatted/issues/89">#89</a>
from WebReflection/python-fix</li>
<li><a
href="5fe86485e6"><code>5fe8648</code></a>
added &quot;when in Rome&quot; also a test for PHP</li>
<li><a
href="53517adbef"><code>53517ad</code></a>
some minor improvement</li>
<li><a
href="b3e2a0c387"><code>b3e2a0c</code></a>
Fixing recursion issue in Python too</li>
<li><a
href="c4b46dbcbf"><code>c4b46db</code></a>
Add SECURITY.md for security policy and reporting</li>
<li><a
href="f86d071e0f"><code>f86d071</code></a>
Create dependabot.yml for version updates</li>
<li>Additional commits viewable in <a
href="https://github.com/WebReflection/flatted/compare/v3.3.3...v3.4.2">compare
view</a></li>
</ul>
</details>
<br />

Updates `picomatch` from 4.0.3 to 4.0.4
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/micromatch/picomatch/releases">picomatch's
releases</a>.</em></p>
<blockquote>
<h2>4.0.4</h2>
<p>This is a security release fixing several security relevant
issues.</p>
<h2>What's Changed</h2>
<ul>
<li>Fix for <a
href="https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj">CVE-2026-33671</a></li>
<li>Fix for <a
href="https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p">CVE-2026-33672</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/micromatch/picomatch/compare/4.0.3...4.0.4">https://github.com/micromatch/picomatch/compare/4.0.3...4.0.4</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="e5474fc1a4"><code>e5474fc</code></a>
Publish 4.0.4</li>
<li><a
href="4516eb521f"><code>4516eb5</code></a>
Merge commit from fork</li>
<li><a
href="5eceecd275"><code>5eceecd</code></a>
Merge commit from fork</li>
<li><a
href="0db7dd7065"><code>0db7dd7</code></a>
Run benchmark again against latest minimatch version (<a
href="https://redirect.github.com/micromatch/picomatch/issues/161">#161</a>)</li>
<li><a
href="95003777eb"><code>9500377</code></a>
docs: clarify what brace expansion syntax is and isn't supported (<a
href="https://redirect.github.com/micromatch/picomatch/issues/134">#134</a>)</li>
<li><a
href="2661f23eca"><code>2661f23</code></a>
fix typo in globstars.js test name (<a
href="https://redirect.github.com/micromatch/picomatch/issues/138">#138</a>)</li>
<li><a
href="1798b07e9d"><code>1798b07</code></a>
docs: fix <code>makeRe</code> example (<a
href="https://redirect.github.com/micromatch/picomatch/issues/143">#143</a>)</li>
<li><a
href="9d76bc57a0"><code>9d76bc5</code></a>
chore: undocument removed options (<a
href="https://redirect.github.com/micromatch/picomatch/issues/146">#146</a>)</li>
<li><a
href="e4d718bbfb"><code>e4d718b</code></a>
Remove unused time-require (<a
href="https://redirect.github.com/micromatch/picomatch/issues/160">#160</a>)</li>
<li><a
href="38dffeb162"><code>38dffeb</code></a>
chore(deps): pin dependencies (<a
href="https://redirect.github.com/micromatch/picomatch/issues/158">#158</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/micromatch/picomatch/compare/4.0.3...4.0.4">compare
view</a></li>
</ul>
</details>
<br />

Updates `postcss` from 8.5.6 to 8.5.13
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/postcss/postcss/releases">postcss's
releases</a>.</em></p>
<blockquote>
<h2>8.5.13</h2>
<ul>
<li>Fixed <code>postcss-scss</code> commend regression.</li>
</ul>
<h2>8.5.12</h2>
<ul>
<li>Fixed reading any file via user-generated CSS.</li>
<li>Added <code>opts.unsafeMap</code> to disable checks.</li>
</ul>
<h2>8.5.11</h2>
<ul>
<li>Fixed nested brackets parsing performance (by <a
href="https://github.com/offset"><code>@​offset</code></a>).</li>
</ul>
<h2>8.5.10</h2>
<ul>
<li>Fixed XSS via unescaped <code>&lt;/style&gt;</code> in non-bundler
cases (by <a
href="https://github.com/TharVid"><code>@​TharVid</code></a>).</li>
</ul>
<h2>8.5.9</h2>
<ul>
<li>Speed up source map encoding paring in case of the error.</li>
</ul>
<h2>8.5.8</h2>
<ul>
<li>Fixed <code>Processor#version</code>.</li>
</ul>
<h2>8.5.7</h2>
<ul>
<li>Improved source map annotation cleaning performance (by CodeAnt
AI).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/postcss/postcss/blob/main/CHANGELOG.md">postcss's
changelog</a>.</em></p>
<blockquote>
<h2>8.5.13</h2>
<ul>
<li>Fixed <code>postcss-scss</code> commend regression.</li>
</ul>
<h2>8.5.12</h2>
<ul>
<li>Fixed reading any file via user-generated CSS.</li>
<li>Added <code>opts.unsafeMap</code> to disable checks.</li>
</ul>
<h2>8.5.11</h2>
<ul>
<li>Fixed nested brackets parsing performance (by <a
href="https://github.com/offset"><code>@​offset</code></a>).</li>
</ul>
<h2>8.5.10</h2>
<ul>
<li>Fixed XSS via unescaped <code>&lt;/style&gt;</code> in non-bundler
cases (by <a
href="https://github.com/TharVid"><code>@​TharVid</code></a>).</li>
</ul>
<h2>8.5.9</h2>
<ul>
<li>Speed up source map encoding paring in case of the error.</li>
</ul>
<h2>8.5.8</h2>
<ul>
<li>Fixed <code>Processor#version</code>.</li>
</ul>
<h2>8.5.7</h2>
<ul>
<li>Improved source map annotation cleaning performance (by CodeAnt
AI).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="af58cf1b7a"><code>af58cf1</code></a>
Release 8.5.13 version</li>
<li><a
href="f227dbd0e9"><code>f227dbd</code></a>
Temporary ignore pnpm 11 config</li>
<li><a
href="d3abd40d72"><code>d3abd40</code></a>
Update dependencies</li>
<li><a
href="dd06c3e113"><code>dd06c3e</code></a>
Revert stringifier changes because of the conflict with
postcss-scss</li>
<li><a
href="ae889c815f"><code>ae889c8</code></a>
Try to fix CI</li>
<li><a
href="e0093e49bc"><code>e0093e4</code></a>
Move to pnpm 11</li>
<li><a
href="9bc81c48f0"><code>9bc81c4</code></a>
Release 8.5.12 version</li>
<li><a
href="85c4d7dab8"><code>85c4d7d</code></a>
Another try to fix coverage</li>
<li><a
href="94484cae6d"><code>94484ca</code></a>
Try to fix coverage</li>
<li><a
href="c64b7488d2"><code>c64b748</code></a>
Load only .map source maps</li>
<li>Additional commits viewable in <a
href="https://github.com/postcss/postcss/compare/8.5.6...8.5.13">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/maxdorninger/MediaManager/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-01 17:16:37 +02:00
dependabot[bot]
7b400f4f9c Bump tailwind-variants from 0.2.1 to 3.2.2 in /web (#466) 
Bumps
[tailwind-variants](https://github.com/heroui-inc/tailwind-variants)
from 0.2.1 to 3.2.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/heroui-inc/tailwind-variants/releases">tailwind-variants's
releases</a>.</em></p>
<blockquote>
<h2>v3.2.2</h2>
<p><em>No significant changes</em></p>
<h5>    <a
href="https://github.com/heroui-inc/tailwind-variants/compare/v3.2.1...v3.2.2">View
changes on GitHub</a></h5>
<h2>v3.2.1</h2>
<h3>   🐞 Bug Fixes</h3>
<ul>
<li>Update cn function type and import cx from tailwind-variants/lite
 -  by <a
href="https://github.com/jrgarciadev"><code>@​jrgarciadev</code></a> in
<a
href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/285">heroui-inc/tailwind-variants#285</a>
<a
href="https://github.com/heroui-inc/tailwind-variants/commit/3a3afce"><!--
raw HTML omitted -->(3a3af)<!-- raw HTML omitted --></a></li>
</ul>
<h5>    <a
href="https://github.com/heroui-inc/tailwind-variants/compare/v3.2.0...v3.2.1">View
changes on GitHub</a></h5>
<h2>v3.2.0</h2>
<h3>   🚀 Features</h3>
<ul>
<li>Add cx function and refactor cn to use tailwind-merge  -  by <a
href="https://github.com/jrgarciadev"><code>@​jrgarciadev</code></a> in
<a
href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/278">heroui-inc/tailwind-variants#278</a>
<a
href="https://github.com/heroui-inc/tailwind-variants/commit/8ec5f6f"><!--
raw HTML omitted -->(8ec5f)<!-- raw HTML omitted --></a></li>
</ul>
<h3>   🐞 Bug Fixes</h3>
<ul>
<li>No longer minifyng the code  -  by <a
href="https://github.com/jrgarciadev"><code>@​jrgarciadev</code></a> in
<a
href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/282">heroui-inc/tailwind-variants#282</a>
<a
href="https://github.com/heroui-inc/tailwind-variants/commit/34c62f4"><!--
raw HTML omitted -->(34c62)<!-- raw HTML omitted --></a></li>
<li>Make twMerge default to true in cn function  -  by <a
href="https://github.com/jrgarciadev"><code>@​jrgarciadev</code></a> in
<a
href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/283">heroui-inc/tailwind-variants#283</a>
<a
href="https://github.com/heroui-inc/tailwind-variants/commit/1659aa7"><!--
raw HTML omitted -->(1659a)<!-- raw HTML omitted --></a></li>
<li>Export defaultConfig as value and remove responsiveVariants  -  by
<a href="https://github.com/jrgarciadev"><code>@​jrgarciadev</code></a>
in <a
href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/284">heroui-inc/tailwind-variants#284</a>
<a
href="https://github.com/heroui-inc/tailwind-variants/commit/65ee73c"><!--
raw HTML omitted -->(65ee7)<!-- raw HTML omitted --></a></li>
</ul>
<h5>    <a
href="https://github.com/heroui-inc/tailwind-variants/compare/v3.1.1...v3.2.0">View
changes on GitHub</a></h5>
<h2>v3.1.1</h2>
<h3>   🐞 Bug Fixes</h3>
<ul>
<li>Use 'type' for type-only imports and specify file extensions  -  by
<a href="https://github.com/tmkx"><code>@​tmkx</code></a> in <a
href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/272">heroui-inc/tailwind-variants#272</a>
<a
href="https://github.com/heroui-inc/tailwind-variants/commit/58aa71e"><!--
raw HTML omitted -->(58aa7)<!-- raw HTML omitted --></a></li>
</ul>
<h5>    <a
href="https://github.com/heroui-inc/tailwind-variants/compare/v3.1.0...v3.1.1">View
changes on GitHub</a></h5>
<h2>v3.1.0</h2>
<h3>   🚀 Features</h3>
<ul>
<li>Export config types  -  by <a
href="https://github.com/tianenpang"><code>@​tianenpang</code></a> in <a
href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/267">heroui-inc/tailwind-variants#267</a>
<a
href="https://github.com/heroui-inc/tailwind-variants/commit/5fd06fa"><!--
raw HTML omitted -->(5fd06)<!-- raw HTML omitted --></a></li>
</ul>
<h5>    <a
href="https://github.com/heroui-inc/tailwind-variants/compare/v3.0.0...v3.1.0">View
changes on GitHub</a></h5>
<h2>v3.0.0</h2>
<h2>What's new?</h2>
<h3>   🚀 Features</h3>
<ul>
<li>Split tv into original and lite versions  -  by <a
href="https://github.com/tianenpang"><code>@​tianenpang</code></a> in <a
href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/264">heroui-inc/tailwind-variants#264</a>
<a
href="https://github.com/heroui-inc/tailwind-variants/commit/0eb65ba"><!--
raw HTML omitted -->(0eb65)<!-- raw HTML omitted --></a></li>
</ul>
<p>Resolves <a
href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/262">heroui-inc/tailwind-variants#262</a>,
resolves <a
href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/259">heroui-inc/tailwind-variants#259</a>,
resolves <a
href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/258">heroui-inc/tailwind-variants#258</a>,
resolves <a
href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/246">heroui-inc/tailwind-variants#246</a></p>
<h3>Problem with v2</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/heroui-inc/tailwind-variants/blob/main/CHANGELOG.md">tailwind-variants's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/heroui-inc/tailwind-variants/compare/v3.2.1...v3.2.2">3.2.2</a>
(2025-11-22)</h2>
<h2><a
href="https://github.com/heroui-inc/tailwind-variants/compare/v3.2.0...v3.2.1">3.2.1</a>
(2025-11-22)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>update cn function type and import cx from tailwind-variants/lite
(<a
href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/285">#285</a>)
(<a
href="3a3afce788">3a3afce</a>)</li>
</ul>
<h1><a
href="https://github.com/heroui-inc/tailwind-variants/compare/v3.1.1...v3.2.0">3.2.0</a>
(2025-11-22)</h1>
<h3>Bug Fixes</h3>
<ul>
<li>export defaultConfig as value and remove responsiveVariants (<a
href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/284">#284</a>)
(<a
href="65ee73cc80">65ee73c</a>)</li>
<li>make twMerge default to true in cn function (<a
href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/283">#283</a>)
(<a
href="1659aa7acc">1659aa7</a>)</li>
<li>no longer minifyng the code (<a
href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/282">#282</a>)
(<a
href="34c62f48a7">34c62f4</a>)</li>
</ul>
<h3>Features</h3>
<ul>
<li>add cx function and refactor cn to use tailwind-merge (<a
href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/278">#278</a>)
(<a
href="8ec5f6fbd0">8ec5f6f</a>)</li>
</ul>
<h2><a
href="https://github.com/heroui-inc/tailwind-variants/compare/v3.1.0...v3.1.1">3.1.1</a>
(2025-09-08)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>use 'type' for type-only imports and specify file extensions (<a
href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/272">#272</a>)
(<a
href="58aa71eaf1">58aa71e</a>)</li>
</ul>
<h1><a
href="https://github.com/heroui-inc/tailwind-variants/compare/v3.0.0...v3.1.0">3.1.0</a>
(2025-08-25)</h1>
<h3>Features</h3>
<ul>
<li>export config types (<a
href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/267">#267</a>)
(<a
href="5fd06face1">5fd06fa</a>)</li>
</ul>
<h1><a
href="https://github.com/heroui-inc/tailwind-variants/compare/v2.1.0...v3.0.0">3.0.0</a>
(2025-08-24)</h1>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="fb6e0bfdeb"><code>fb6e0bf</code></a>
chore: release v3.2.2</li>
<li><a
href="ee83f93b71"><code>ee83f93</code></a>
refactor: split cn into cn and cnMerge functions (<a
href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/286">#286</a>)</li>
<li><a
href="9c3a9371cc"><code>9c3a937</code></a>
chore: release v3.2.1</li>
<li><a
href="3a3afce788"><code>3a3afce</code></a>
fix: update cn function type and import cx from tailwind-variants/lite
(<a
href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/285">#285</a>)</li>
<li><a
href="c19f93d8ef"><code>c19f93d</code></a>
chore: release v3.2.0</li>
<li><a
href="65ee73cc80"><code>65ee73c</code></a>
fix: export defaultConfig as value and remove responsiveVariants (<a
href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/284">#284</a>)</li>
<li><a
href="e531070d21"><code>e531070</code></a>
Merge branch 'main' of github.com:nextui-org/tailwind-variants</li>
<li><a
href="a3c7505adf"><code>a3c7505</code></a>
refactor: simplify withFalsy array in benchmark.js</li>
<li><a
href="1659aa7acc"><code>1659aa7</code></a>
fix: make twMerge default to true in cn function (<a
href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/283">#283</a>)</li>
<li><a
href="d85ad99613"><code>d85ad99</code></a>
Merge branch 'main' of github.com:nextui-org/tailwind-variants</li>
<li>Additional commits viewable in <a
href="https://github.com/heroui-inc/tailwind-variants/compare/v0.2.1...v3.2.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tailwind-variants&package-manager=npm_and_yarn&previous-version=0.2.1&new-version=3.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

You can trigger a rebase of this PR by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

> **Note**
> Automatic rebases have been disabled on this pull request as it has
been open for over 30 days.

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-01 16:42:45 +02:00
dependabot[bot]
210ff4e2cb Bump svelte from 5.53.2 to 5.53.6 in /web in the npm_and_yarn group across 1 directory (#476) 
Bumps the npm_and_yarn group with 1 update in the /web directory:
[svelte](https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte).

Updates `svelte` from 5.53.2 to 5.53.6
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sveltejs/svelte/releases">svelte's
releases</a>.</em></p>
<blockquote>
<h2>svelte@5.53.6</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p>perf: optimize parser hot paths for faster compilation (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17811">#17811</a>)</p>
</li>
<li>
<p>fix: <code>SvelteMap</code> incorrectly handles keys with
<code>undefined</code> values (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17826">#17826</a>)</p>
</li>
<li>
<p>fix: SvelteURL <code>search</code> setter now returns the normalized
value, matching native URL behavior (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17828">#17828</a>)</p>
</li>
<li>
<p>fix: visit synthetic value node during ssr (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17824">#17824</a>)</p>
</li>
<li>
<p>fix: always case insensitive event handlers during ssr (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17822">#17822</a>)</p>
</li>
<li>
<p>chore: more efficient effect scheduling (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17808">#17808</a>)</p>
</li>
<li>
<p>perf: optimize compiler analysis phase (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17823">#17823</a>)</p>
</li>
<li>
<p>fix: skip redundant batch.apply (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17816">#17816</a>)</p>
</li>
<li>
<p>chore: null out current_batch before committing branches (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17809">#17809</a>)</p>
</li>
</ul>
<h2>svelte@5.53.5</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p>fix: escape <code>innerText</code> and <code>textContent</code>
bindings of <code>contenteditable</code> (<a
href="0df5abcae2"><code>0df5abcae223058ceb95491470372065fb87951d</code></a>)</p>
</li>
<li>
<p>fix: sanitize <code>transformError</code> values prior to embedding
in HTML comments (<a
href="0298e97937"><code>0298e979371bb583855c9810db79a70a551d22b9</code></a>)</p>
</li>
</ul>
<h2>svelte@5.53.4</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p>fix: set server context after async transformError (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17799">#17799</a>)</p>
</li>
<li>
<p>fix: hydrate if blocks correctly (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17784">#17784</a>)</p>
</li>
<li>
<p>fix: handle default parameters scope leaks (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17788">#17788</a>)</p>
</li>
<li>
<p>fix: prevent flushed effects from running again (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17787">#17787</a>)</p>
</li>
</ul>
<h2>svelte@5.53.3</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p>fix: render <code>:catch</code> of <code>#await</code> block with
correct key (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17769">#17769</a>)</p>
</li>
<li>
<p>chore: pin aria-query@5.3.1 (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17772">#17772</a>)</p>
</li>
<li>
<p>fix: make string coercion consistent to <code>toString</code> (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17774">#17774</a>)</p>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/sveltejs/svelte/blob/main/packages/svelte/CHANGELOG.md">svelte's
changelog</a>.</em></p>
<blockquote>
<h2>5.53.6</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p>perf: optimize parser hot paths for faster compilation (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17811">#17811</a>)</p>
</li>
<li>
<p>fix: <code>SvelteMap</code> incorrectly handles keys with
<code>undefined</code> values (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17826">#17826</a>)</p>
</li>
<li>
<p>fix: SvelteURL <code>search</code> setter now returns the normalized
value, matching native URL behavior (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17828">#17828</a>)</p>
</li>
<li>
<p>fix: visit synthetic value node during ssr (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17824">#17824</a>)</p>
</li>
<li>
<p>fix: always case insensitive event handlers during ssr (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17822">#17822</a>)</p>
</li>
<li>
<p>chore: more efficient effect scheduling (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17808">#17808</a>)</p>
</li>
<li>
<p>perf: optimize compiler analysis phase (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17823">#17823</a>)</p>
</li>
<li>
<p>fix: skip redundant batch.apply (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17816">#17816</a>)</p>
</li>
<li>
<p>chore: null out current_batch before committing branches (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17809">#17809</a>)</p>
</li>
</ul>
<h2>5.53.5</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p>fix: escape <code>innerText</code> and <code>textContent</code>
bindings of <code>contenteditable</code> (<a
href="0df5abcae2"><code>0df5abcae223058ceb95491470372065fb87951d</code></a>)</p>
</li>
<li>
<p>fix: sanitize <code>transformError</code> values prior to embedding
in HTML comments (<a
href="0298e97937"><code>0298e979371bb583855c9810db79a70a551d22b9</code></a>)</p>
</li>
</ul>
<h2>5.53.4</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p>fix: set server context after async transformError (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17799">#17799</a>)</p>
</li>
<li>
<p>fix: hydrate if blocks correctly (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17784">#17784</a>)</p>
</li>
<li>
<p>fix: handle default parameters scope leaks (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17788">#17788</a>)</p>
</li>
<li>
<p>fix: prevent flushed effects from running again (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17787">#17787</a>)</p>
</li>
</ul>
<h2>5.53.3</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p>fix: render <code>:catch</code> of <code>#await</code> block with
correct key (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17769">#17769</a>)</p>
</li>
<li>
<p>chore: pin aria-query@5.3.1 (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17772">#17772</a>)</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="d4c78292ed"><code>d4c7829</code></a>
Version Packages (<a
href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17812">#17812</a>)</li>
<li><a
href="361b32c7cd"><code>361b32c</code></a>
fix: SvelteURL search setter uses unnormalized value (<a
href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17828">#17828</a>)</li>
<li><a
href="1043f79d1e"><code>1043f79</code></a>
perf: optimize compiler analysis phase (<a
href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17823">#17823</a>)</li>
<li><a
href="b6faa2a905"><code>b6faa2a</code></a>
fix: always case insensitive event handlers during ssr (<a
href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17822">#17822</a>)</li>
<li><a
href="e3d277b000"><code>e3d277b</code></a>
fix: visit synthetic value node during ssr (<a
href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17824">#17824</a>)</li>
<li><a
href="18db0cab86"><code>18db0ca</code></a>
fix: SvelteMap incorrectly handles keys with <code>undefined</code>
values (<a
href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17826">#17826</a>)</li>
<li><a
href="3fc4bc6774"><code>3fc4bc6</code></a>
chore: remove unused is_flushing variable (<a
href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17820">#17820</a>)</li>
<li><a
href="16a13517ef"><code>16a1351</code></a>
fix: skip redundant batch.apply (<a
href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17816">#17816</a>)</li>
<li><a
href="04ba134d33"><code>04ba134</code></a>
docs: flesh out <code>attribute_invalid_sequence_expression</code>
message (<a
href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17789">#17789</a>)</li>
<li><a
href="fc67c9cfe9"><code>fc67c9c</code></a>
chore(deps-dev): bump rollup from 4.52.5 to 4.59.0 (<a
href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17810">#17810</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/sveltejs/svelte/commits/svelte@5.53.6/packages/svelte">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=svelte&package-manager=npm_and_yarn&previous-version=5.53.2&new-version=5.53.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

You can trigger a rebase of this PR by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/maxdorninger/MediaManager/network/alerts).

</details>

> **Note**
> Automatic rebases have been disabled on this pull request as it has
been open for over 30 days.

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-01 16:42:06 +02:00
dependabot[bot]
bbbfb31113 Bump requests from 2.32.5 to 2.33.0 in /metadata_relay in the uv group across 1 directory (#505) 
Bumps the uv group with 1 update in the /metadata_relay directory:
[requests](https://github.com/psf/requests).

Updates `requests` from 2.32.5 to 2.33.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/psf/requests/releases">requests's
releases</a>.</em></p>
<blockquote>
<h2>v2.33.0</h2>
<h2>2.33.0 (2026-03-25)</h2>
<p><strong>Announcements</strong></p>
<ul>
<li>📣 Requests is adding inline types. If you have a typed code base
that uses Requests, please take a look at <a
href="https://redirect.github.com/psf/requests/issues/7271">#7271</a>.
Give it a try, and report any gaps or feedback you may have in the
issue. 📣</li>
</ul>
<p><strong>Security</strong></p>
<ul>
<li>CVE-2026-25645 <code>requests.utils.extract_zipped_paths</code> now
extracts contents to a non-deterministic location to prevent malicious
file replacement. This does not affect default usage of Requests, only
applications calling the utility function directly.</li>
</ul>
<p><strong>Improvements</strong></p>
<ul>
<li>Migrated to a PEP 517 build system using setuptools. (<a
href="https://redirect.github.com/psf/requests/issues/7012">#7012</a>)</li>
</ul>
<p><strong>Bugfixes</strong></p>
<ul>
<li>Fixed an issue where an empty netrc entry could cause malformed
authentication to be applied to Requests on Python 3.11+. (<a
href="https://redirect.github.com/psf/requests/issues/7205">#7205</a>)</li>
</ul>
<p><strong>Deprecations</strong></p>
<ul>
<li>Dropped support for Python 3.9 following its end of support. (<a
href="https://redirect.github.com/psf/requests/issues/7196">#7196</a>)</li>
</ul>
<p><strong>Documentation</strong></p>
<ul>
<li>Various typo fixes and doc improvements.</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/M0d3v1"><code>@​M0d3v1</code></a> made
their first contribution in <a
href="https://redirect.github.com/psf/requests/pull/6865">psf/requests#6865</a></li>
<li><a href="https://github.com/aminvakil"><code>@​aminvakil</code></a>
made their first contribution in <a
href="https://redirect.github.com/psf/requests/pull/7220">psf/requests#7220</a></li>
<li><a href="https://github.com/E8Price"><code>@​E8Price</code></a> made
their first contribution in <a
href="https://redirect.github.com/psf/requests/pull/6960">psf/requests#6960</a></li>
<li><a href="https://github.com/mitre88"><code>@​mitre88</code></a> made
their first contribution in <a
href="https://redirect.github.com/psf/requests/pull/7244">psf/requests#7244</a></li>
<li><a href="https://github.com/magsen"><code>@​magsen</code></a> made
their first contribution in <a
href="https://redirect.github.com/psf/requests/pull/6553">psf/requests#6553</a></li>
<li><a
href="https://github.com/Rohan5commit"><code>@​Rohan5commit</code></a>
made their first contribution in <a
href="https://redirect.github.com/psf/requests/pull/7227">psf/requests#7227</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25">https://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/psf/requests/blob/main/HISTORY.md">requests's
changelog</a>.</em></p>
<blockquote>
<h2>2.33.0 (2026-03-25)</h2>
<p><strong>Announcements</strong></p>
<ul>
<li>📣 Requests is adding inline types. If you have a typed code base
that
uses Requests, please take a look at <a
href="https://redirect.github.com/psf/requests/issues/7271">#7271</a>.
Give it a try, and report
any gaps or feedback you may have in the issue. 📣</li>
</ul>
<p><strong>Security</strong></p>
<ul>
<li>CVE-2026-25645 <code>requests.utils.extract_zipped_paths</code> now
extracts
contents to a non-deterministic location to prevent malicious file
replacement. This does not affect default usage of Requests, only
applications calling the utility function directly.</li>
</ul>
<p><strong>Improvements</strong></p>
<ul>
<li>Migrated to a PEP 517 build system using setuptools. (<a
href="https://redirect.github.com/psf/requests/issues/7012">#7012</a>)</li>
</ul>
<p><strong>Bugfixes</strong></p>
<ul>
<li>Fixed an issue where an empty netrc entry could cause
malformed authentication to be applied to Requests on
Python 3.11+. (<a
href="https://redirect.github.com/psf/requests/issues/7205">#7205</a>)</li>
</ul>
<p><strong>Deprecations</strong></p>
<ul>
<li>Dropped support for Python 3.9 following its end of support. (<a
href="https://redirect.github.com/psf/requests/issues/7196">#7196</a>)</li>
</ul>
<p><strong>Documentation</strong></p>
<ul>
<li>Various typo fixes and doc improvements.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="bc04dfd6da"><code>bc04dfd</code></a>
v2.33.0</li>
<li><a
href="66d21cb07b"><code>66d21cb</code></a>
Merge commit from fork</li>
<li><a
href="8b9bc8fc0f"><code>8b9bc8f</code></a>
Move badges to top of README (<a
href="https://redirect.github.com/psf/requests/issues/7293">#7293</a>)</li>
<li><a
href="e331a288f3"><code>e331a28</code></a>
Remove unused extraction call (<a
href="https://redirect.github.com/psf/requests/issues/7292">#7292</a>)</li>
<li><a
href="753fd08c5e"><code>753fd08</code></a>
docs: fix FAQ grammar in httplib2 example</li>
<li><a
href="774a0b837a"><code>774a0b8</code></a>
docs(socks): same block as other sections</li>
<li><a
href="9c72a41bec"><code>9c72a41</code></a>
Bump github/codeql-action from 4.33.0 to 4.34.1</li>
<li><a
href="ebf7190679"><code>ebf7190</code></a>
Bump github/codeql-action from 4.32.0 to 4.33.0</li>
<li><a
href="0e4ae38f0c"><code>0e4ae38</code></a>
docs: exclude Response.is_permanent_redirect from API docs (<a
href="https://redirect.github.com/psf/requests/issues/7244">#7244</a>)</li>
<li><a
href="d568f47278"><code>d568f47</code></a>
docs: clarify Quickstart POST example (<a
href="https://redirect.github.com/psf/requests/issues/6960">#6960</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/psf/requests/compare/v2.32.5...v2.33.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=requests&package-manager=uv&previous-version=2.32.5&new-version=2.33.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

You can trigger a rebase of this PR by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/maxdorninger/MediaManager/network/alerts).

</details>

> **Note**
> Automatic rebases have been disabled on this pull request as it has
been open for over 30 days.

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-01 16:41:32 +02:00
dependabot[bot]
96032c10b4 Update fastapi[standard] requirement from >=0.115.14 to >=0.136.1 in /metadata_relay (#520) 
Updates the requirements on
[fastapi[standard]](https://github.com/fastapi/fastapi) to permit the
latest version.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/fastapi/fastapi/releases">fastapi[standard]'s
releases</a>.</em></p>
<blockquote>
<h2>0.136.1</h2>
<h3>Upgrades</h3>
<ul>
<li>⬆️ Update Pydantic v2 code to address deprecations. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15101">#15101</a>
by <a
href="https://github.com/svlandeg"><code>@​svlandeg</code></a>.</li>
</ul>
<h3>Internal</h3>
<ul>
<li>🔨 Tweak translation script. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15174">#15174</a>
by <a
href="https://github.com/YuriiMotov"><code>@​YuriiMotov</code></a>.</li>
<li>⬆ Bump mkdocs-material from 9.7.1 to 9.7.6. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15408">#15408</a>
by <a
href="https://github.com/apps/dependabot"><code>@​dependabot[bot]</code></a>.</li>
<li>⬆ Bump inline-snapshot from 0.31.1 to 0.32.6. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15409">#15409</a>
by <a
href="https://github.com/apps/dependabot"><code>@​dependabot[bot]</code></a>.</li>
<li>⬆ Bump pytest-codspeed from 4.3.0 to 4.4.0. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15407">#15407</a>
by <a
href="https://github.com/apps/dependabot"><code>@​dependabot[bot]</code></a>.</li>
<li>⬆ Bump pytest-cov from 7.0.0 to 7.1.0. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15406">#15406</a>
by <a
href="https://github.com/apps/dependabot"><code>@​dependabot[bot]</code></a>.</li>
<li>⬆ Bump cloudflare/wrangler-action from 3.14.1 to 3.15.0. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15405">#15405</a>
by <a
href="https://github.com/apps/dependabot"><code>@​dependabot[bot]</code></a>.</li>
<li>⬆ Bump mypy from 1.19.1 to 1.20.1. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15410">#15410</a>
by <a
href="https://github.com/apps/dependabot"><code>@​dependabot[bot]</code></a>.</li>
<li>⬆ Bump python-dotenv from 1.2.1 to 1.2.2. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15400">#15400</a>
by <a
href="https://github.com/apps/dependabot"><code>@​dependabot[bot]</code></a>.</li>
<li>⬆ Bump starlette from 0.52.1 to 1.0.0. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15397">#15397</a>
by <a
href="https://github.com/apps/dependabot"><code>@​dependabot[bot]</code></a>.</li>
<li>⬆ Bump pygithub from 2.8.1 to 2.9.1. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15396">#15396</a>
by <a
href="https://github.com/apps/dependabot"><code>@​dependabot[bot]</code></a>.</li>
<li>⬆ Bump pyjwt from 2.12.0 to 2.12.1. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15393">#15393</a>
by <a
href="https://github.com/apps/dependabot"><code>@​dependabot[bot]</code></a>.</li>
<li>⬆ Bump zizmor from 1.23.1 to 1.24.1. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15394">#15394</a>
by <a
href="https://github.com/apps/dependabot"><code>@​dependabot[bot]</code></a>.</li>
<li>⬆ Bump strawberry-graphql from 0.312.3 to 0.314.3. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15395">#15395</a>
by <a
href="https://github.com/apps/dependabot"><code>@​dependabot[bot]</code></a>.</li>
<li>⬆ Bump python-multipart from 0.0.22 to 0.0.26. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15360">#15360</a>
by <a
href="https://github.com/apps/dependabot"><code>@​dependabot[bot]</code></a>.</li>
<li>⬆ Bump authlib from 1.6.9 to 1.6.11. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15373">#15373</a>
by <a
href="https://github.com/apps/dependabot"><code>@​dependabot[bot]</code></a>.</li>
<li>⬆ Bump aiohttp from 3.13.3 to 3.13.4. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15282">#15282</a>
by <a
href="https://github.com/apps/dependabot"><code>@​dependabot[bot]</code></a>.</li>
<li>⬆ Bump pygments from 2.19.2 to 2.20.0. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15263">#15263</a>
by <a
href="https://github.com/apps/dependabot"><code>@​dependabot[bot]</code></a>.</li>
<li>⬆ Bump pymdown-extensions from 10.20.1 to 10.21.2. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15391">#15391</a>
by <a
href="https://github.com/YuriiMotov"><code>@​YuriiMotov</code></a>.</li>
<li>⬆ Bump pillow from 12.1.1 to 12.2.0. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15333">#15333</a>
by <a
href="https://github.com/apps/dependabot"><code>@​dependabot[bot]</code></a>.</li>
<li>⬆ Bump pytest from 9.0.2 to 9.0.3. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15334">#15334</a>
by <a
href="https://github.com/apps/dependabot"><code>@​dependabot[bot]</code></a>.</li>
<li>⬆ Bump actions/upload-artifact from 7.0.0 to 7.0.1. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15374">#15374</a>
by <a
href="https://github.com/apps/dependabot"><code>@​dependabot[bot]</code></a>.</li>
<li>⬆ Bump actions/cache from 5.0.4 to 5.0.5. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15385">#15385</a>
by <a
href="https://github.com/apps/dependabot"><code>@​dependabot[bot]</code></a>.</li>
<li>🔧 Update sponsors: remove Zuplo. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15369">#15369</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>🔧 Update sponsors: remove Speakeasy. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15368">#15368</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>🔒️ Add zizmor and fix audit findings. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/15316">#15316</a>
by <a
href="https://github.com/YuriiMotov"><code>@​YuriiMotov</code></a>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="e54e5a8980"><code>e54e5a8</code></a>
🔖 Release version 0.136.1</li>
<li><a
href="9a8a5fd999"><code>9a8a5fd</code></a>
📝 Update release notes</li>
<li><a
href="7815a32f2e"><code>7815a32</code></a>
⬆️ Update Pydantic v2 code to address deprecations (<a
href="https://redirect.github.com/fastapi/fastapi/issues/15101">#15101</a>)</li>
<li><a
href="ef1c927b05"><code>ef1c927</code></a>
📝 Update release notes</li>
<li><a
href="38039e12a8"><code>38039e1</code></a>
🔨 Tweak translation script (<a
href="https://redirect.github.com/fastapi/fastapi/issues/15174">#15174</a>)</li>
<li><a
href="4fa826ce0a"><code>4fa826c</code></a>
📝 Update release notes</li>
<li><a
href="c39415673e"><code>c394156</code></a>
⬆ Bump mkdocs-material from 9.7.1 to 9.7.6 (<a
href="https://redirect.github.com/fastapi/fastapi/issues/15408">#15408</a>)</li>
<li><a
href="ae230ad2f9"><code>ae230ad</code></a>
📝 Update release notes</li>
<li><a
href="d9eb39d1a1"><code>d9eb39d</code></a>
⬆ Bump inline-snapshot from 0.31.1 to 0.32.6 (<a
href="https://redirect.github.com/fastapi/fastapi/issues/15409">#15409</a>)</li>
<li><a
href="4f8b5d14d3"><code>4f8b5d1</code></a>
📝 Update release notes</li>
<li>Additional commits viewable in <a
href="https://github.com/fastapi/fastapi/compare/0.115.14...0.136.1">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-01 16:41:22 +02:00
dependabot[bot]
4d9805c909 Bump uvicorn from 0.41.0 to 0.46.0 in /metadata_relay (#521) 
Bumps [uvicorn](https://github.com/Kludex/uvicorn) from 0.41.0 to
0.46.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/Kludex/uvicorn/releases">uvicorn's
releases</a>.</em></p>
<blockquote>
<h2>Version 0.46.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Support <code>ws_max_size</code> in <code>wsproto</code>
implementation by <a
href="https://github.com/Kludex"><code>@​Kludex</code></a> in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2915">Kludex/uvicorn#2915</a></li>
<li>Support <code>ws_ping_interval</code> and
<code>ws_ping_timeout</code> in <code>wsproto</code> implementation by
<a href="https://github.com/Kludex"><code>@​Kludex</code></a> in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2916">Kludex/uvicorn#2916</a></li>
<li>Use <code>bytearray</code> for incoming WebSocket message buffer in
websockets-sansio by <a
href="https://github.com/Kludex"><code>@​Kludex</code></a> in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2917">Kludex/uvicorn#2917</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Kludex/uvicorn/compare/0.45.0...0.46.0">https://github.com/Kludex/uvicorn/compare/0.45.0...0.46.0</a></p>
<h2>Version 0.45.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Preserve forwarded client ports in proxy headers middleware by <a
href="https://github.com/Kludex"><code>@​Kludex</code></a> in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2903">Kludex/uvicorn#2903</a></li>
<li>Accept <code>os.PathLike</code> for <code>log_config</code> by <a
href="https://github.com/Kludex"><code>@​Kludex</code></a> in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2905">Kludex/uvicorn#2905</a></li>
<li>Accept <code>log_level</code> strings case-insensitively by <a
href="https://github.com/Kludex"><code>@​Kludex</code></a> in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2907">Kludex/uvicorn#2907</a></li>
<li>Raise helpful <code>ImportError</code> when PyYAML is missing for
YAML log config by <a
href="https://github.com/Kludex"><code>@​Kludex</code></a> in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2906">Kludex/uvicorn#2906</a></li>
<li>Revert empty context for ASGI runs by <a
href="https://github.com/Kludex"><code>@​Kludex</code></a> in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2911">Kludex/uvicorn#2911</a></li>
<li>Add <code>--reset-contextvars</code> flag to isolate ASGI request
context by <a href="https://github.com/Kludex"><code>@​Kludex</code></a>
in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2912">Kludex/uvicorn#2912</a></li>
<li>Revert &quot;Emit <code>http.disconnect</code> on server shutdown
for streaming responses&quot; (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2829">#2829</a>)
by <a href="https://github.com/Kludex"><code>@​Kludex</code></a> in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2913">Kludex/uvicorn#2913</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/Krishnachaitanyakc"><code>@​Krishnachaitanyakc</code></a>
made their first contribution in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2870">Kludex/uvicorn#2870</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Kludex/uvicorn/compare/0.44.0...0.45.0">https://github.com/Kludex/uvicorn/compare/0.44.0...0.45.0</a></p>
<h2>Version 0.44.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Implement websocket keepalive pings for websockets-sansio by <a
href="https://github.com/Kludex"><code>@​Kludex</code></a> in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2888">Kludex/uvicorn#2888</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Kludex/uvicorn/compare/0.43.0...0.44.0">https://github.com/Kludex/uvicorn/compare/0.43.0...0.44.0</a></p>
<h2>Version 0.43.0</h2>
<h2>Changed</h2>
<ul>
<li>Emit <code>http.disconnect</code> ASGI <code>receive()</code> event
on server shutting down for streaming responses (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2829">#2829</a>)</li>
<li>Use native <code>context</code> parameter for
<code>create_task</code> on Python 3.11+ (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2859">#2859</a>)</li>
<li>Drop cast in ASGI types (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2875">#2875</a>)</li>
</ul>
<hr />
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Kludex/uvicorn/compare/0.42.0...0.43.0">https://github.com/Kludex/uvicorn/compare/0.42.0...0.43.0</a></p>
<h2>Version 0.42.0</h2>
<h2>Changed</h2>
<ul>
<li>Use <code>bytearray</code> for request body accumulation to avoid
O(n^2) allocation on fragmented bodies (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2845">#2845</a>)</li>
</ul>
<h2>Fixed</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/Kludex/uvicorn/blob/main/docs/release-notes.md">uvicorn's
changelog</a>.</em></p>
<blockquote>
<h2>0.46.0 (April 23, 2026)</h2>
<h3>Added</h3>
<ul>
<li>Support <code>ws_max_size</code> in <code>wsproto</code>
implementation (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2915">#2915</a>)</li>
<li>Support <code>ws_ping_interval</code> and
<code>ws_ping_timeout</code> in <code>wsproto</code> implementation (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2916">#2916</a>)</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Use <code>bytearray</code> for incoming WebSocket message buffer in
<code>websockets-sansio</code> (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2917">#2917</a>)</li>
</ul>
<h2>0.45.0 (April 21, 2026)</h2>
<h3>Added</h3>
<ul>
<li>Add <code>--reset-contextvars</code> flag to isolate ASGI request
context (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2912">#2912</a>)</li>
<li>Accept <code>os.PathLike</code> for <code>log_config</code> (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2905">#2905</a>)</li>
<li>Accept <code>log_level</code> strings case-insensitively (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2907">#2907</a>)</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Revert &quot;Emit <code>http.disconnect</code> on server shutdown
for streaming responses&quot; (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2913">#2913</a>)</li>
<li>Revert &quot;Explicitly start ASGI run with empty context&quot; (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2911">#2911</a>)</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Preserve forwarded client ports in proxy headers middleware (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2903">#2903</a>)</li>
<li>Raise helpful <code>ImportError</code> when PyYAML is missing for
YAML log config (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2906">#2906</a>)</li>
</ul>
<h2>0.44.0 (April 6, 2026)</h2>
<h3>Added</h3>
<ul>
<li>Implement websocket keepalive pings for websockets-sansio (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2888">#2888</a>)</li>
</ul>
<h2>0.43.0 (April 3, 2026)</h2>
<p>You can quit Uvicorn now. We heard you, <a
href="https://github.com/pamelafox"><code>@​pamelafox</code></a> - all
47 of your Ctrl+C's (thanks for flagging it, and thanks to <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a> for the
fix 🙏). <a href="https://x.com/pamelafox/status/2039097686155227623">See
the tweet</a>.</p>
<h3>Changed</h3>
<ul>
<li>Emit <code>http.disconnect</code> ASGI <code>receive()</code> event
on server shutting down for streaming responses (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2829">#2829</a>)</li>
<li>Use native <code>context</code> parameter for
<code>create_task</code> on Python 3.11+ (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2859">#2859</a>)</li>
<li>Drop cast in ASGI types (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2875">#2875</a>)</li>
</ul>
<h2>0.42.0 (March 16, 2026)</h2>
<h3>Changed</h3>
<ul>
<li>Use <code>bytearray</code> for request body accumulation to avoid
O(n^2) allocation on fragmented bodies (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2845">#2845</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b224045f59"><code>b224045</code></a>
Version 0.46.0 (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2918">#2918</a>)</li>
<li><a
href="7375b5bf66"><code>7375b5b</code></a>
Use <code>bytearray</code> for incoming WebSocket message buffer in
websockets-sansio (#...</li>
<li><a
href="d438fb16fe"><code>d438fb1</code></a>
Support <code>ws_ping_interval</code> and <code>ws_ping_timeout</code>
in <code>wsproto</code> implementation ...</li>
<li><a
href="3e6b964466"><code>3e6b964</code></a>
Support <code>ws_max_size</code> in <code>wsproto</code> implementation
(<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2915">#2915</a>)</li>
<li><a
href="2c423bd82b"><code>2c423bd</code></a>
Version 0.45.0 (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2914">#2914</a>)</li>
<li><a
href="7f027f8e25"><code>7f027f8</code></a>
Revert &quot;Emit <code>http.disconnect</code> on server shutdown for
streaming responses&quot; (#...</li>
<li><a
href="73a80c3cc8"><code>73a80c3</code></a>
Add <code>--reset-contextvars</code> flag to isolate ASGI request
context (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2912">#2912</a>)</li>
<li><a
href="45c0b568d3"><code>45c0b56</code></a>
Revert empty context for ASGI runs (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2911">#2911</a>)</li>
<li><a
href="850d92656d"><code>850d926</code></a>
Raise helpful <code>ImportError</code> when PyYAML is missing for YAML
log config (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2906">#2906</a>)</li>
<li><a
href="fdcacb4b83"><code>fdcacb4</code></a>
Accept <code>log_level</code> strings case-insensitively (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2907">#2907</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/Kludex/uvicorn/compare/0.41.0...0.46.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=uvicorn&package-manager=uv&previous-version=0.41.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-01 16:41:12 +02:00
Valentin Derksen
d3b55566af Use openapi schemas directly (#488) 
This PR adjusts the configuration to the `openapi-typescript` generation
to export the schema types directly and allow importing them directly in
the frontend code:
<img width="645" height="73" alt="image"
src="https://github.com/user-attachments/assets/75ddb995-ac16-4154-842d-fd85d4bdea46"
/>

Alternatively without the `--root-types-no-schema-prefix` option, the
schemas would all be prefixed with "Schema" like
`SchemaMetaDataProviderSearchResult` which could be safer, if there are
type collisions.

LMK what's preferred.

---
Checklist:
- [x] run `npm run openapi` to re-generate the `api.d.ts`
- [x] run `npm run lint`
- [x] run `npm run format`

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **Refactor**
* Simplified and standardised TypeScript typings across the web app by
switching to concise public type aliases for API schemas (e.g. Movie,
Show, Episode, User, Notification, etc.), improving code clarity and
consistency across components and pages; purely type-level changes with
no runtime behaviour impact.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
 2026-05-01 16:37:24 +02:00
Marcel Hellwig
c46239db86 replace libtorrent with torf (#506) 
torf is a python library which deals with torrents, magnets and more. It
is a python only library and has no C backend.

The main reason for replacing it is that libtorrent doesn't have
bindings for pyhton 3.14, which is now the default on arch (I use arch
btw.)

---

Since I don't have a torrent downloader, someone should verify that this
still works (:

Maybe one should add tests for it as well :D

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **Chores**
* Replaced the torrent parsing library and updated project dependency
accordingly.
  * Updated container build to remove the now-unused OS package.

* **Bug Fixes**
* Improved reliability of torrent info extraction during magnet and
fallback handling.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
 2026-05-01 16:24:34 +02:00
Maximilian Dorninger
f5253990e0 switch from APScheduler to Taskiq (#461) 
This PR replaces the APScheduler lib with the Taskiq task queuing lib. 

# why

APScheduler doesn't support FastAPI's DI in tasks, this makes them quite
cumbersome to read and write since DB, Repositories and Services all
need to be instanciated manually.

Moreover, Taskiq makes it easier to start background tasks from FastAPI
requests. This enables MM to move to a more event-based architecture.

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* App now uses an orchestrated async startup/shutdown and runs
background scheduling via a database-backed task queue; startup enqueues
pre-load/import/update tasks.

* **Bug Fixes**
* Improved torrent client handling with clearer conflict messages and
guidance for manual resolution.
* Enhanced logging around season, episode and metadata update
operations; minor regex/behaviour formatting preserved.

* **Chores**
* Updated dependencies to support the new task queue and connection
pooling.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
 2026-02-26 21:23:24 +01:00
dependabot[bot]
e529e0c0a3 Bump @eslint/compat from 1.4.1 to 2.0.2 in /web (#465) 
Bumps
[@eslint/compat](https://github.com/eslint/rewrite/tree/HEAD/packages/compat)
from 1.4.1 to 2.0.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/eslint/rewrite/releases"><code>@​eslint/compat</code>'s
releases</a>.</em></p>
<blockquote>
<h2>compat: v2.0.2</h2>
<h2><a
href="https://github.com/eslint/rewrite/compare/compat-v2.0.1...compat-v2.0.2">2.0.2</a>
(2026-01-29)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>add eslint 10 as peer dependency (<a
href="https://redirect.github.com/eslint/rewrite/issues/361">#361</a>)
(<a
href="ecb37dcafc">ecb37dc</a>)</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li>The following workspace dependencies were updated
<ul>
<li>dependencies
<ul>
<li><code>@​eslint/core</code> bumped from ^1.0.1 to ^1.1.0</li>
</ul>
</li>
</ul>
</li>
</ul>
<h2>migrate-config: v2.0.2</h2>
<h2><a
href="https://github.com/eslint/rewrite/compare/migrate-config-v2.0.1...migrate-config-v2.0.2">2.0.2</a>
(2026-01-29)</h2>
<h3>Dependencies</h3>
<ul>
<li>The following workspace dependencies were updated
<ul>
<li>dependencies
<ul>
<li><code>@​eslint/compat</code> bumped from ^2.0.1 to ^2.0.2</li>
</ul>
</li>
<li>devDependencies
<ul>
<li><code>@​eslint/core</code> bumped from ^1.0.1 to ^1.1.0</li>
</ul>
</li>
</ul>
</li>
</ul>
<h2>compat: v2.0.1</h2>
<h2><a
href="https://github.com/eslint/rewrite/compare/compat-v2.0.0...compat-v2.0.1">2.0.1</a>
(2026-01-08)</h2>
<h3>Dependencies</h3>
<ul>
<li>The following workspace dependencies were updated
<ul>
<li>dependencies
<ul>
<li><code>@​eslint/core</code> bumped from ^1.0.0 to ^1.0.1</li>
</ul>
</li>
</ul>
</li>
</ul>
<h2>migrate-config: v2.0.1</h2>
<h2><a
href="https://github.com/eslint/rewrite/compare/migrate-config-v2.0.0...migrate-config-v2.0.1">2.0.1</a>
(2026-01-08)</h2>
<h3>Dependencies</h3>
<ul>
<li>The following workspace dependencies were updated
<ul>
<li>dependencies
<ul>
<li><code>@​eslint/compat</code> bumped from ^2.0.0 to ^2.0.1</li>
</ul>
</li>
<li>devDependencies
<ul>
<li><code>@​eslint/core</code> bumped from ^1.0.0 to ^1.0.1</li>
</ul>
</li>
</ul>
</li>
</ul>
<h2>compat: v2.0.0</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/eslint/rewrite/blob/main/packages/compat/CHANGELOG.md"><code>@​eslint/compat</code>'s
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/eslint/rewrite/compare/compat-v2.0.1...compat-v2.0.2">2.0.2</a>
(2026-01-29)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>add eslint 10 as peer dependency (<a
href="https://redirect.github.com/eslint/rewrite/issues/361">#361</a>)
(<a
href="ecb37dcafc">ecb37dc</a>)</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li>The following workspace dependencies were updated
<ul>
<li>dependencies
<ul>
<li><code>@​eslint/core</code> bumped from ^1.0.1 to ^1.1.0</li>
</ul>
</li>
</ul>
</li>
</ul>
<h2><a
href="https://github.com/eslint/rewrite/compare/compat-v2.0.0...compat-v2.0.1">2.0.1</a>
(2026-01-08)</h2>
<h3>Dependencies</h3>
<ul>
<li>The following workspace dependencies were updated
<ul>
<li>dependencies
<ul>
<li><code>@​eslint/core</code> bumped from ^1.0.0 to ^1.0.1</li>
</ul>
</li>
</ul>
</li>
</ul>
<h2><a
href="https://github.com/eslint/rewrite/compare/compat-v1.4.1...compat-v2.0.0">2.0.0</a>
(2025-11-14)</h2>
<h3>⚠ BREAKING CHANGES</h3>
<ul>
<li>Require Node.js ^20.19.0 || ^22.13.0 || &gt;=24 (<a
href="https://redirect.github.com/eslint/rewrite/issues/297">#297</a>)</li>
</ul>
<h3>Features</h3>
<ul>
<li>patch missing context and SourceCode methods for v10 (<a
href="https://redirect.github.com/eslint/rewrite/issues/311">#311</a>)
(<a
href="a40d8c60af">a40d8c6</a>)</li>
<li>Require Node.js ^20.19.0 || ^22.13.0 || &gt;=24 (<a
href="https://redirect.github.com/eslint/rewrite/issues/297">#297</a>)
(<a
href="acc623c807">acc623c</a>)</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li>The following workspace dependencies were updated
<ul>
<li>dependencies
<ul>
<li><code>@​eslint/core</code> bumped from ^0.17.0 to ^1.0.0</li>
</ul>
</li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="7960653fe6"><code>7960653</code></a>
chore: release main (<a
href="https://github.com/eslint/rewrite/tree/HEAD/packages/compat/issues/356">#356</a>)</li>
<li><a
href="ecb37dcafc"><code>ecb37dc</code></a>
fix: add eslint 10 as peer dependency (<a
href="https://github.com/eslint/rewrite/tree/HEAD/packages/compat/issues/361">#361</a>)</li>
<li><a
href="074cac2268"><code>074cac2</code></a>
docs: Update README sponsors</li>
<li><a
href="a3b0fd5102"><code>a3b0fd5</code></a>
docs: Update README sponsors</li>
<li><a
href="7abc05147e"><code>7abc051</code></a>
chore: release main (<a
href="https://github.com/eslint/rewrite/tree/HEAD/packages/compat/issues/336">#336</a>)</li>
<li><a
href="f0b5b68e6d"><code>f0b5b68</code></a>
docs: Update README sponsors</li>
<li><a
href="b65204d085"><code>b65204d</code></a>
docs: Update README sponsors</li>
<li><a
href="5f8bc5b872"><code>5f8bc5b</code></a>
ci: run <code>arethetypeswrong</code> on packages with types (<a
href="https://github.com/eslint/rewrite/tree/HEAD/packages/compat/issues/338">#338</a>)</li>
<li><a
href="d9eb64a30a"><code>d9eb64a</code></a>
docs: Update README sponsors</li>
<li><a
href="7444f36783"><code>7444f36</code></a>
docs: Update README sponsors</li>
<li>Additional commits viewable in <a
href="https://github.com/eslint/rewrite/commits/compat-v2.0.2/packages/compat">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@eslint/compat&package-manager=npm_and_yarn&previous-version=1.4.1&new-version=2.0.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-26 21:21:11 +01:00
dependabot[bot]
46a9760376 Bump ruff from 0.14.10 to 0.15.2 (#467) 
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.14.10 to 0.15.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/astral-sh/ruff/releases">ruff's
releases</a>.</em></p>
<blockquote>
<h2>0.15.2</h2>
<h2>Release Notes</h2>
<p>Released on 2026-02-19.</p>
<h3>Preview features</h3>
<ul>
<li>
<p>Expand the default rule set (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23385">#23385</a>)</p>
<p>In preview, Ruff now enables a significantly expanded default rule
set of 412 rules, up from the stable default set of 59 rules. The new
rules are mostly a superset of the stable defaults, with the exception
of these rules, which are removed from the preview defaults:</p>
<ul>
<li><a
href="https://docs.astral.sh/ruff/rules/multiple-imports-on-one-line"><code>multiple-imports-on-one-line</code></a>
(<code>E401</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/module-import-not-at-top-of-file"><code>module-import-not-at-top-of-file</code></a>
(<code>E402</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/module-import-not-at-top-of-file"><code>module-import-not-at-top-of-file</code></a>
(<code>E701</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/multiple-statements-on-one-line-semicolon"><code>multiple-statements-on-one-line-semicolon</code></a>
(<code>E702</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/useless-semicolon"><code>useless-semicolon</code></a>
(<code>E703</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/none-comparison"><code>none-comparison</code></a>
(<code>E711</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/true-false-comparison"><code>true-false-comparison</code></a>
(<code>E712</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/not-in-test"><code>not-in-test</code></a>
(<code>E713</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/not-is-test"><code>not-is-test</code></a>
(<code>E714</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/type-comparison"><code>type-comparison</code></a>
(<code>E721</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/lambda-assignment"><code>lambda-assignment</code></a>
(<code>E731</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/ambiguous-variable-name"><code>ambiguous-variable-name</code></a>
(<code>E741</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/ambiguous-class-name"><code>ambiguous-class-name</code></a>
(<code>E742</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/ambiguous-function-name"><code>ambiguous-function-name</code></a>
(<code>E743</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/undefined-local-with-import-star"><code>undefined-local-with-import-star</code></a>
(<code>F403</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/undefined-local-with-import-star-usage"><code>undefined-local-with-import-star-usage</code></a>
(<code>F405</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/undefined-local-with-nested-import-star-usage"><code>undefined-local-with-nested-import-star-usage</code></a>
(<code>F406</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/forward-annotation-syntax-error"><code>forward-annotation-syntax-error</code></a>
(<code>F722</code>)</li>
</ul>
<p>If you use preview and prefer the old defaults, you can restore them
with configuration like:</p>
<pre lang="toml"><code>
# ruff.toml
<p>[lint]
select = [&quot;E4&quot;, &quot;E7&quot;, &quot;E9&quot;,
&quot;F&quot;]</p>
<h1>pyproject.toml</h1>
<p>[tool.ruff.lint]
select = [&quot;E4&quot;, &quot;E7&quot;, &quot;E9&quot;, &quot;F&quot;]
</code></pre></p>
<p>If you do give them a try, feel free to share your feedback in the <a
href="https://github.com/astral-sh/ruff/discussions/23203">GitHub
discussion</a>!</p>
</li>
<li>
<p>[<code>flake8-pyi</code>] Also check string annotations
(<code>PYI041</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19023">#19023</a>)</p>
</li>
</ul>
<h3>Bug fixes</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md">ruff's
changelog</a>.</em></p>
<blockquote>
<h2>0.15.2</h2>
<p>Released on 2026-02-19.</p>
<h3>Preview features</h3>
<ul>
<li>
<p>Expand the default rule set (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23385">#23385</a>)</p>
<p>In preview, Ruff now enables a significantly expanded default rule
set of 412
rules, up from the stable default set of 59 rules. The new rules are
mostly a
superset of the stable defaults, with the exception of these rules,
which are
removed from the preview defaults:</p>
<ul>
<li><a
href="https://docs.astral.sh/ruff/rules/multiple-imports-on-one-line"><code>multiple-imports-on-one-line</code></a>
(<code>E401</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/module-import-not-at-top-of-file"><code>module-import-not-at-top-of-file</code></a>
(<code>E402</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/module-import-not-at-top-of-file"><code>module-import-not-at-top-of-file</code></a>
(<code>E701</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/multiple-statements-on-one-line-semicolon"><code>multiple-statements-on-one-line-semicolon</code></a>
(<code>E702</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/useless-semicolon"><code>useless-semicolon</code></a>
(<code>E703</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/none-comparison"><code>none-comparison</code></a>
(<code>E711</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/true-false-comparison"><code>true-false-comparison</code></a>
(<code>E712</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/not-in-test"><code>not-in-test</code></a>
(<code>E713</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/not-is-test"><code>not-is-test</code></a>
(<code>E714</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/type-comparison"><code>type-comparison</code></a>
(<code>E721</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/lambda-assignment"><code>lambda-assignment</code></a>
(<code>E731</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/ambiguous-variable-name"><code>ambiguous-variable-name</code></a>
(<code>E741</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/ambiguous-class-name"><code>ambiguous-class-name</code></a>
(<code>E742</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/ambiguous-function-name"><code>ambiguous-function-name</code></a>
(<code>E743</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/undefined-local-with-import-star"><code>undefined-local-with-import-star</code></a>
(<code>F403</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/undefined-local-with-import-star-usage"><code>undefined-local-with-import-star-usage</code></a>
(<code>F405</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/undefined-local-with-nested-import-star-usage"><code>undefined-local-with-nested-import-star-usage</code></a>
(<code>F406</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/forward-annotation-syntax-error"><code>forward-annotation-syntax-error</code></a>
(<code>F722</code>)</li>
</ul>
<p>If you use preview and prefer the old defaults, you can restore them
with
configuration like:</p>
<pre lang="toml"><code>
# ruff.toml
<p>[lint]
select = [&quot;E4&quot;, &quot;E7&quot;, &quot;E9&quot;,
&quot;F&quot;]</p>
<h1>pyproject.toml</h1>
<p>[tool.ruff.lint]
select = [&quot;E4&quot;, &quot;E7&quot;, &quot;E9&quot;, &quot;F&quot;]
</code></pre></p>
<p>If you do give them a try, feel free to share your feedback in the <a
href="https://github.com/astral-sh/ruff/discussions/23203">GitHub
discussion</a>!</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="9d18ee9115"><code>9d18ee9</code></a>
Hard code workflow name and <code>cancel-in-progress</code> only for PRs
(<a
href="https://redirect.github.com/astral-sh/ruff/issues/23431">#23431</a>)</li>
<li><a
href="7cc15f024b"><code>7cc15f0</code></a>
Bump 0.15.2 (<a
href="https://redirect.github.com/astral-sh/ruff/issues/23430">#23430</a>)</li>
<li><a
href="d1b544393a"><code>d1b5443</code></a>
Add extension mapping to configuration file options (<a
href="https://redirect.github.com/astral-sh/ruff/issues/23384">#23384</a>)</li>
<li><a
href="222574af90"><code>222574a</code></a>
Expand the default rule set (<a
href="https://redirect.github.com/astral-sh/ruff/issues/23385">#23385</a>)</li>
<li><a
href="1465b5de38"><code>1465b5d</code></a>
[<code>flake8-async</code>] Fix <code>in_async_context</code> logic (<a
href="https://redirect.github.com/astral-sh/ruff/issues/23426">#23426</a>)</li>
<li><a
href="410902fa40"><code>410902f</code></a>
[<code>pyupgrade</code>] Fix handling of <code>typing.{io,re}</code>
(<code>UP035</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/issues/23131">#23131</a>)</li>
<li><a
href="729610acd9"><code>729610a</code></a>
[ty] Fall back to ambiguous for large control flow graphs (<a
href="https://redirect.github.com/astral-sh/ruff/issues/23399">#23399</a>)</li>
<li><a
href="1425c185b0"><code>1425c18</code></a>
[ty] Add code folding support</li>
<li><a
href="97acaaea5f"><code>97acaae</code></a>
[ty] Fix stack overflow for self-referential <code>TypeOf</code> in
annotations (<a
href="https://redirect.github.com/astral-sh/ruff/issues/23407">#23407</a>)</li>
<li><a
href="1f380c8258"><code>1f380c8</code></a>
[ty] Update tests <code>reveal_type</code> and <code>Never</code> (<a
href="https://redirect.github.com/astral-sh/ruff/issues/23418">#23418</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/astral-sh/ruff/compare/0.14.10...0.15.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ruff&package-manager=uv&previous-version=0.14.10&new-version=0.15.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-26 21:20:43 +01:00
dependabot[bot]
8270d1d3ff Bump sqlalchemy from 2.0.45 to 2.0.47 (#471) 
Bumps [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) from 2.0.45
to 2.0.47.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sqlalchemy/sqlalchemy/releases">sqlalchemy's
releases</a>.</em></p>
<blockquote>
<h1>2.0.47</h1>
<p>Released: February 24, 2026</p>
<h2>orm</h2>
<ul>
<li>
<p><strong>[orm] [bug]</strong> Fixed issue when using ORM mappings with
Python 3.14's <a href="https://peps.python.org/pep-0649">PEP 649</a>
feature
that no longer requires &quot;future annotations&quot;, where the ORM's
introspection
of the <code>__init__</code> method of mapped classes would fail if
non-present
identifiers in annotations were present. The vendored
<code>getfullargspec()</code>
method has been amended to use <code>Format.FORWARDREF</code> under
Python 3.14 to
prevent resolution of names that aren't present.</p>
<p>References: <a
href="https://www.sqlalchemy.org/trac/ticket/13104">#13104</a></p>
</li>
</ul>
<h2>engine</h2>
<ul>
<li>
<p><strong>[engine] [usecase]</strong> The connection object returned by
<code>_engine.Engine.raw_connection()</code>
now supports the context manager protocol, automatically returning the
connection to the pool when exiting the context.</p>
<p>References: <a
href="https://www.sqlalchemy.org/trac/ticket/13116">#13116</a></p>
</li>
</ul>
<h2>postgresql</h2>
<ul>
<li>
<p><strong>[postgresql] [bug]</strong> Fixed an issue in the PostgreSQL
dialect where foreign key constraint
reflection would incorrectly swap or fail to capture
<code>onupdate</code> and
<code>ondelete</code> values when these clauses appeared in a different
order than
expected in the constraint definition. This issue primarily affected
PostgreSQL-compatible databases such as CockroachDB, which may return
<code>ON DELETE</code> before <code>ON UPDATE</code> in the constraint
definition string. The
reflection logic now correctly parses both clauses regardless of their
ordering.</p>
<p>References: <a
href="https://www.sqlalchemy.org/trac/ticket/13105">#13105</a></p>
</li>
<li>
<p><strong>[postgresql] [bug]</strong> Fixed issue in the
<code>engine_insertmanyvalues</code> feature where using
PostgreSQL's <code>ON CONFLICT</code> clause with
<code>_dml.Insert.returning.sort_by_parameter_order</code> enabled would
generate invalid SQL when the insert used an implicit sentinel
(server-side
autoincrement primary key). The generated SQL would incorrectly declare
a
sentinel counter column in the <code>imp_sen</code> table alias without
providing
corresponding values in the <code>VALUES</code> clause, leading to a
<code>ProgrammingError</code> indicating column count mismatch. The fix
allows batch
execution mode when <code>embed_values_counter</code> is active, as the
embedded
counter provides the ordering capability needed even with upsert
behaviors,
rather than unnecessarily downgrading to row-at-a-time execution.</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/sqlalchemy/sqlalchemy/commits">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sqlalchemy&package-manager=uv&previous-version=2.0.45&new-version=2.0.47)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-26 21:20:32 +01:00
dependabot[bot]
6ef200c558 Bump ty from 0.0.9 to 0.0.18 (#470) 
Bumps [ty](https://github.com/astral-sh/ty) from 0.0.9 to 0.0.18.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/astral-sh/ty/releases">ty's
releases</a>.</em></p>
<blockquote>
<h2>0.0.18</h2>
<h2>Release Notes</h2>
<p>Released on 2026-02-20.</p>
<h3>Bug fixes</h3>
<ul>
<li>Support classes dynamically created via <code>type(...)</code> with
cyclic bases (<a
href="https://redirect.github.com/astral-sh/ruff/pull/22792">#22792</a>)</li>
<li>Fix incorrect types inferred when unpacking mixed tuples (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23437">#23437</a>)</li>
<li>Fix stack overflow for self-referential <code>TypeOf</code> in
annotations (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23407">#23407</a>)</li>
<li>Fix several server panics that could occur when computing semantic
tokens for the current file (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23403">#23403</a>),
<a
href="https://redirect.github.com/astral-sh/ruff/pull/23398">#23398</a>,
<a
href="https://redirect.github.com/astral-sh/ruff/pull/23401">#23401</a>)</li>
</ul>
<h3>LSP server</h3>
<ul>
<li>Add code folding support (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23393">#23393</a>)</li>
<li>Add warning message when running <code>ty server</code>
interactively (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23416">#23416</a>)</li>
<li>Exclude test-related symbols from non-first-party packages in
auto-import completions (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23252">#23252</a>)</li>
<li>Fix bug where diagnostics could disappear after opening an external
file (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23447">#23447</a>)</li>
<li>Remove spurious destination for Go-To Definition on variables
defined in a loop (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23391">#23391</a>)</li>
<li>Use the fully qualified name when &quot;baking&quot; an inlay hint
into the source code if the scope already contains a variable with the
same name as the unqualified name (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23265">#23265</a>)</li>
<li>Resolve TypeVars in <code>call_signature_details</code> parameter
types (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23149">#23149</a>)</li>
</ul>
<h3>CLI</h3>
<ul>
<li>Add <code>--output-format</code> to <code>ty version</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23387">#23387</a>)</li>
</ul>
<h3>Configuration</h3>
<ul>
<li>Add <code>replace-imports-with-any</code> option (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23122">#23122</a>)</li>
<li>Support shellexpand for configuration paths (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23274">#23274</a>)</li>
</ul>
<h3>Type checking</h3>
<ul>
<li>Add a new diagnostic to detect invalid class patterns in
<code>match</code> statements (<a
href="https://redirect.github.com/astral-sh/ruff/pull/22939">#22939</a>)</li>
<li>Allow <code>Self</code> in <code>ClassVar</code> type annotations
(<a
href="https://redirect.github.com/astral-sh/ruff/pull/23362">#23362</a>)</li>
<li>Consider synthesized methods and <code>ClassVar</code>-qualified
declarations when determining whether an abstract method has been
overridden in a subclass (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23381">#23381</a>)</li>
<li>Add a diagnostic when combining <code>Final</code> and
<code>ClassVar</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23365">#23365</a>)</li>
<li>Fix return type of <code>assert_never</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23389">#23389</a>)</li>
<li>Fix <code>assert_type</code> diagnostic messages (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23342">#23342</a>)</li>
<li>Ban PEP-613 type alias values from containing type-qualifier special
forms (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23444">#23444</a>)</li>
<li>Infer <code>LiteralString</code> for <code>f&quot;{literal_str_a}
{literal_str_b}&quot;</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23346">#23346</a>)</li>
<li>Infer precise types for bit-shift operations on integer literals (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23301">#23301</a>)</li>
<li>Make <code>[abstract-method-in-final-class]</code> diagnostics less
verbose for classes with many abstract methods (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23379">#23379</a>)</li>
<li>Improve diagnostics for abstract <code>@final</code> classes (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23376">#23376</a>)</li>
<li>Only perform literal promotion for implicitly inferred literals (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23107">#23107</a>)</li>
<li>Parenthesize callable types when they appear in the return
annotation of other callable types (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23327">#23327</a>)</li>
<li>Consider a call to a generic function returning <code>Never</code>
to terminate control flow (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23419">#23419</a>)</li>
<li>Support calls to intersection types (<a
href="https://redirect.github.com/astral-sh/ruff/pull/22469">#22469</a>)</li>
<li>Validate annotated assignments to attributes on self (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23388">#23388</a>)</li>
<li>Treat a bytes-literal type as a subtype of
<code>Sequence[&lt;constituent integers in the bytestring&gt;]</code>
(<a
href="https://redirect.github.com/astral-sh/ruff/pull/23329">#23329</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/astral-sh/ty/blob/main/CHANGELOG.md">ty's
changelog</a>.</em></p>
<blockquote>
<h2>0.0.18</h2>
<p>Released on 2026-02-20.</p>
<h3>Bug fixes</h3>
<ul>
<li>Support classes dynamically created via <code>type(...)</code> with
cyclic bases (<a
href="https://redirect.github.com/astral-sh/ruff/pull/22792">#22792</a>)</li>
<li>Fix incorrect types inferred when unpacking mixed tuples (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23437">#23437</a>)</li>
<li>Fix stack overflow for self-referential <code>TypeOf</code> in
annotations (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23407">#23407</a>)</li>
<li>Fix several server panics that could occur when computing semantic
tokens for the current file (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23403">#23403</a>),
<a
href="https://redirect.github.com/astral-sh/ruff/pull/23398">#23398</a>,
<a
href="https://redirect.github.com/astral-sh/ruff/pull/23401">#23401</a>)</li>
</ul>
<h3>LSP server</h3>
<ul>
<li>Add code folding support (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23393">#23393</a>)</li>
<li>Add warning message when running <code>ty server</code>
interactively (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23416">#23416</a>)</li>
<li>Exclude test-related symbols from non-first-party packages in
auto-import completions (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23252">#23252</a>)</li>
<li>Fix bug where diagnostics could disappear after opening an external
file (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23447">#23447</a>)</li>
<li>Remove spurious destination for Go-To Definition on variables
defined in a loop (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23391">#23391</a>)</li>
<li>Use the fully qualified name when &quot;baking&quot; an inlay hint
into the source code if the scope already contains a variable with the
same name as the unqualified name (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23265">#23265</a>)</li>
<li>Resolve TypeVars in <code>call_signature_details</code> parameter
types (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23149">#23149</a>)</li>
</ul>
<h3>CLI</h3>
<ul>
<li>Add <code>--output-format</code> to <code>ty version</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23387">#23387</a>)</li>
</ul>
<h3>Configuration</h3>
<ul>
<li>Add <code>replace-imports-with-any</code> option (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23122">#23122</a>)</li>
<li>Support shellexpand for configuration paths (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23274">#23274</a>)</li>
</ul>
<h3>Type checking</h3>
<ul>
<li>Add a new diagnostic to detect invalid class patterns in
<code>match</code> statements (<a
href="https://redirect.github.com/astral-sh/ruff/pull/22939">#22939</a>)</li>
<li>Allow <code>Self</code> in <code>ClassVar</code> type annotations
(<a
href="https://redirect.github.com/astral-sh/ruff/pull/23362">#23362</a>)</li>
<li>Consider synthesized methods and <code>ClassVar</code>-qualified
declarations when determining whether an abstract method has been
overridden in a subclass (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23381">#23381</a>)</li>
<li>Add a diagnostic when combining <code>Final</code> and
<code>ClassVar</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23365">#23365</a>)</li>
<li>Fix return type of <code>assert_never</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23389">#23389</a>)</li>
<li>Fix <code>assert_type</code> diagnostic messages (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23342">#23342</a>)</li>
<li>Ban PEP-613 type alias values from containing type-qualifier special
forms (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23444">#23444</a>)</li>
<li>Infer <code>LiteralString</code> for <code>f&quot;{literal_str_a}
{literal_str_b}&quot;</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23346">#23346</a>)</li>
<li>Infer precise types for bit-shift operations on integer literals (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23301">#23301</a>)</li>
<li>Make <code>[abstract-method-in-final-class]</code> diagnostics less
verbose for classes with many abstract methods (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23379">#23379</a>)</li>
<li>Improve diagnostics for abstract <code>@final</code> classes (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23376">#23376</a>)</li>
<li>Only perform literal promotion for implicitly inferred literals (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23107">#23107</a>)</li>
<li>Parenthesize callable types when they appear in the return
annotation of other callable types (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23327">#23327</a>)</li>
<li>Consider a call to a generic function returning <code>Never</code>
to terminate control flow (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23419">#23419</a>)</li>
<li>Support calls to intersection types (<a
href="https://redirect.github.com/astral-sh/ruff/pull/22469">#22469</a>)</li>
<li>Validate annotated assignments to attributes on self (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23388">#23388</a>)</li>
<li>Treat a bytes-literal type as a subtype of
<code>Sequence[&lt;constituent integers in the bytestring&gt;]</code>
(<a
href="https://redirect.github.com/astral-sh/ruff/pull/23329">#23329</a>)</li>
<li>Allow a string-literal argument to match against an
<code>Iterable</code> parameter in type variable inference. (<a
href="https://redirect.github.com/astral-sh/ruff/pull/23326">#23326</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="751672710c"><code>7516727</code></a>
Bump version to 0.0.18 (<a
href="https://redirect.github.com/astral-sh/ty/issues/2869">#2869</a>)</li>
<li><a
href="8e86a5684f"><code>8e86a56</code></a>
Mention code folding on language server feature page</li>
<li><a
href="ca49bf9199"><code>ca49bf9</code></a>
Add shellcheck to pre-commit configuration (<a
href="https://redirect.github.com/astral-sh/ty/issues/2845">#2845</a>)</li>
<li><a
href="532e761e8f"><code>532e761</code></a>
Update PyO3/maturin-action action to v1.50.0 (<a
href="https://redirect.github.com/astral-sh/ty/issues/2823">#2823</a>)</li>
<li><a
href="0211006eb6"><code>0211006</code></a>
Update prek dependencies (<a
href="https://redirect.github.com/astral-sh/ty/issues/2822">#2822</a>)</li>
<li><a
href="60ebbfe853"><code>60ebbfe</code></a>
docs: Add beta status notice to README (<a
href="https://redirect.github.com/astral-sh/ty/issues/2556">#2556</a>)</li>
<li><a
href="31b126a590"><code>31b126a</code></a>
docs: add link for the call hierarchy tracking issue (<a
href="https://redirect.github.com/astral-sh/ty/issues/2816">#2816</a>)</li>
<li><a
href="8cec857182"><code>8cec857</code></a>
[ty] Bump version to 0.0.17 (<a
href="https://redirect.github.com/astral-sh/ty/issues/2806">#2806</a>)</li>
<li><a
href="3650f58ffd"><code>3650f58</code></a>
docs: Clarify that nvim-lspconfig is the recommended way of using ty in
all v...</li>
<li><a
href="55b8ff2055"><code>55b8ff2</code></a>
Add note about fallback behavior to <code>python</code> in
<code>PATH</code> (<a
href="https://redirect.github.com/astral-sh/ty/issues/2787">#2787</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/astral-sh/ty/compare/0.0.9...0.0.18">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ty&package-manager=uv&previous-version=0.0.9&new-version=0.0.18)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-26 21:20:22 +01:00
dependabot[bot]
47d35d4bd7 Bump tailwindcss from 4.2.0 to 4.2.1 in /web (#469) 
Bumps
[tailwindcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss)
from 4.2.0 to 4.2.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tailwindlabs/tailwindcss/releases">tailwindcss's
releases</a>.</em></p>
<blockquote>
<h2>v4.2.1</h2>
<h3>Fixed</h3>
<ul>
<li>Allow trailing dash in functional utility names for backwards
compatibility (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19696">#19696</a>)</li>
<li>Properly detect classes containing <code>.</code> characters within
curly braces in MDX files (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19711">#19711</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md">tailwindcss's
changelog</a>.</em></p>
<blockquote>
<h2>[4.2.1] - 2026-02-23</h2>
<h3>Fixed</h3>
<ul>
<li>Allow trailing dash in functional utility names for backwards
compatibility (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19696">#19696</a>)</li>
<li>Properly detect classes containing <code>.</code> characters within
curly braces in MDX files (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19711">#19711</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="1dce64ee7e"><code>1dce64e</code></a>
4.2.1 (<a
href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/19714">#19714</a>)</li>
<li><a
href="d15d92ca60"><code>d15d92c</code></a>
Allow trailing dash in functional utility names (<a
href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/19696">#19696</a>)</li>
<li>See full diff in <a
href="https://github.com/tailwindlabs/tailwindcss/commits/v4.2.1/packages/tailwindcss">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tailwindcss&package-manager=npm_and_yarn&previous-version=4.2.0&new-version=4.2.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-26 21:20:08 +01:00
Juan David Bermudez Celedon
cbd70bd6f3 Fix scoring rules keyword matching (#473) 
Fixs for #460 

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

## Release Notes

* **Improvements**
* Refined keyword matching in indexer queries with case-insensitive,
word-boundary-aware search for more accurate results.

* **Bug Fixes**
  * Corrected torrent URL redirect resolution logic.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
 2026-02-26 16:37:29 +01:00
Juan David Bermudez Celedon
d8405fd903 Extend AVOID_CAM scoring rule (#458) 
The base title scoring rule **avoid_cam** can be extended with more
keyword related to low quality videos similar to CAM.


| Type | Acronyms | Meaning |

|-----------|-------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| CAM | CAM<br>CAMRIP<br>HDCAM | A recording made with a handheld camera
in a movie theater. |
| Screener |
BDSCR<br>DDC<br>DVDSCR<br>DVDSCREENER<br>SCR<br>SCREENER<br>WEBSCREENER
| Screeners are early DVD or BD releases of the theatrical version of a
film, typically sent to movie reviewers, academy members and executives
for review purposes. |
| Telecine | HDTC<br>TC<br>TELECINE | A digital scan of the film print.
|
| Telesync | HDTS<br>TELESYNC<br>TS | Similar to *CAM*, but the camera
is typically placed closer to the projector or on a tripod in the
projection booth. Audio is captured directly from the sound system. |
| TV | TVRIP |

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

## Release Notes

* **Chores**
* Improved detection of additional camera-related content format
variants through updated filtering rules.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
 2026-02-23 23:21:48 +01:00
Maximilian Dorninger
7824891557 Fix qbittorrent category error (#456) 
This PR fixes an error caused by MM trying to set the category save path
to None if the string is empty.
 2026-02-22 19:51:10 +01:00
Maximilian Dorninger
a643c9426d remove everything related to requests (#455) 
This PR removes the requests feature. The functionality will be replaced
either by Seerr or by reimplementing it in a better way.
 2026-02-22 19:46:47 +01:00
GokuPlay609
c2645000e5 fix: improve quality detection regex to match 2160p, UHD, FullHD and other keywords (#450) 
## What

Two-line fix to the quality detection regex in
`media_manager/indexer/schemas.py`.

**UHD pattern**: `\b(4k)\b` → `\b(4k|2160p|uhd)\b`  
**FullHD pattern**: `\b(1080p)\b` → `\b(1080p|fullhd|full\s*hd)\b`

## Why

The UHD regex only matched the literal keyword `4k`. Torrent titles
containing `2160p` or `UHD` (but not `4k`) were classified as
`Quality.unknown` (value 5) instead of `Quality.uhd` (value 1). Since
sorting uses quality as the primary key, these 4K releases ended up at
the bottom of search results.

### Example

| Title | Before | After |
|---|---|---|
| `Movie.2013.4K.HDR.2160p.x265` |  `Quality.uhd` |  `Quality.uhd` |
| `Movie.2013.UHD.BluRay.2160p.HDR10.x265` |  `Quality.unknown` | 
`Quality.uhd` |
| `Movie.2013.2160p.WEBRip.DDP5.1.x264` |  `Quality.unknown` | 
`Quality.uhd` |

All patterns already use `re.IGNORECASE`, so case variants are handled.

Fixes #449

---------

Co-authored-by: GokuPlay609 <GokuPlay609@users.noreply.github.com>
Co-authored-by: Amp <amp@ampcode.com>
Co-authored-by: maxid <97409287+maxdorninger@users.noreply.github.com>
 2026-02-22 16:25:36 +01:00
Maximilian Dorninger
b16f2dce92 migrate season files to episode files and drop legacy table (#454) 
This pull request introduces a migration script to transition from
storing file information at the season level to the episode level in the
database.
 2026-02-22 16:25:12 +01:00
natarelli22
d8a0ec66c3 Support for handling Single Episode Torrents (#331) 
**Description**
As explained on #322, MediaManager currently only matches torrents that
represent full seasons or season packs.
As a result, valid episode-based releases — commonly returned by
indexers such as EZTV — are filtered out during scoring and never
considered for download.

Initial changes to the season parsing logic allow these torrents to be
discovered.
However, additional changes are required beyond season parsing to
properly support single-episode imports.

This PR is intended as a work-in-progress / RFC to discuss the required
changes and align on the correct approach before completing the
implementation.

**Things planned to do**
[X] Update Web UI to better display episode-level details
[ ] Update TV show import logic to handle single episode files, instead
of assuming full season files (to avoid integrity errors when episodes
are missing)
[ ] Create episode file tables to store episode-level data, similar to
season files
[ ] Implement fetching and downloading logic for single-episode torrents

**Notes / current limitations**
At the moment, the database and import logic assume one file per season
per quality, which works for season packs but not for episode-based
releases.

These changes are intentionally not completed yet and are part of the
discussion this PR aims to start.

**Request for feedback**
This represents a significant change in how TV content is handled in
MediaManager.
Before proceeding further, feedback from @maxdorninger on the overall
direction and next steps would be greatly appreciated.

Once aligned, the remaining tasks can be implemented incrementally.

---------

Co-authored-by: Maximilian Dorninger <97409287+maxdorninger@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2026-02-22 15:21:19 +01:00
Maximilian Dorninger
094d0e4eb7 update logo 
forgot to update this file
 2026-02-21 21:48:37 +01:00
Maximilian Dorninger
4d7f596ffd Rebrand to new MediaManager logo (#452) 
I made two new logos because the old one wasn't very recognizable at a
glance.


![1](https://github.com/user-attachments/assets/cb37a709-e80b-4c97-a4d8-cf9ba0dc1613)

![3](https://github.com/user-attachments/assets/c56ded5c-fe15-4c02-bc20-fe2bff06caf9)
 2026-02-21 20:29:16 +01:00
dependabot[bot]
300df14c8c Bump svelte from 5.51.0 to 5.53.0 in /web in the npm_and_yarn group across 1 directory (#445) 
Bumps the npm_and_yarn group with 1 update in the /web directory:
[svelte](https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte).

Updates `svelte` from 5.51.0 to 5.53.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sveltejs/svelte/releases">svelte's
releases</a>.</em></p>
<blockquote>
<h2>svelte@5.53.0</h2>
<h3>Minor Changes</h3>
<ul>
<li>
<p>feat: allow comments in tags (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17671">#17671</a>)</p>
</li>
<li>
<p>feat: allow error boundaries to work on the server (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17672">#17672</a>)</p>
</li>
</ul>
<h3>Patch Changes</h3>
<ul>
<li>
<p>fix: use TrustedHTML to test for customizable <!-- raw HTML omitted
--> support, where necessary (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17743">#17743</a>)</p>
</li>
<li>
<p>fix: ensure head effects are kept in the effect tree (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17746">#17746</a>)</p>
</li>
<li>
<p>chore: deactivate current_batch by default in unset_context (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17738">#17738</a>)</p>
</li>
</ul>
<h2>svelte@5.52.0</h2>
<h3>Minor Changes</h3>
<ul>
<li>feat: support TrustedHTML in <code>{@html}</code> expressions (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17701">#17701</a>)</li>
</ul>
<h3>Patch Changes</h3>
<ul>
<li>
<p>fix: repair dynamic component truthy/falsy hydration mismatches (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17737">#17737</a>)</p>
</li>
<li>
<p>fix: re-run non-render-bound deriveds on the server (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17674">#17674</a>)</p>
</li>
</ul>
<h2>svelte@5.51.5</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p>fix: check to make sure <code>svelte:element</code> tags are valid
during SSR (<a
href="73098bb26c"><code>73098bb26c6f06e7fd1b0746d817d2c5ee90755f</code></a>)</p>
</li>
<li>
<p>fix: misc option escaping and backwards compatibility (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17741">#17741</a>)</p>
</li>
<li>
<p>fix: strip event handlers during SSR (<a
href="a0c7f28915"><code>a0c7f289156e9fafaeaf5ca14af6c06fe9b9eae5</code></a>)</p>
</li>
<li>
<p>fix: replace usage of <code>for in</code> with <code>for of
Object.keys</code> (<a
href="f89c7ddd7e"><code>f89c7ddd7eebaa1ef3cc540400bec2c9140b330c</code></a>)</p>
</li>
<li>
<p>fix: always escape option body in SSR (<a
href="f7c80da18c"><code>f7c80da18c215e3727c2a611b0b8744cc6e504c5</code></a>)</p>
</li>
<li>
<p>chore: upgrade <code>devalue</code> (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17739">#17739</a>)</p>
</li>
</ul>
<h2>svelte@5.51.4</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p>chore: proactively defer effects in pending boundary (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17734">#17734</a>)</p>
</li>
<li>
<p>fix: detect and error on non-idempotent each block keys in dev mode
(<a
href="https://redirect.github.com/sveltejs/svelte/pull/17732">#17732</a>)</p>
</li>
</ul>
<h2>svelte@5.51.3</h2>
<h3>Patch Changes</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/sveltejs/svelte/blob/main/packages/svelte/CHANGELOG.md">svelte's
changelog</a>.</em></p>
<blockquote>
<h2>5.53.0</h2>
<h3>Minor Changes</h3>
<ul>
<li>
<p>feat: allow comments in tags (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17671">#17671</a>)</p>
</li>
<li>
<p>feat: allow error boundaries to work on the server (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17672">#17672</a>)</p>
</li>
</ul>
<h3>Patch Changes</h3>
<ul>
<li>
<p>fix: use TrustedHTML to test for customizable
<code>&lt;select&gt;</code> support, where necessary (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17743">#17743</a>)</p>
</li>
<li>
<p>fix: ensure head effects are kept in the effect tree (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17746">#17746</a>)</p>
</li>
<li>
<p>chore: deactivate current_batch by default in unset_context (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17738">#17738</a>)</p>
</li>
</ul>
<h2>5.52.0</h2>
<h3>Minor Changes</h3>
<ul>
<li>feat: support TrustedHTML in <code>{@html}</code> expressions (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17701">#17701</a>)</li>
</ul>
<h3>Patch Changes</h3>
<ul>
<li>
<p>fix: repair dynamic component truthy/falsy hydration mismatches (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17737">#17737</a>)</p>
</li>
<li>
<p>fix: re-run non-render-bound deriveds on the server (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17674">#17674</a>)</p>
</li>
</ul>
<h2>5.51.5</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p>fix: check to make sure <code>svelte:element</code> tags are valid
during SSR (<a
href="73098bb26c"><code>73098bb26c6f06e7fd1b0746d817d2c5ee90755f</code></a>)</p>
</li>
<li>
<p>fix: misc option escaping and backwards compatibility (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17741">#17741</a>)</p>
</li>
<li>
<p>fix: strip event handlers during SSR (<a
href="a0c7f28915"><code>a0c7f289156e9fafaeaf5ca14af6c06fe9b9eae5</code></a>)</p>
</li>
<li>
<p>fix: replace usage of <code>for in</code> with <code>for of
Object.keys</code> (<a
href="f89c7ddd7e"><code>f89c7ddd7eebaa1ef3cc540400bec2c9140b330c</code></a>)</p>
</li>
<li>
<p>fix: always escape option body in SSR (<a
href="f7c80da18c"><code>f7c80da18c215e3727c2a611b0b8744cc6e504c5</code></a>)</p>
</li>
<li>
<p>chore: upgrade <code>devalue</code> (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17739">#17739</a>)</p>
</li>
</ul>
<h2>5.51.4</h2>
<h3>Patch Changes</h3>
<ul>
<li>chore: proactively defer effects in pending boundary (<a
href="https://redirect.github.com/sveltejs/svelte/pull/17734">#17734</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c2fc95a467"><code>c2fc95a</code></a>
Version Packages (<a
href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17747">#17747</a>)</li>
<li><a
href="92e2fc1209"><code>92e2fc1</code></a>
feat: allow comments in tags (<a
href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17671">#17671</a>)</li>
<li><a
href="2661513cd3"><code>2661513</code></a>
feat: allow error boundaries to work on the server (<a
href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17672">#17672</a>)</li>
<li><a
href="582e4443dc"><code>582e444</code></a>
fix: ensure head effects are kept in the effect tree (<a
href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17746">#17746</a>)</li>
<li><a
href="f8bf9bb461"><code>f8bf9bb</code></a>
chore: deactivate current_batch by default in unset_context (<a
href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17738">#17738</a>)</li>
<li><a
href="696d97ff3e"><code>696d97f</code></a>
fix: use TrustedHTML to test for customizable &lt;select&gt; support,
where necessa...</li>
<li><a
href="cbf4e246fc"><code>cbf4e24</code></a>
Version Packages (<a
href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17742">#17742</a>)</li>
<li><a
href="09c4cb5084"><code>09c4cb5</code></a>
fix: re-run non-render-bound deriveds on the server (<a
href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17674">#17674</a>)</li>
<li><a
href="be24b0dca7"><code>be24b0d</code></a>
feat: support TrustedHTML in {<a
href="https://github.com/html"><code>@​html</code></a>} expressions (<a
href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17701">#17701</a>)</li>
<li><a
href="9f48e7620f"><code>9f48e76</code></a>
fix: repair dynamic component truthy/falsy hydration mismatches (<a
href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17737">#17737</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/sveltejs/svelte/commits/svelte@5.53.0/packages/svelte">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=svelte&package-manager=npm_and_yarn&previous-version=5.51.0&new-version=5.53.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/maxdorninger/MediaManager/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-20 18:08:06 +01:00
dependabot[bot]
2f102d6c5d Bump the uv group across 1 directory with 2 updates (#446) 
Bumps the uv group with 2 updates in the /metadata_relay directory:
[python-multipart](https://github.com/Kludex/python-multipart) and
[urllib3](https://github.com/urllib3/urllib3).

Updates `python-multipart` from 0.0.21 to 0.0.22
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/Kludex/python-multipart/releases">python-multipart's
releases</a>.</em></p>
<blockquote>
<h2>Version 0.0.22</h2>
<h2>What's Changed</h2>
<ul>
<li>Drop directory path from filename in <code>File</code> <a
href="9433f4bbc9">9433f4b</a>.</li>
</ul>
<hr />
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Kludex/python-multipart/compare/0.0.21...0.0.22">https://github.com/Kludex/python-multipart/compare/0.0.21...0.0.22</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/Kludex/python-multipart/blob/master/CHANGELOG.md">python-multipart's
changelog</a>.</em></p>
<blockquote>
<h2>0.0.22 (2026-01-25)</h2>
<ul>
<li>Drop directory path from filename in <code>File</code> <a
href="9433f4bbc9">9433f4b</a>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="bea7bbb290"><code>bea7bbb</code></a>
Version 0.0.22 (<a
href="https://redirect.github.com/Kludex/python-multipart/issues/222">#222</a>)</li>
<li><a
href="0fb59a9df0"><code>0fb59a9</code></a>
chore: add return type on test (<a
href="https://redirect.github.com/Kludex/python-multipart/issues/221">#221</a>)</li>
<li><a
href="9433f4bbc9"><code>9433f4b</code></a>
Merge commit from fork</li>
<li><a
href="d5c91ecb0a"><code>d5c91ec</code></a>
Bump the github-actions group with 2 updates (<a
href="https://redirect.github.com/Kludex/python-multipart/issues/219">#219</a>)</li>
<li><a
href="5a90631b48"><code>5a90631</code></a>
bump uv (<a
href="https://redirect.github.com/Kludex/python-multipart/issues/218">#218</a>)</li>
<li>See full diff in <a
href="https://github.com/Kludex/python-multipart/compare/0.0.21...0.0.22">compare
view</a></li>
</ul>
</details>
<br />

Updates `urllib3` from 2.6.2 to 2.6.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/releases">urllib3's
releases</a>.</em></p>
<blockquote>
<h2>2.6.3</h2>
<h2>🚀 urllib3 is fundraising for HTTP/2 support</h2>
<p><a
href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3
is raising ~$40,000 USD</a> to release HTTP/2 support and ensure
long-term sustainable maintenance of the project after a sharp decline
in financial support. If your company or organization uses Python and
would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and
thousands of other projects <a
href="https://opencollective.com/urllib3">please consider contributing
financially</a> to ensure HTTP/2 support is developed sustainably and
maintained for the long-haul.</p>
<p>Thank you for your support.</p>
<h2>Changes</h2>
<ul>
<li>Fixed a security issue where decompression-bomb safeguards of the
streaming API were bypassed when HTTP redirects were followed.
(CVE-2026-21441 reported by <a
href="https://github.com/D47A"><code>@​D47A</code></a>, 8.9 High,
GHSA-38jv-5279-wg99)</li>
<li>Started treating <code>Retry-After</code> times greater than 6 hours
as 6 hours by default. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3743">urllib3/urllib3#3743</a>)</li>
<li>Fixed <code>urllib3.connection.VerifiedHTTPSConnection</code> on
Emscripten. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3752">urllib3/urllib3#3752</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's
changelog</a>.</em></p>
<blockquote>
<h1>2.6.3 (2026-01-07)</h1>
<ul>
<li>Fixed a high-severity security issue where decompression-bomb
safeguards of
the streaming API were bypassed when HTTP redirects were followed.
(<code>GHSA-38jv-5279-wg99
&lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99&gt;</code>__)</li>
<li>Started treating <code>Retry-After</code> times greater than 6 hours
as 6 hours by
default. (<code>[#3743](https://github.com/urllib3/urllib3/issues/3743)
&lt;https://github.com/urllib3/urllib3/issues/3743&gt;</code>__)</li>
<li>Fixed <code>urllib3.connection.VerifiedHTTPSConnection</code> on
Emscripten.
(<code>[#3752](https://github.com/urllib3/urllib3/issues/3752)
&lt;https://github.com/urllib3/urllib3/issues/3752&gt;</code>__)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0248277dd7"><code>0248277</code></a>
Release 2.6.3</li>
<li><a
href="8864ac407b"><code>8864ac4</code></a>
Merge commit from fork</li>
<li><a
href="70cecb27ca"><code>70cecb2</code></a>
Fix Scorecard issues related to vulnerable dev dependencies (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3755">#3755</a>)</li>
<li><a
href="41f249abe1"><code>41f249a</code></a>
Move &quot;v2.0 Migration Guide&quot; to the end of the table of
contents (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3747">#3747</a>)</li>
<li><a
href="fd4dffd2fc"><code>fd4dffd</code></a>
Patch <code>VerifiedHTTPSConnection</code> for Emscripten (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3752">#3752</a>)</li>
<li><a
href="13f0bfd55e"><code>13f0bfd</code></a>
Handle massive values in Retry-After when calculating time to sleep for
(<a
href="https://redirect.github.com/urllib3/urllib3/issues/3743">#3743</a>)</li>
<li><a
href="8c480bf87b"><code>8c480bf</code></a>
Bump actions/upload-artifact from 5.0.0 to 6.0.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3748">#3748</a>)</li>
<li><a
href="4b40616e95"><code>4b40616</code></a>
Bump actions/cache from 4.3.0 to 5.0.1 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3750">#3750</a>)</li>
<li><a
href="82b8479663"><code>82b8479</code></a>
Bump actions/download-artifact from 6.0.0 to 7.0.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3749">#3749</a>)</li>
<li><a
href="34284cb017"><code>34284cb</code></a>
Mention experimental features in the security policy (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3746">#3746</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/urllib3/urllib3/compare/2.6.2...2.6.3">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/maxdorninger/MediaManager/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-20 18:07:53 +01:00
dependabot[bot]
3e696c463c Bump the uv group across 1 directory with 3 updates (#448) 
Bumps the uv group with 3 updates in the / directory:
[cryptography](https://github.com/pyca/cryptography),
[python-multipart](https://github.com/Kludex/python-multipart) and
[urllib3](https://github.com/urllib3/urllib3).

Updates `cryptography` from 46.0.3 to 46.0.5
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst">cryptography's
changelog</a>.</em></p>
<blockquote>
<p>46.0.5 - 2026-02-10</p>
<pre><code>
* An attacker could create a malicious public key that reveals portions
of your
private key when using certain uncommon elliptic curves (binary curves).
This version now includes additional security checks to prevent this
attack.
This issue only affects binary elliptic curves, which are rarely used in
real-world applications. Credit to **XlabAI Team of Tencent Xuanwu Lab
and
Atuin Automated Vulnerability Discovery Engine** for reporting the
issue.
  **CVE-2026-26007**
* Support for ``SECT*`` binary elliptic curves is deprecated and will be
  removed in the next release.
<p>.. v46-0-4:</p>
<p>46.0.4 - 2026-01-27<br />
</code></pre></p>
<ul>
<li><code>Dropped support for win_arm64 wheels</code>_.</li>
<li>Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL
3.5.5.</li>
</ul>
<p>.. _v46-0-3:</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="06e120e682"><code>06e120e</code></a>
bump version for 46.0.5 release (<a
href="https://redirect.github.com/pyca/cryptography/issues/14289">#14289</a>)</li>
<li><a
href="0eebb9dbb6"><code>0eebb9d</code></a>
EC check key on cofactor &gt; 1 (<a
href="https://redirect.github.com/pyca/cryptography/issues/14287">#14287</a>)</li>
<li><a
href="bedf6e186b"><code>bedf6e1</code></a>
fix openssl version on 46 branch (<a
href="https://redirect.github.com/pyca/cryptography/issues/14220">#14220</a>)</li>
<li><a
href="e6f44fc8e6"><code>e6f44fc</code></a>
bump for 46.0.4 and drop win arm64 due to CI issues (<a
href="https://redirect.github.com/pyca/cryptography/issues/14217">#14217</a>)</li>
<li>See full diff in <a
href="https://github.com/pyca/cryptography/compare/46.0.3...46.0.5">compare
view</a></li>
</ul>
</details>
<br />

Updates `python-multipart` from 0.0.21 to 0.0.22
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/Kludex/python-multipart/releases">python-multipart's
releases</a>.</em></p>
<blockquote>
<h2>Version 0.0.22</h2>
<h2>What's Changed</h2>
<ul>
<li>Drop directory path from filename in <code>File</code> <a
href="9433f4bbc9">9433f4b</a>.</li>
</ul>
<hr />
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Kludex/python-multipart/compare/0.0.21...0.0.22">https://github.com/Kludex/python-multipart/compare/0.0.21...0.0.22</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/Kludex/python-multipart/blob/master/CHANGELOG.md">python-multipart's
changelog</a>.</em></p>
<blockquote>
<h2>0.0.22 (2026-01-25)</h2>
<ul>
<li>Drop directory path from filename in <code>File</code> <a
href="9433f4bbc9">9433f4b</a>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="bea7bbb290"><code>bea7bbb</code></a>
Version 0.0.22 (<a
href="https://redirect.github.com/Kludex/python-multipart/issues/222">#222</a>)</li>
<li><a
href="0fb59a9df0"><code>0fb59a9</code></a>
chore: add return type on test (<a
href="https://redirect.github.com/Kludex/python-multipart/issues/221">#221</a>)</li>
<li><a
href="9433f4bbc9"><code>9433f4b</code></a>
Merge commit from fork</li>
<li><a
href="d5c91ecb0a"><code>d5c91ec</code></a>
Bump the github-actions group with 2 updates (<a
href="https://redirect.github.com/Kludex/python-multipart/issues/219">#219</a>)</li>
<li><a
href="5a90631b48"><code>5a90631</code></a>
bump uv (<a
href="https://redirect.github.com/Kludex/python-multipart/issues/218">#218</a>)</li>
<li>See full diff in <a
href="https://github.com/Kludex/python-multipart/compare/0.0.21...0.0.22">compare
view</a></li>
</ul>
</details>
<br />

Updates `urllib3` from 2.6.2 to 2.6.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/releases">urllib3's
releases</a>.</em></p>
<blockquote>
<h2>2.6.3</h2>
<h2>🚀 urllib3 is fundraising for HTTP/2 support</h2>
<p><a
href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3
is raising ~$40,000 USD</a> to release HTTP/2 support and ensure
long-term sustainable maintenance of the project after a sharp decline
in financial support. If your company or organization uses Python and
would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and
thousands of other projects <a
href="https://opencollective.com/urllib3">please consider contributing
financially</a> to ensure HTTP/2 support is developed sustainably and
maintained for the long-haul.</p>
<p>Thank you for your support.</p>
<h2>Changes</h2>
<ul>
<li>Fixed a security issue where decompression-bomb safeguards of the
streaming API were bypassed when HTTP redirects were followed.
(CVE-2026-21441 reported by <a
href="https://github.com/D47A"><code>@​D47A</code></a>, 8.9 High,
GHSA-38jv-5279-wg99)</li>
<li>Started treating <code>Retry-After</code> times greater than 6 hours
as 6 hours by default. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3743">urllib3/urllib3#3743</a>)</li>
<li>Fixed <code>urllib3.connection.VerifiedHTTPSConnection</code> on
Emscripten. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3752">urllib3/urllib3#3752</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's
changelog</a>.</em></p>
<blockquote>
<h1>2.6.3 (2026-01-07)</h1>
<ul>
<li>Fixed a high-severity security issue where decompression-bomb
safeguards of
the streaming API were bypassed when HTTP redirects were followed.
(<code>GHSA-38jv-5279-wg99
&lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99&gt;</code>__)</li>
<li>Started treating <code>Retry-After</code> times greater than 6 hours
as 6 hours by
default. (<code>[#3743](https://github.com/urllib3/urllib3/issues/3743)
&lt;https://github.com/urllib3/urllib3/issues/3743&gt;</code>__)</li>
<li>Fixed <code>urllib3.connection.VerifiedHTTPSConnection</code> on
Emscripten.
(<code>[#3752](https://github.com/urllib3/urllib3/issues/3752)
&lt;https://github.com/urllib3/urllib3/issues/3752&gt;</code>__)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0248277dd7"><code>0248277</code></a>
Release 2.6.3</li>
<li><a
href="8864ac407b"><code>8864ac4</code></a>
Merge commit from fork</li>
<li><a
href="70cecb27ca"><code>70cecb2</code></a>
Fix Scorecard issues related to vulnerable dev dependencies (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3755">#3755</a>)</li>
<li><a
href="41f249abe1"><code>41f249a</code></a>
Move &quot;v2.0 Migration Guide&quot; to the end of the table of
contents (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3747">#3747</a>)</li>
<li><a
href="fd4dffd2fc"><code>fd4dffd</code></a>
Patch <code>VerifiedHTTPSConnection</code> for Emscripten (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3752">#3752</a>)</li>
<li><a
href="13f0bfd55e"><code>13f0bfd</code></a>
Handle massive values in Retry-After when calculating time to sleep for
(<a
href="https://redirect.github.com/urllib3/urllib3/issues/3743">#3743</a>)</li>
<li><a
href="8c480bf87b"><code>8c480bf</code></a>
Bump actions/upload-artifact from 5.0.0 to 6.0.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3748">#3748</a>)</li>
<li><a
href="4b40616e95"><code>4b40616</code></a>
Bump actions/cache from 4.3.0 to 5.0.1 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3750">#3750</a>)</li>
<li><a
href="82b8479663"><code>82b8479</code></a>
Bump actions/download-artifact from 6.0.0 to 7.0.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3749">#3749</a>)</li>
<li><a
href="34284cb017"><code>34284cb</code></a>
Mention experimental features in the security policy (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3746">#3746</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/urllib3/urllib3/compare/2.6.2...2.6.3">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/maxdorninger/MediaManager/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-20 18:07:39 +01:00
dependabot[bot]
5adb88f9e0 Bump pillow from 12.1.0 to 12.1.1 (#443) 
Bumps [pillow](https://github.com/python-pillow/Pillow) from 12.1.0 to
12.1.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/python-pillow/Pillow/releases">pillow's
releases</a>.</em></p>
<blockquote>
<h2>12.1.1</h2>
<p><a
href="https://pillow.readthedocs.io/en/stable/releasenotes/12.1.1.html">https://pillow.readthedocs.io/en/stable/releasenotes/12.1.1.html</a></p>
<h2>Dependencies</h2>
<ul>
<li>Patch libavif for svt-av1 4.0 compatibility <a
href="https://redirect.github.com/python-pillow/Pillow/issues/9413">#9413</a>
[<a href="https://github.com/hugovk"><code>@​hugovk</code></a>]</li>
</ul>
<h2>Other changes</h2>
<ul>
<li>Fix OOB Write with invalid tile extents <a
href="https://redirect.github.com/python-pillow/Pillow/issues/9427">#9427</a>
[<a
href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="5158d98c80"><code>5158d98</code></a>
12.1.1 version bump</li>
<li><a
href="9000313cc5"><code>9000313</code></a>
Fix OOB Write with invalid tile extents (<a
href="https://redirect.github.com/python-pillow/Pillow/issues/9427">#9427</a>)</li>
<li><a
href="cd0111849f"><code>cd01118</code></a>
Patch libavif for svt-av1 4.0 compatibility</li>
<li>See full diff in <a
href="https://github.com/python-pillow/Pillow/compare/12.1.0...12.1.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pillow&package-manager=uv&previous-version=12.1.0&new-version=12.1.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-20 17:35:11 +01:00
dependabot[bot]
eb277dddac Bump sveltekit-superforms from 2.28.1 to 2.29.1 in /web (#442) 
Bumps
[sveltekit-superforms](https://github.com/ciscoheat/sveltekit-superforms)
from 2.28.1 to 2.29.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/ciscoheat/sveltekit-superforms/releases">sveltekit-superforms's
releases</a>.</em></p>
<blockquote>
<h2>v2.29.1</h2>
<h3>Fixed</h3>
<ul>
<li>Fixed TypeScript type inference for discriminated unions in
<code>ValidationErrors</code>. <a
href="https://redirect.github.com/ciscoheat/sveltekit-superforms/issues/653">#653</a></li>
<li>Fixed FormData parsing for discriminated unions, so they work
properly without requiring <code>dataType: 'json'</code>. <a
href="https://redirect.github.com/ciscoheat/sveltekit-superforms/issues/655">#655</a></li>
<li><code>reset()</code> function didn't preserve tainted state for
fields that are not being reset when using partial data. <a
href="https://redirect.github.com/ciscoheat/sveltekit-superforms/issues/656">#656</a></li>
<li>Fixed FormData parsing incorrectly coercing empty strings to literal
values (e.g., <code>z.literal(&quot;bar&quot;)</code>). Empty strings
now properly fail validation instead of being replaced with the literal
value. <a
href="https://redirect.github.com/ciscoheat/sveltekit-superforms/issues/664">#664</a></li>
<li>Fixed <code>ReferenceError</code> when using
<code>customValidity</code> with <code>validateForm({ update: true
})</code>. <a
href="https://redirect.github.com/ciscoheat/sveltekit-superforms/issues/669">#669</a></li>
</ul>
<h3>Changed</h3>
<ul>
<li>Replaced deprecated <code>@finom/zod-to-json-schema</code> with
<code>zod-v3-to-json-schema</code>. <a
href="https://redirect.github.com/ciscoheat/sveltekit-superforms/pull/660">#660</a></li>
<li>Migrated Valibot adapter to use the official
<code>@valibot/to-json-schema</code> package. <a
href="https://redirect.github.com/ciscoheat/sveltekit-superforms/pull/668">#668</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/ciscoheat/sveltekit-superforms/blob/main/CHANGELOG.md">sveltekit-superforms's
changelog</a>.</em></p>
<blockquote>
<h2>[2.29.1] - 2025-12-16</h2>
<h3>Fixed</h3>
<ul>
<li>Fixed TypeScript type inference for discriminated unions in
<code>ValidationErrors</code>. <a
href="https://redirect.github.com/ciscoheat/sveltekit-superforms/issues/653">#653</a></li>
<li>Fixed FormData parsing for discriminated unions, so they work
properly without requiring <code>dataType: 'json'</code>. <a
href="https://redirect.github.com/ciscoheat/sveltekit-superforms/issues/655">#655</a></li>
<li><code>reset()</code> function didn't preserve tainted state for
fields that are not being reset when using partial data. <a
href="https://redirect.github.com/ciscoheat/sveltekit-superforms/issues/656">#656</a></li>
<li>Fixed FormData parsing incorrectly coercing empty strings to literal
values (e.g., <code>z.literal(&quot;bar&quot;)</code>). Empty strings
now properly fail validation instead of being replaced with the literal
value. <a
href="https://redirect.github.com/ciscoheat/sveltekit-superforms/issues/664">#664</a></li>
<li>Fixed <code>ReferenceError</code> when using
<code>customValidity</code> with <code>validateForm({ update: true
})</code>. <a
href="https://redirect.github.com/ciscoheat/sveltekit-superforms/issues/669">#669</a></li>
</ul>
<h3>Changed</h3>
<ul>
<li>Replaced deprecated <code>@finom/zod-to-json-schema</code> with
<code>zod-v3-to-json-schema</code>. <a
href="https://redirect.github.com/ciscoheat/sveltekit-superforms/pull/660">#660</a></li>
<li>Migrated Valibot adapter to use the official
<code>@valibot/to-json-schema</code> package. <a
href="https://redirect.github.com/ciscoheat/sveltekit-superforms/pull/668">#668</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="22319df44e"><code>22319df</code></a>
2.29.1 changelog</li>
<li><a
href="c1b44308a8"><code>c1b4430</code></a>
2.29.1</li>
<li><a
href="9408124dc9"><code>9408124</code></a>
Incorrect dependency fix</li>
<li><a
href="887aeb6238"><code>887aeb6</code></a>
2.29.0</li>
<li><a
href="ce701fb6fc"><code>ce701fb</code></a>
2.29.0 changelog</li>
<li><a
href="58b41b1e84"><code>58b41b1</code></a>
Linter</li>
<li><a
href="fbbdb90ae7"><code>fbbdb90</code></a>
Fixed build warning</li>
<li><a
href="44a40c6b13"><code>44a40c6</code></a>
Fixed SvelteKit reference warnings</li>
<li><a
href="12bb4d5c32"><code>12bb4d5</code></a>
Using pnpm 10 for build</li>
<li><a
href="f7c87d8898"><code>f7c87d8</code></a>
Package updates</li>
<li>Additional commits viewable in <a
href="https://github.com/ciscoheat/sveltekit-superforms/compare/v2.28.1...v2.29.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sveltekit-superforms&package-manager=npm_and_yarn&previous-version=2.28.1&new-version=2.29.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-20 17:35:00 +01:00
dependabot[bot]
516d562bd8 Bump uvicorn from 0.40.0 to 0.41.0 (#441) 
Bumps [uvicorn](https://github.com/Kludex/uvicorn) from 0.40.0 to
0.41.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/Kludex/uvicorn/releases">uvicorn's
releases</a>.</em></p>
<blockquote>
<h2>Version 0.41.0</h2>
<h2>Added</h2>
<ul>
<li>Add <code>--limit-max-requests-jitter</code> to stagger worker
restarts (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2707">#2707</a>)</li>
<li>Add socket path to <code>scope[&quot;server&quot;]</code> (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2561">#2561</a>)</li>
</ul>
<h2>Changed</h2>
<ul>
<li>Rename <code>LifespanOn.error_occured</code> to
<code>error_occurred</code> (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2776">#2776</a>)</li>
</ul>
<h2>Fixed</h2>
<ul>
<li>Ignore permission denied errors in watchfiles reloader (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2817">#2817</a>)</li>
<li>Ensure lifespan shutdown runs when <code>should_exit</code> is set
during startup (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2812">#2812</a>)</li>
<li>Reduce the log level of 'request limit exceeded' messages (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2788">#2788</a>)</li>
</ul>
<hr />
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/t-kawasumi"><code>@​t-kawasumi</code></a> made
their first contribution in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2776">Kludex/uvicorn#2776</a></li>
<li><a href="https://github.com/fardyn"><code>@​fardyn</code></a> made
their first contribution in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2800">Kludex/uvicorn#2800</a></li>
<li><a href="https://github.com/ewie"><code>@​ewie</code></a> made their
first contribution in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2807">Kludex/uvicorn#2807</a></li>
<li><a href="https://github.com/shevron"><code>@​shevron</code></a> made
their first contribution in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2788">Kludex/uvicorn#2788</a></li>
<li><a href="https://github.com/jonashaag"><code>@​jonashaag</code></a>
made their first contribution in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2707">Kludex/uvicorn#2707</a></li>
</ul>
<hr />
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Kludex/uvicorn/compare/0.40.0...0.41.0">https://github.com/Kludex/uvicorn/compare/0.40.0...0.41.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/Kludex/uvicorn/blob/main/docs/release-notes.md">uvicorn's
changelog</a>.</em></p>
<blockquote>
<h2>0.41.0 (February 16, 2026)</h2>
<h3>Added</h3>
<ul>
<li>Add <code>--limit-max-requests-jitter</code> to stagger worker
restarts (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2707">#2707</a>)</li>
<li>Add socket path to <code>scope[&quot;server&quot;]</code> (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2561">#2561</a>)</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Rename <code>LifespanOn.error_occured</code> to
<code>error_occurred</code> (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2776">#2776</a>)</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Ignore permission denied errors in watchfiles reloader (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2817">#2817</a>)</li>
<li>Ensure lifespan shutdown runs when <code>should_exit</code> is set
during startup (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2812">#2812</a>)</li>
<li>Reduce the log level of 'request limit exceeded' messages (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2788">#2788</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="9283c0f15c"><code>9283c0f</code></a>
Version 0.41.0 (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2821">#2821</a>)</li>
<li><a
href="a01a33eb8f"><code>a01a33e</code></a>
Add <code>--limit-max-requests-jitter</code> to stagger worker restarts
(<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2707">#2707</a>)</li>
<li><a
href="2ce65bde15"><code>2ce65bd</code></a>
Ignore permission denied errors in watchfiles reloader (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2817">#2817</a>)</li>
<li><a
href="654f2ed7d7"><code>654f2ed</code></a>
Ensure lifespan shutdown runs when <code>should_exit</code> is set
during startup (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2812">#2812</a>)</li>
<li><a
href="a03d9f6f0e"><code>a03d9f6</code></a>
Reduce the log level of 'request limit exceeded' messages (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2788">#2788</a>)</li>
<li><a
href="e377de40d0"><code>e377de4</code></a>
Add socket path to scope[&quot;server&quot;] (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2561">#2561</a>)</li>
<li><a
href="0779f7f8a4"><code>0779f7f</code></a>
Poll for readiness in <code>test_multiprocess_health_check</code> and
<code>run_server</code> (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2816">#2816</a>)</li>
<li><a
href="7e9ce2c974"><code>7e9ce2c</code></a>
Poll for PID changes in <code>test_multiprocess_sighup</code> instead of
fixed sleep (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2">#2</a>...</li>
<li><a
href="99f0d8734d"><code>99f0d87</code></a>
Fix grep warning in scripts/sync-version (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2807">#2807</a>)</li>
<li><a
href="7ae2e6375a"><code>7ae2e63</code></a>
chore(deps): bump the python-packages group with 18 updates (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2801">#2801</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/Kludex/uvicorn/compare/0.40.0...0.41.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=uvicorn&package-manager=uv&previous-version=0.40.0&new-version=0.41.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-20 17:34:48 +01:00
dependabot[bot]
dea75841b2 Bump lucide-svelte from 0.564.0 to 0.574.0 in /web (#439) 
Bumps
[lucide-svelte](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-svelte)
from 0.564.0 to 0.574.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/lucide-icons/lucide/releases">lucide-svelte's
releases</a>.</em></p>
<blockquote>
<h2>Version 0.574.0</h2>
<h2>What's Changed</h2>
<ul>
<li>fix(icons): changed <code>rocking-chair</code> icon by <a
href="https://github.com/jamiemlaw"><code>@​jamiemlaw</code></a> in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/3445">lucide-icons/lucide#3445</a></li>
<li>fix(icons): flipped <code>coins</code> icon by <a
href="https://github.com/jguddas"><code>@​jguddas</code></a> in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/3158">lucide-icons/lucide#3158</a></li>
<li>feat(icons): added <code>x-line-top</code> icon by <a
href="https://github.com/jguddas"><code>@​jguddas</code></a> in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/2838">lucide-icons/lucide#2838</a></li>
<li>feat(icons): added <code>mouse-left</code> icon by <a
href="https://github.com/marvfash"><code>@​marvfash</code></a> in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/2788">lucide-icons/lucide#2788</a></li>
<li>feat(icons): added <code>mouse-right</code> icon by <a
href="https://github.com/marvfash"><code>@​marvfash</code></a> in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/2787">lucide-icons/lucide#2787</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/marvfash"><code>@​marvfash</code></a>
made their first contribution in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/2788">lucide-icons/lucide#2788</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/lucide-icons/lucide/compare/0.572.0...0.574.0">https://github.com/lucide-icons/lucide/compare/0.572.0...0.574.0</a></p>
<h2>Version 0.573.0</h2>
<h2>What's Changed</h2>
<ul>
<li>fix(icons): changed <code>rocking-chair</code> icon by <a
href="https://github.com/jamiemlaw"><code>@​jamiemlaw</code></a> in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/3445">lucide-icons/lucide#3445</a></li>
<li>fix(icons): flipped <code>coins</code> icon by <a
href="https://github.com/jguddas"><code>@​jguddas</code></a> in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/3158">lucide-icons/lucide#3158</a></li>
<li>feat(icons): added <code>x-line-top</code> icon by <a
href="https://github.com/jguddas"><code>@​jguddas</code></a> in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/2838">lucide-icons/lucide#2838</a></li>
<li>feat(icons): added <code>mouse-left</code> icon by <a
href="https://github.com/marvfash"><code>@​marvfash</code></a> in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/2788">lucide-icons/lucide#2788</a></li>
<li>feat(icons): added <code>mouse-right</code> icon by <a
href="https://github.com/marvfash"><code>@​marvfash</code></a> in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/2787">lucide-icons/lucide#2787</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/marvfash"><code>@​marvfash</code></a>
made their first contribution in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/2788">lucide-icons/lucide#2788</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/lucide-icons/lucide/compare/0.572.0...0.573.0">https://github.com/lucide-icons/lucide/compare/0.572.0...0.573.0</a></p>
<h2>Version 0.572.0</h2>
<h2>What's Changed</h2>
<ul>
<li>feat(icons): added <code>message-circle-check</code> icon by <a
href="https://github.com/Shrinks99"><code>@​Shrinks99</code></a> in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/3770">lucide-icons/lucide#3770</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/Shrinks99"><code>@​Shrinks99</code></a>
made their first contribution in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/3770">lucide-icons/lucide#3770</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/lucide-icons/lucide/compare/0.571.0...0.572.0">https://github.com/lucide-icons/lucide/compare/0.571.0...0.572.0</a></p>
<h2>Version 0.571.0</h2>
<h2>What's Changed</h2>
<ul>
<li>fix(icons): rearange <code>circle</code>-icons path and circle order
by <a
href="https://github.com/adamlindqvist"><code>@​adamlindqvist</code></a>
in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/3746">lucide-icons/lucide#3746</a></li>
<li>feat(icons): added <code>shelving-unit</code> icon by <a
href="https://github.com/karsa-mistmere"><code>@​karsa-mistmere</code></a>
in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/3041">lucide-icons/lucide#3041</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/adamlindqvist"><code>@​adamlindqvist</code></a>
made their first contribution in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/3746">lucide-icons/lucide#3746</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/lucide-icons/lucide/compare/0.570.0...0.571.0">https://github.com/lucide-icons/lucide/compare/0.570.0...0.571.0</a></p>
<h2>Version 0.570.0</h2>
<h2>What's Changed</h2>
<ul>
<li>feat(icons): added <code>towel-rack</code> icon by <a
href="https://github.com/jguddas"><code>@​jguddas</code></a> in <a
href="https://redirect.github.com/lucide-icons/lucide/pull/3350">lucide-icons/lucide#3350</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/lucide-icons/lucide/commits/0.574.0/packages/lucide-svelte">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=lucide-svelte&package-manager=npm_and_yarn&previous-version=0.564.0&new-version=0.574.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-20 17:34:38 +01:00
dependabot[bot]
20e0dbf936 Bump uvicorn from 0.40.0 to 0.41.0 in /metadata_relay (#440) 
Bumps [uvicorn](https://github.com/Kludex/uvicorn) from 0.40.0 to
0.41.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/Kludex/uvicorn/releases">uvicorn's
releases</a>.</em></p>
<blockquote>
<h2>Version 0.41.0</h2>
<h2>Added</h2>
<ul>
<li>Add <code>--limit-max-requests-jitter</code> to stagger worker
restarts (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2707">#2707</a>)</li>
<li>Add socket path to <code>scope[&quot;server&quot;]</code> (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2561">#2561</a>)</li>
</ul>
<h2>Changed</h2>
<ul>
<li>Rename <code>LifespanOn.error_occured</code> to
<code>error_occurred</code> (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2776">#2776</a>)</li>
</ul>
<h2>Fixed</h2>
<ul>
<li>Ignore permission denied errors in watchfiles reloader (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2817">#2817</a>)</li>
<li>Ensure lifespan shutdown runs when <code>should_exit</code> is set
during startup (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2812">#2812</a>)</li>
<li>Reduce the log level of 'request limit exceeded' messages (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2788">#2788</a>)</li>
</ul>
<hr />
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/t-kawasumi"><code>@​t-kawasumi</code></a> made
their first contribution in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2776">Kludex/uvicorn#2776</a></li>
<li><a href="https://github.com/fardyn"><code>@​fardyn</code></a> made
their first contribution in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2800">Kludex/uvicorn#2800</a></li>
<li><a href="https://github.com/ewie"><code>@​ewie</code></a> made their
first contribution in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2807">Kludex/uvicorn#2807</a></li>
<li><a href="https://github.com/shevron"><code>@​shevron</code></a> made
their first contribution in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2788">Kludex/uvicorn#2788</a></li>
<li><a href="https://github.com/jonashaag"><code>@​jonashaag</code></a>
made their first contribution in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2707">Kludex/uvicorn#2707</a></li>
</ul>
<hr />
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Kludex/uvicorn/compare/0.40.0...0.41.0">https://github.com/Kludex/uvicorn/compare/0.40.0...0.41.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/Kludex/uvicorn/blob/main/docs/release-notes.md">uvicorn's
changelog</a>.</em></p>
<blockquote>
<h2>0.41.0 (February 16, 2026)</h2>
<h3>Added</h3>
<ul>
<li>Add <code>--limit-max-requests-jitter</code> to stagger worker
restarts (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2707">#2707</a>)</li>
<li>Add socket path to <code>scope[&quot;server&quot;]</code> (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2561">#2561</a>)</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Rename <code>LifespanOn.error_occured</code> to
<code>error_occurred</code> (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2776">#2776</a>)</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Ignore permission denied errors in watchfiles reloader (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2817">#2817</a>)</li>
<li>Ensure lifespan shutdown runs when <code>should_exit</code> is set
during startup (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2812">#2812</a>)</li>
<li>Reduce the log level of 'request limit exceeded' messages (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2788">#2788</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="9283c0f15c"><code>9283c0f</code></a>
Version 0.41.0 (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2821">#2821</a>)</li>
<li><a
href="a01a33eb8f"><code>a01a33e</code></a>
Add <code>--limit-max-requests-jitter</code> to stagger worker restarts
(<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2707">#2707</a>)</li>
<li><a
href="2ce65bde15"><code>2ce65bd</code></a>
Ignore permission denied errors in watchfiles reloader (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2817">#2817</a>)</li>
<li><a
href="654f2ed7d7"><code>654f2ed</code></a>
Ensure lifespan shutdown runs when <code>should_exit</code> is set
during startup (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2812">#2812</a>)</li>
<li><a
href="a03d9f6f0e"><code>a03d9f6</code></a>
Reduce the log level of 'request limit exceeded' messages (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2788">#2788</a>)</li>
<li><a
href="e377de40d0"><code>e377de4</code></a>
Add socket path to scope[&quot;server&quot;] (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2561">#2561</a>)</li>
<li><a
href="0779f7f8a4"><code>0779f7f</code></a>
Poll for readiness in <code>test_multiprocess_health_check</code> and
<code>run_server</code> (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2816">#2816</a>)</li>
<li><a
href="7e9ce2c974"><code>7e9ce2c</code></a>
Poll for PID changes in <code>test_multiprocess_sighup</code> instead of
fixed sleep (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2">#2</a>...</li>
<li><a
href="99f0d8734d"><code>99f0d87</code></a>
Fix grep warning in scripts/sync-version (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2807">#2807</a>)</li>
<li><a
href="7ae2e6375a"><code>7ae2e63</code></a>
chore(deps): bump the python-packages group with 18 updates (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2801">#2801</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/Kludex/uvicorn/compare/0.40.0...0.41.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=uvicorn&package-manager=uv&previous-version=0.40.0&new-version=0.41.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-20 17:34:27 +01:00
dependabot[bot]
c8f2a4316e Bump alembic from 1.17.2 to 1.18.4 (#438) 
Bumps [alembic](https://github.com/sqlalchemy/alembic) from 1.17.2 to
1.18.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sqlalchemy/alembic/releases">alembic's
releases</a>.</em></p>
<blockquote>
<h1>1.18.4</h1>
<p>Released: February 10, 2026</p>
<h2>bug</h2>
<ul>
<li>
<p><strong>[bug] [operations]</strong> Reverted the behavior of
<code>Operations.add_column()</code> that would
automatically render the &quot;PRIMARY KEY&quot; keyword inline when a
<code>Column</code> with <code>primary_key=True</code> is added. The
automatic
behavior, added in version 1.18.2, is now opt-in via the new
<code>Operations.add_column.inline_primary_key</code> parameter. This
change restores the ability to render a PostgreSQL SERIAL column, which
is
required to be <code>primary_key=True</code>, while not impacting the
ability to
render a separate primary key constraint. This also provides consistency
with the <code>Operations.add_column.inline_references</code> parameter
and
gives users explicit control over SQL generation.</p>
<p>To render PRIMARY KEY inline, use the
<code>Operations.add_column.inline_primary_key</code> parameter set to
<code>True</code>:</p>
<p>op.add_column(
&quot;my_table&quot;,
Column(&quot;id&quot;, Integer, primary_key=True),
inline_primary_key=True
)References: <a
href="https://redirect.github.com/sqlalchemy/alembic/issues/1232">#1232</a></p>
</li>
</ul>
<h1>1.18.3</h1>
<p>Released: January 29, 2026</p>
<h2>bug</h2>
<ul>
<li>
<p><strong>[bug] [autogenerate]</strong> Fixed regression in version
1.18.0 due to <a
href="https://redirect.github.com/sqlalchemy/alembic/issues/1771">#1771</a>
where autogenerate
would raise <code>NoReferencedTableError</code> when a foreign key
constraint
referenced a table that was not part of the initial table load,
including
tables filtered out by the
<code>EnvironmentContext.configure.include_name</code> callable or
tables
in remote schemas that were not included in the initial reflection
run.</p>
<p>The change in <a
href="https://redirect.github.com/sqlalchemy/alembic/issues/1771">#1771</a>
was a performance optimization that eliminated
additional reflection queries for tables that were only referenced by
foreign keys but not explicitly included in the main reflection run.
However, this optimization inadvertently removed the creation of
<code>Table</code> objects for these referenced tables, causing
autogenerate
to fail when processing foreign key constraints that pointed to
them.</p>
<p>The fix creates placeholder <code>Table</code> objects for foreign
key targets</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/sqlalchemy/alembic/commits">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=alembic&package-manager=uv&previous-version=1.17.2&new-version=1.18.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-20 17:34:15 +01:00
dependabot[bot]
4836e3e188 Bump prettier-plugin-svelte from 3.4.0 to 3.4.1 in /web (#437) 
Bumps
[prettier-plugin-svelte](https://github.com/sveltejs/prettier-plugin-svelte)
from 3.4.0 to 3.4.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/sveltejs/prettier-plugin-svelte/blob/v3.4.1/CHANGELOG.md">prettier-plugin-svelte's
changelog</a>.</em></p>
<blockquote>
<h2>3.4.1</h2>
<ul>
<li>(fix) externalize all prettier imports</li>
<li>(fix) don't remove parantheses of <code>bind:</code>ings with
<code>as</code> type casts</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/sveltejs/prettier-plugin-svelte/commits/v3.4.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=prettier-plugin-svelte&package-manager=npm_and_yarn&previous-version=3.4.0&new-version=3.4.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-20 17:33:54 +01:00
dependabot[bot]
7a6466ea9d Bump @sinclair/typebox from 0.34.41 to 0.34.48 in /web (#436) 
Bumps
[@sinclair/typebox](https://github.com/sinclairzx81/typebox-legacy) from
0.34.41 to 0.34.48.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/sinclairzx81/typebox-legacy/commits/0.34.48">compare
view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by [GitHub Actions](<a
href="https://www.npmjs.com/~GitHub">https://www.npmjs.com/~GitHub</a>
Actions), a new releaser for <code>@​sinclair/typebox</code> since your
current version.</p>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@sinclair/typebox&package-manager=npm_and_yarn&previous-version=0.34.41&new-version=0.34.48)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-20 17:33:33 +01:00
Maximilian Dorninger
b427aa5723 Merge pull request #433 from maxdorninger/dependabot/npm_and_yarn/web/npm_and_yarn-e0ba90b5b1 
Bump @sveltejs/kit from 2.49.2 to 2.51.0 in /web in the npm_and_yarn group across 1 directory
 2026-02-13 19:39:57 +01:00
dependabot[bot]
82aa01a650 Bump @sveltejs/kit in /web in the npm_and_yarn group across 1 directory 
Bumps the npm_and_yarn group with 1 update in the /web directory: [@sveltejs/kit](https://github.com/sveltejs/kit/tree/HEAD/packages/kit).


Updates `@sveltejs/kit` from 2.49.2 to 2.51.0
- [Release notes](https://github.com/sveltejs/kit/releases)
- [Changelog](https://github.com/sveltejs/kit/blob/main/packages/kit/CHANGELOG.md)
- [Commits](https://github.com/sveltejs/kit/commits/@sveltejs/kit@2.51.0/packages/kit)

---
updated-dependencies:
- dependency-name: "@sveltejs/kit"
  dependency-version: 2.51.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-13 18:25:01 +00:00