MediaManager

mirror of https://github.com/maxdorninger/MediaManager.git synced 2026-06-11 00:55:16 -04:00

Author	SHA1	Message	Date
dependabot[bot]	2aaabc74da	Bump svelte from 5.53.6 to 5.55.5 in /web (#480 ) Bumps [svelte](https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte) from 5.53.6 to 5.55.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sveltejs/svelte/releases">svelte's releases</a>.</em></p> <blockquote> <h2>svelte@5.55.5</h2> <h3>Patch Changes</h3> <ul> <li> <p>fix: don't mark deriveds while an effect is updating (<a href="https://redirect.github.com/sveltejs/svelte/pull/18124">#18124</a>)</p> </li> <li> <p>fix: do not dispatch introstart event with animation of animate directive (<a href="https://redirect.github.com/sveltejs/svelte/pull/18122">#18122</a>)</p> </li> </ul> <h2>svelte@5.55.4</h2> <h3>Patch Changes</h3> <ul> <li> <p>fix: never mark a child effect root as inert (<a href="https://redirect.github.com/sveltejs/svelte/pull/18111">#18111</a>)</p> </li> <li> <p>fix: reset context after waiting on blockers of <code>@const</code> expressions (<a href="https://redirect.github.com/sveltejs/svelte/pull/18100">#18100</a>)</p> </li> <li> <p>fix: keep flushing new eager effects (<a href="https://redirect.github.com/sveltejs/svelte/pull/18102">#18102</a>)</p> </li> </ul> <h2>svelte@5.55.3</h2> <h3>Patch Changes</h3> <ul> <li> <p>fix: ensure proper HMR updates for dynamic components (<a href="https://redirect.github.com/sveltejs/svelte/pull/18079">#18079</a>)</p> </li> <li> <p>fix: correctly calculate <code>@const</code> blockers (<a href="https://redirect.github.com/sveltejs/svelte/pull/18039">#18039</a>)</p> </li> <li> <p>fix: freeze deriveds once their containing effects are destroyed (<a href="https://redirect.github.com/sveltejs/svelte/pull/17921">#17921</a>)</p> </li> <li> <p>fix: defer error boundary rendering in forks (<a href="https://redirect.github.com/sveltejs/svelte/pull/18076">#18076</a>)</p> </li> <li> <p>fix: avoid false positives for reactivity loss warning (<a href="https://redirect.github.com/sveltejs/svelte/pull/18088">#18088</a>)</p> </li> </ul> <h2>svelte@5.55.2</h2> <h3>Patch Changes</h3> <ul> <li> <p>fix: invalidate <code>@const</code> tags based on visible references in legacy mode (<a href="https://redirect.github.com/sveltejs/svelte/pull/18041">#18041</a>)</p> </li> <li> <p>fix: handle parens in template expressions more robustly (<a href="https://redirect.github.com/sveltejs/svelte/pull/18075">#18075</a>)</p> </li> <li> <p>fix: disallow <code>--</code> in <code>idPrefix</code> (<a href="https://redirect.github.com/sveltejs/svelte/pull/18038">#18038</a>)</p> </li> <li> <p>fix: correct types for <code>ontoggle</code> on <code><details></code> elements (<a href="https://redirect.github.com/sveltejs/svelte/pull/18063">#18063</a>)</p> </li> <li> <p>fix: don't override <code>$destroy/set/on</code> instance methods in dev mode (<a href="https://redirect.github.com/sveltejs/svelte/pull/18034">#18034</a>)</p> </li> <li> <p>fix: unskip branches of earlier batches after commit (<a href="https://redirect.github.com/sveltejs/svelte/pull/18048">#18048</a>)</p> </li> <li> <p>fix: never set derived.v inside fork (<a href="https://redirect.github.com/sveltejs/svelte/pull/18037">#18037</a>)</p> </li> <li> <p>fix: skip rebase logic in non-async mode (<a href="https://redirect.github.com/sveltejs/svelte/pull/18040">#18040</a>)</p> </li> <li> <p>fix: don't reset status of uninitialized deriveds (<a href="https://redirect.github.com/sveltejs/svelte/pull/18054">#18054</a>)</p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/sveltejs/svelte/blob/main/packages/svelte/CHANGELOG.md">svelte's changelog</a>.</em></p> <blockquote> <h2>5.55.5</h2> <h3>Patch Changes</h3> <ul> <li> <p>fix: don't mark deriveds while an effect is updating (<a href="https://redirect.github.com/sveltejs/svelte/pull/18124">#18124</a>)</p> </li> <li> <p>fix: do not dispatch introstart event with animation of animate directive (<a href="https://redirect.github.com/sveltejs/svelte/pull/18122">#18122</a>)</p> </li> </ul> <h2>5.55.4</h2> <h3>Patch Changes</h3> <ul> <li> <p>fix: never mark a child effect root as inert (<a href="https://redirect.github.com/sveltejs/svelte/pull/18111">#18111</a>)</p> </li> <li> <p>fix: reset context after waiting on blockers of <code>@const</code> expressions (<a href="https://redirect.github.com/sveltejs/svelte/pull/18100">#18100</a>)</p> </li> <li> <p>fix: keep flushing new eager effects (<a href="https://redirect.github.com/sveltejs/svelte/pull/18102">#18102</a>)</p> </li> </ul> <h2>5.55.3</h2> <h3>Patch Changes</h3> <ul> <li> <p>fix: ensure proper HMR updates for dynamic components (<a href="https://redirect.github.com/sveltejs/svelte/pull/18079">#18079</a>)</p> </li> <li> <p>fix: correctly calculate <code>@const</code> blockers (<a href="https://redirect.github.com/sveltejs/svelte/pull/18039">#18039</a>)</p> </li> <li> <p>fix: freeze deriveds once their containing effects are destroyed (<a href="https://redirect.github.com/sveltejs/svelte/pull/17921">#17921</a>)</p> </li> <li> <p>fix: defer error boundary rendering in forks (<a href="https://redirect.github.com/sveltejs/svelte/pull/18076">#18076</a>)</p> </li> <li> <p>fix: avoid false positives for reactivity loss warning (<a href="https://redirect.github.com/sveltejs/svelte/pull/18088">#18088</a>)</p> </li> </ul> <h2>5.55.2</h2> <h3>Patch Changes</h3> <ul> <li> <p>fix: invalidate <code>@const</code> tags based on visible references in legacy mode (<a href="https://redirect.github.com/sveltejs/svelte/pull/18041">#18041</a>)</p> </li> <li> <p>fix: handle parens in template expressions more robustly (<a href="https://redirect.github.com/sveltejs/svelte/pull/18075">#18075</a>)</p> </li> <li> <p>fix: disallow <code>--</code> in <code>idPrefix</code> (<a href="https://redirect.github.com/sveltejs/svelte/pull/18038">#18038</a>)</p> </li> <li> <p>fix: correct types for <code>ontoggle</code> on <code><details></code> elements (<a href="https://redirect.github.com/sveltejs/svelte/pull/18063">#18063</a>)</p> </li> <li> <p>fix: don't override <code>$destroy/set/on</code> instance methods in dev mode (<a href="https://redirect.github.com/sveltejs/svelte/pull/18034">#18034</a>)</p> </li> <li> <p>fix: unskip branches of earlier batches after commit (<a href="https://redirect.github.com/sveltejs/svelte/pull/18048">#18048</a>)</p> </li> <li> <p>fix: never set derived.v inside fork (<a href="https://redirect.github.com/sveltejs/svelte/pull/18037">#18037</a>)</p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="`b771df3464`"><code>b771df3</code></a> Version Packages (<a href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18125">#18125</a>)</li> <li><a href="`8e7319063a`"><code>8e73190</code></a> fix: don't mark deriveds while an effect is updating (<a href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18124">#18124</a>)</li> <li><a href="`51736e576d`"><code>51736e5</code></a> fix: do not dispatch transition event with animation (<a href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18122">#18122</a>)</li> <li><a href="`7fddfbdbbd`"><code>7fddfbd</code></a> Version Packages (<a href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18105">#18105</a>)</li> <li><a href="`671fc2ea11`"><code>671fc2e</code></a> fix: never mark a child effect root as inert (<a href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18111">#18111</a>)</li> <li><a href="`0ed8c282f9`"><code>0ed8c28</code></a> fix: reset context after waiting on blockers of <code>@const</code> expressions (<a href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18100">#18100</a>)</li> <li><a href="`273f1a85a4`"><code>273f1a8</code></a> fix: keep flushing new eager effects (<a href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18102">#18102</a>)</li> <li><a href="`4a50e8ea3b`"><code>4a50e8e</code></a> Version Packages (<a href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18085">#18085</a>)</li> <li><a href="`15588f5fbf`"><code>15588f5</code></a> fix: avoid false positives for reactivity loss warning (<a href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18088">#18088</a>)</li> <li><a href="`0e9e76f292`"><code>0e9e76f</code></a> fix: freeze deriveds once their containing effects are destroyed (<a href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17921">#17921</a>)</li> <li>Additional commits viewable in <a href="https://github.com/sveltejs/svelte/commits/svelte@5.55.5/packages/svelte">compare view</a></li> </ul> </details> <br /> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-05-01 17:28:10 +02:00
dependabot[bot]	b7f2a74746	Bump docker/login-action from 3 to 4 (#478 ) Bumps [docker/login-action](https://github.com/docker/login-action) from 3 to 4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/login-action/releases">docker/login-action's releases</a>.</em></p> <blockquote> <h2>v4.0.0</h2> <ul> <li>Node 24 as default runtime (requires <a href="https://github.com/actions/runner/releases/tag/v2.327.1">Actions Runner v2.327.1</a> or later) by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/login-action/pull/929">docker/login-action#929</a></li> <li>Switch to ESM and update config/test wiring by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/login-action/pull/927">docker/login-action#927</a></li> <li>Bump <code>@actions/core</code> from 1.11.1 to 3.0.0 in <a href="https://redirect.github.com/docker/login-action/pull/919">docker/login-action#919</a></li> <li>Bump <code>@aws-sdk/client-ecr</code> from 3.890.0 to 3.1000.0 in <a href="https://redirect.github.com/docker/login-action/pull/909">docker/login-action#909</a> <a href="https://redirect.github.com/docker/login-action/pull/920">docker/login-action#920</a></li> <li>Bump <code>@aws-sdk/client-ecr-public</code> from 3.890.0 to 3.1000.0 in <a href="https://redirect.github.com/docker/login-action/pull/909">docker/login-action#909</a> <a href="https://redirect.github.com/docker/login-action/pull/920">docker/login-action#920</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.63.0 to 0.77.0 in <a href="https://redirect.github.com/docker/login-action/pull/910">docker/login-action#910</a> <a href="https://redirect.github.com/docker/login-action/pull/928">docker/login-action#928</a></li> <li>Bump <code>@isaacs/brace-expansion</code> from 5.0.0 to 5.0.1 in <a href="https://redirect.github.com/docker/login-action/pull/921">docker/login-action#921</a></li> <li>Bump js-yaml from 4.1.0 to 4.1.1 in <a href="https://redirect.github.com/docker/login-action/pull/901">docker/login-action#901</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/login-action/compare/v3.7.0...v4.0.0">https://github.com/docker/login-action/compare/v3.7.0...v4.0.0</a></p> <h2>v3.7.0</h2> <ul> <li>Add <code>scope</code> input to set scopes for the authentication token by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/login-action/pull/912">docker/login-action#912</a></li> <li>Add support for AWS European Sovereign Cloud ECR by <a href="https://github.com/dphi"><code>@dphi</code></a> in <a href="https://redirect.github.com/docker/login-action/pull/914">docker/login-action#914</a></li> <li>Ensure passwords are redacted with <code>registry-auth</code> input by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/login-action/pull/911">docker/login-action#911</a></li> <li>build(deps): bump lodash from 4.17.21 to 4.17.23 in <a href="https://redirect.github.com/docker/login-action/pull/915">docker/login-action#915</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/login-action/compare/v3.6.0...v3.7.0">https://github.com/docker/login-action/compare/v3.6.0...v3.7.0</a></p> <h2>v3.6.0</h2> <ul> <li>Add <code>registry-auth</code> input for raw authentication to registries by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/login-action/pull/887">docker/login-action#887</a></li> <li>Bump <code>@aws-sdk/client-ecr</code> to 3.890.0 in <a href="https://redirect.github.com/docker/login-action/pull/882">docker/login-action#882</a> <a href="https://redirect.github.com/docker/login-action/pull/890">docker/login-action#890</a></li> <li>Bump <code>@aws-sdk/client-ecr-public</code> to 3.890.0 in <a href="https://redirect.github.com/docker/login-action/pull/882">docker/login-action#882</a> <a href="https://redirect.github.com/docker/login-action/pull/890">docker/login-action#890</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.62.1 to 0.63.0 in <a href="https://redirect.github.com/docker/login-action/pull/883">docker/login-action#883</a></li> <li>Bump brace-expansion from 1.1.11 to 1.1.12 in <a href="https://redirect.github.com/docker/login-action/pull/880">docker/login-action#880</a></li> <li>Bump undici from 5.28.4 to 5.29.0 in <a href="https://redirect.github.com/docker/login-action/pull/879">docker/login-action#879</a></li> <li>Bump tmp from 0.2.3 to 0.2.4 in <a href="https://redirect.github.com/docker/login-action/pull/881">docker/login-action#881</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/login-action/compare/v3.5.0...v3.6.0">https://github.com/docker/login-action/compare/v3.5.0...v3.6.0</a></p> <h2>v3.5.0</h2> <ul> <li>Support dual-stack endpoints for AWS ECR by <a href="https://github.com/Spacefish"><code>@Spacefish</code></a> <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/login-action/pull/874">docker/login-action#874</a> <a href="https://redirect.github.com/docker/login-action/pull/876">docker/login-action#876</a></li> <li>Bump <code>@aws-sdk/client-ecr</code> to 3.859.0 in <a href="https://redirect.github.com/docker/login-action/pull/860">docker/login-action#860</a> <a href="https://redirect.github.com/docker/login-action/pull/878">docker/login-action#878</a></li> <li>Bump <code>@aws-sdk/client-ecr-public</code> to 3.859.0 in <a href="https://redirect.github.com/docker/login-action/pull/860">docker/login-action#860</a> <a href="https://redirect.github.com/docker/login-action/pull/878">docker/login-action#878</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.57.0 to 0.62.1 in <a href="https://redirect.github.com/docker/login-action/pull/870">docker/login-action#870</a></li> <li>Bump form-data from 2.5.1 to 2.5.5 in <a href="https://redirect.github.com/docker/login-action/pull/875">docker/login-action#875</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/login-action/compare/v3.4.0...v3.5.0">https://github.com/docker/login-action/compare/v3.4.0...v3.5.0</a></p> <h2>v3.4.0</h2> <ul> <li>Bump <code>@actions/core</code> from 1.10.1 to 1.11.1 in <a href="https://redirect.github.com/docker/login-action/pull/791">docker/login-action#791</a></li> <li>Bump <code>@aws-sdk/client-ecr</code> to 3.766.0 in <a href="https://redirect.github.com/docker/login-action/pull/789">docker/login-action#789</a> <a href="https://redirect.github.com/docker/login-action/pull/856">docker/login-action#856</a></li> <li>Bump <code>@aws-sdk/client-ecr-public</code> to 3.758.0 in <a href="https://redirect.github.com/docker/login-action/pull/789">docker/login-action#789</a> <a href="https://redirect.github.com/docker/login-action/pull/856">docker/login-action#856</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.35.0 to 0.57.0 in <a href="https://redirect.github.com/docker/login-action/pull/801">docker/login-action#801</a> <a href="https://redirect.github.com/docker/login-action/pull/806">docker/login-action#806</a> <a href="https://redirect.github.com/docker/login-action/pull/858">docker/login-action#858</a></li> <li>Bump cross-spawn from 7.0.3 to 7.0.6 in <a href="https://redirect.github.com/docker/login-action/pull/814">docker/login-action#814</a></li> <li>Bump https-proxy-agent from 7.0.5 to 7.0.6 in <a href="https://redirect.github.com/docker/login-action/pull/823">docker/login-action#823</a></li> <li>Bump path-to-regexp from 6.2.2 to 6.3.0 in <a href="https://redirect.github.com/docker/login-action/pull/777">docker/login-action#777</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/login-action/compare/v3.3.0...v3.4.0">https://github.com/docker/login-action/compare/v3.3.0...v3.4.0</a></p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="`b45d80f862`"><code>b45d80f</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/929">#929</a> from crazy-max/node24</li> <li><a href="`176cb9c12a`"><code>176cb9c</code></a> node 24 as default runtime</li> <li><a href="`cad8984310`"><code>cad8984</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/920">#920</a> from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...</li> <li><a href="`92cbcb231e`"><code>92cbcb2</code></a> chore: update generated content</li> <li><a href="`5a2d6a71bd`"><code>5a2d6a7</code></a> build(deps): bump the aws-sdk-dependencies group with 2 updates</li> <li><a href="`44512b6b2e`"><code>44512b6</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/928">#928</a> from docker/dependabot/npm_and_yarn/docker/actions-to...</li> <li><a href="`28737a5e46`"><code>28737a5</code></a> chore: update generated content</li> <li><a href="`dac079354a`"><code>dac0793</code></a> build(deps): bump <code>@docker/actions-toolkit</code> from 0.76.0 to 0.77.0</li> <li><a href="`62029f315d`"><code>62029f3</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/919">#919</a> from docker/dependabot/npm_and_yarn/actions/core-3.0.0</li> <li><a href="`08c8f064bf`"><code>08c8f06</code></a> chore: update generated content</li> <li>Additional commits viewable in <a href="https://github.com/docker/login-action/compare/v3...v4">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/login-action&package-manager=github_actions&previous-version=3&new-version=4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> > Note > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-05-01 17:24:27 +02:00
dependabot[bot]	86b7a1e1bd	Bump docker/metadata-action from 5 to 6 (#493 ) Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 5 to 6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/metadata-action/releases">docker/metadata-action's releases</a>.</em></p> <blockquote> <h2>v6.0.0</h2> <ul> <li>Node 24 as default runtime (requires <a href="https://github.com/actions/runner/releases/tag/v2.327.1">Actions Runner v2.327.1</a> or later) by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/metadata-action/pull/605">docker/metadata-action#605</a></li> <li>List inputs now preserve <code>#</code> inside values while still supporting full-line <code>#</code> comments by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/metadata-action/pull/607">docker/metadata-action#607</a></li> <li>Switch to ESM and update config/test wiring by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/metadata-action/pull/602">docker/metadata-action#602</a></li> <li>Bump lodash from 4.17.21 to 4.17.23 in <a href="https://redirect.github.com/docker/metadata-action/pull/588">docker/metadata-action#588</a></li> <li>Bump <code>@actions/core</code> from 1.11.1 to 3.0.0 in <a href="https://redirect.github.com/docker/metadata-action/pull/599">docker/metadata-action#599</a></li> <li>Bump <code>@actions/github</code> from 6.0.1 to 9.0.0 in <a href="https://redirect.github.com/docker/metadata-action/pull/597">docker/metadata-action#597</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.68.0 to 0.79.0 in <a href="https://redirect.github.com/docker/metadata-action/pull/604">docker/metadata-action#604</a></li> <li>Bump <code>@isaacs/brace-expansion</code> from 5.0.0 to 5.0.1 in <a href="https://redirect.github.com/docker/metadata-action/pull/600">docker/metadata-action#600</a></li> <li>Bump semver from 7.7.3 to 7.7.4 in <a href="https://redirect.github.com/docker/metadata-action/pull/603">docker/metadata-action#603</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/metadata-action/compare/v5.10.0...v6.0.0">https://github.com/docker/metadata-action/compare/v5.10.0...v6.0.0</a></p> <h2>v5.10.0</h2> <ul> <li>Bump <code>@docker/actions-toolkit</code> from 0.66.0 to 0.68.0 in <a href="https://redirect.github.com/docker/metadata-action/pull/559">docker/metadata-action#559</a> <a href="https://redirect.github.com/docker/metadata-action/pull/569">docker/metadata-action#569</a></li> <li>Bump js-yaml from 3.14.1 to 3.14.2 in <a href="https://redirect.github.com/docker/metadata-action/pull/564">docker/metadata-action#564</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/metadata-action/compare/v5.9.0...v5.10.0">https://github.com/docker/metadata-action/compare/v5.9.0...v5.10.0</a></p> <h2>v5.9.0</h2> <ul> <li>Add <code>tag-names</code> output to return tag names without image base name by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/metadata-action/pull/553">docker/metadata-action#553</a></li> <li>Bump <code>@babel/runtime-corejs3</code> from 7.14.7 to 7.28.2 in <a href="https://redirect.github.com/docker/metadata-action/pull/539">docker/metadata-action#539</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.62.1 to 0.66.0 in <a href="https://redirect.github.com/docker/metadata-action/pull/555">docker/metadata-action#555</a></li> <li>Bump brace-expansion from 1.1.11 to 1.1.12 in <a href="https://redirect.github.com/docker/metadata-action/pull/540">docker/metadata-action#540</a></li> <li>Bump csv-parse from 5.6.0 to 6.1.0 in <a href="https://redirect.github.com/docker/metadata-action/pull/532">docker/metadata-action#532</a></li> <li>Bump semver from 7.7.2 to 7.7.3 in in <a href="https://redirect.github.com/docker/metadata-action/pull/554">docker/metadata-action#554</a></li> <li>Bump tmp from 0.2.3 to 0.2.5 in <a href="https://redirect.github.com/docker/metadata-action/pull/541">docker/metadata-action#541</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/metadata-action/compare/v5.8.0...v5.9.0">https://github.com/docker/metadata-action/compare/v5.8.0...v5.9.0</a></p> <h2>v5.8.0</h2> <ul> <li>New <code>is_not_default_branch</code> global expression by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/metadata-action/pull/535">docker/metadata-action#535</a></li> <li>Allow to match part of the git tag or value for semver/pep440 types by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/metadata-action/pull/536">docker/metadata-action#536</a> <a href="https://redirect.github.com/docker/metadata-action/pull/537">docker/metadata-action#537</a></li> <li>Bump <code>@actions/github</code> from 6.0.0 to 6.0.1 in <a href="https://redirect.github.com/docker/metadata-action/pull/523">docker/metadata-action#523</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.56.0 to 0.62.1 in <a href="https://redirect.github.com/docker/metadata-action/pull/526">docker/metadata-action#526</a></li> <li>Bump form-data from 2.5.1 to 2.5.5 in <a href="https://redirect.github.com/docker/metadata-action/pull/533">docker/metadata-action#533</a></li> <li>Bump moment-timezone from 0.5.47 to 0.6.0 in <a href="https://redirect.github.com/docker/metadata-action/pull/525">docker/metadata-action#525</a></li> <li>Bump semver from 7.7.1 to 7.7.2 in <a href="https://redirect.github.com/docker/metadata-action/pull/524">docker/metadata-action#524</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/metadata-action/compare/v5.7.0...v5.8.0">https://github.com/docker/metadata-action/compare/v5.7.0...v5.8.0</a></p> <h2>v5.7.0</h2> <ul> <li>Global expressions support for labels and annotations by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/metadata-action/pull/489">docker/metadata-action#489</a></li> <li>Support disabling outputs as environment variables by <a href="https://github.com/omus"><code>@omus</code></a> in <a href="https://redirect.github.com/docker/metadata-action/pull/497">docker/metadata-action#497</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.44.0 to 0.56.0 in <a href="https://redirect.github.com/docker/metadata-action/pull/507">docker/metadata-action#507</a> <a href="https://redirect.github.com/docker/metadata-action/pull/509">docker/metadata-action#509</a></li> <li>Bump csv-parse from 5.5.6 to 5.6.0 in <a href="https://redirect.github.com/docker/metadata-action/pull/482">docker/metadata-action#482</a></li> <li>Bump moment-timezone from 0.5.46 to 0.5.47 in <a href="https://redirect.github.com/docker/metadata-action/pull/501">docker/metadata-action#501</a></li> <li>Bump semver from 7.6.3 to 7.7.1 in <a href="https://redirect.github.com/docker/metadata-action/pull/504">docker/metadata-action#504</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/metadata-action/compare/v5.6.1...v5.7.0">https://github.com/docker/metadata-action/compare/v5.6.1...v5.7.0</a></p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="`030e881283`"><code>030e881</code></a> Merge pull request <a href="https://redirect.github.com/docker/metadata-action/issues/607">#607</a> from crazy-max/allow-comments</li> <li><a href="`4b529ac4e5`"><code>4b529ac</code></a> chore: update generated content</li> <li><a href="`b0082b33bc`"><code>b0082b3</code></a> preserve comments in list input values with commentNoInfix</li> <li><a href="`7b19fec715`"><code>7b19fec</code></a> Merge pull request <a href="https://redirect.github.com/docker/metadata-action/issues/604">#604</a> from docker/dependabot/npm_and_yarn/docker/actions-to...</li> <li><a href="`281c9b0599`"><code>281c9b0</code></a> chore: update generated content</li> <li><a href="`5f43b3b4f4`"><code>5f43b3b</code></a> test: stabilize github mock setup since ESM</li> <li><a href="`9d53276575`"><code>9d53276</code></a> github class moved since actions-toolkit v0.77.0</li> <li><a href="`eaa3d3973e`"><code>eaa3d39</code></a> chore(deps): Bump <code>@docker/actions-toolkit</code> from 0.68.0 to 0.77.0</li> <li><a href="`6b695f7a8a`"><code>6b695f7</code></a> Merge pull request <a href="https://redirect.github.com/docker/metadata-action/issues/605">#605</a> from crazy-max/node24</li> <li><a href="`a1afadcb28`"><code>a1afadc</code></a> node 24 as default runtime</li> <li>Additional commits viewable in <a href="https://github.com/docker/metadata-action/compare/v5...v6">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/metadata-action&package-manager=github_actions&previous-version=5&new-version=6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> > Note > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-05-01 17:24:12 +02:00
dependabot[bot]	24047855f9	Bump docker/build-push-action from 6 to 7 (#491 ) Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6 to 7. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/build-push-action/releases">docker/build-push-action's releases</a>.</em></p> <blockquote> <h2>v7.0.0</h2> <ul> <li>Node 24 as default runtime (requires <a href="https://github.com/actions/runner/releases/tag/v2.327.1">Actions Runner v2.327.1</a> or later) by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/build-push-action/pull/1470">docker/build-push-action#1470</a></li> <li>Remove deprecated <code>DOCKER_BUILD_NO_SUMMARY</code> and <code>DOCKER_BUILD_EXPORT_RETENTION_DAYS</code> envs by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/build-push-action/pull/1473">docker/build-push-action#1473</a></li> <li>Remove legacy export-build tool support for build summary by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/build-push-action/pull/1474">docker/build-push-action#1474</a></li> <li>Switch to ESM and update config/test wiring by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/build-push-action/pull/1466">docker/build-push-action#1466</a></li> <li>Bump <code>@actions/core</code> from 1.11.1 to 3.0.0 in <a href="https://redirect.github.com/docker/build-push-action/pull/1454">docker/build-push-action#1454</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.62.1 to 0.79.0 in <a href="https://redirect.github.com/docker/build-push-action/pull/1453">docker/build-push-action#1453</a> <a href="https://redirect.github.com/docker/build-push-action/pull/1472">docker/build-push-action#1472</a> <a href="https://redirect.github.com/docker/build-push-action/pull/1479">docker/build-push-action#1479</a></li> <li>Bump minimatch from 3.1.2 to 3.1.5 in <a href="https://redirect.github.com/docker/build-push-action/pull/1463">docker/build-push-action#1463</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/build-push-action/compare/v6.19.2...v7.0.0">https://github.com/docker/build-push-action/compare/v6.19.2...v7.0.0</a></p> <h2>v6.19.2</h2> <ul> <li>Preserve port in <code>GIT_AUTH_TOKEN</code> host by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/build-push-action/pull/1458">docker/build-push-action#1458</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/build-push-action/compare/v6.19.1...v6.19.2">https://github.com/docker/build-push-action/compare/v6.19.1...v6.19.2</a></p> <h2>v6.19.1</h2> <ul> <li>Derive <code>GIT_AUTH_TOKEN</code> host from GitHub server URL by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/build-push-action/pull/1456">docker/build-push-action#1456</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/build-push-action/compare/v6.19.0...v6.19.1">https://github.com/docker/build-push-action/compare/v6.19.0...v6.19.1</a></p> <h2>v6.19.0</h2> <ul> <li>Scope default git auth token to <code>github.com</code> by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/build-push-action/pull/1451">docker/build-push-action#1451</a></li> <li>Bump brace-expansion from 1.1.11 to 1.1.12 in <a href="https://redirect.github.com/docker/build-push-action/pull/1396">docker/build-push-action#1396</a></li> <li>Bump form-data from 2.5.1 to 2.5.5 in <a href="https://redirect.github.com/docker/build-push-action/pull/1391">docker/build-push-action#1391</a></li> <li>Bump js-yaml from 3.14.1 to 3.14.2 in <a href="https://redirect.github.com/docker/build-push-action/pull/1429">docker/build-push-action#1429</a></li> <li>Bump lodash from 4.17.21 to 4.17.23 in <a href="https://redirect.github.com/docker/build-push-action/pull/1446">docker/build-push-action#1446</a></li> <li>Bump tmp from 0.2.3 to 0.2.4 in <a href="https://redirect.github.com/docker/build-push-action/pull/1398">docker/build-push-action#1398</a></li> <li>Bump undici from 5.28.4 to 5.29.0 in <a href="https://redirect.github.com/docker/build-push-action/pull/1397">docker/build-push-action#1397</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/build-push-action/compare/v6.18.0...v6.19.0">https://github.com/docker/build-push-action/compare/v6.18.0...v6.19.0</a></p> <h2>v6.18.0</h2> <ul> <li>Bump <code>@docker/actions-toolkit</code> from 0.61.0 to 0.62.1 in <a href="https://redirect.github.com/docker/build-push-action/pull/1381">docker/build-push-action#1381</a></li> </ul> <blockquote> <p>[!NOTE] <a href="https://docs.docker.com/build/ci/github-actions/build-summary/">Build summary</a> is now supported with <a href="https://docs.docker.com/build-cloud/">Docker Build Cloud</a>.</p> </blockquote> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/build-push-action/compare/v6.17.0...v6.18.0">https://github.com/docker/build-push-action/compare/v6.17.0...v6.18.0</a></p> <h2>v6.17.0</h2> <ul> <li>Bump <code>@docker/actions-toolkit</code> from 0.59.0 to 0.61.0 by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/build-push-action/pull/1364">docker/build-push-action#1364</a></li> </ul> <blockquote> <p>[!NOTE] Build record is now exported using the <a href="https://docs.docker.com/reference/cli/docker/buildx/history/export/"><code>buildx history export</code></a> command instead of the legacy export-build tool.</p> </blockquote> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/build-push-action/compare/v6.16.0...v6.17.0">https://github.com/docker/build-push-action/compare/v6.16.0...v6.17.0</a></p> <h2>v6.16.0</h2> <ul> <li>Handle no default attestations env var by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/build-push-action/pull/1343">docker/build-push-action#1343</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="`d08e5c354a`"><code>d08e5c3</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1479">#1479</a> from docker/dependabot/npm_and_yarn/docker/actions-t...</li> <li><a href="`cbd2dff9a0`"><code>cbd2dff</code></a> chore: update generated content</li> <li><a href="`f76f51f129`"><code>f76f51f</code></a> chore(deps): Bump <code>@docker/actions-toolkit</code> from 0.78.0 to 0.79.0</li> <li><a href="`7d03e66b5f`"><code>7d03e66</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1473">#1473</a> from crazy-max/rm-deprecated-envs</li> <li><a href="`98f853d923`"><code>98f853d</code></a> chore: update generated content</li> <li><a href="`cadccf6e8c`"><code>cadccf6</code></a> remove deprecated envs</li> <li><a href="`03fe8775e3`"><code>03fe877</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1478">#1478</a> from docker/dependabot/github_actions/docker/setup-b...</li> <li><a href="`827e36650e`"><code>827e366</code></a> chore(deps): Bump docker/setup-buildx-action from 3 to 4</li> <li><a href="`e25db879d0`"><code>e25db87</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1474">#1474</a> from crazy-max/rm-export-build-tool</li> <li><a href="`1ac2573b5c`"><code>1ac2573</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1470">#1470</a> from crazy-max/node24</li> <li>Additional commits viewable in <a href="https://github.com/docker/build-push-action/compare/v6...v7">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/build-push-action&package-manager=github_actions&previous-version=6&new-version=7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> > Note > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-05-01 17:23:51 +02:00
dependabot[bot]	cb13917737	Bump docker/setup-buildx-action from 3 to 4 (#492 ) Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3 to 4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's releases</a>.</em></p> <blockquote> <h2>v4.0.0</h2> <ul> <li>Node 24 as default runtime (requires <a href="https://github.com/actions/runner/releases/tag/v2.327.1">Actions Runner v2.327.1</a> or later) by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/483">docker/setup-buildx-action#483</a></li> <li>Remove deprecated inputs/outputs by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/464">docker/setup-buildx-action#464</a></li> <li>Switch to ESM and update config/test wiring by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/481">docker/setup-buildx-action#481</a></li> <li>Bump <code>@actions/core</code> from 1.11.1 to 3.0.0 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/475">docker/setup-buildx-action#475</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.63.0 to 0.79.0 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/482">docker/setup-buildx-action#482</a> <a href="https://redirect.github.com/docker/setup-buildx-action/pull/485">docker/setup-buildx-action#485</a></li> <li>Bump js-yaml from 4.1.0 to 4.1.1 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/452">docker/setup-buildx-action#452</a></li> <li>Bump lodash from 4.17.21 to 4.17.23 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/472">docker/setup-buildx-action#472</a></li> <li>Bump minimatch from 3.1.2 to 3.1.5 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/480">docker/setup-buildx-action#480</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-buildx-action/compare/v3.12.0...v4.0.0">https://github.com/docker/setup-buildx-action/compare/v3.12.0...v4.0.0</a></p> <h2>v3.12.0</h2> <ul> <li>Deprecate <code>install</code> input by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/455">docker/setup-buildx-action#455</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.62.1 to 0.63.0 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/434">docker/setup-buildx-action#434</a></li> <li>Bump brace-expansion from 1.1.11 to 1.1.12 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/436">docker/setup-buildx-action#436</a></li> <li>Bump form-data from 2.5.1 to 2.5.5 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/432">docker/setup-buildx-action#432</a></li> <li>Bump undici from 5.28.4 to 5.29.0 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/435">docker/setup-buildx-action#435</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-buildx-action/compare/v3.11.1...v3.12.0">https://github.com/docker/setup-buildx-action/compare/v3.11.1...v3.12.0</a></p> <h2>v3.11.1</h2> <ul> <li>Fix <code>keep-state</code> not being respected by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/429">docker/setup-buildx-action#429</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-buildx-action/compare/v3.11.0...v3.11.1">https://github.com/docker/setup-buildx-action/compare/v3.11.0...v3.11.1</a></p> <h2>v3.11.0</h2> <ul> <li>Keep BuildKit state support by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/427">docker/setup-buildx-action#427</a></li> <li>Remove aliases created when installing by default by <a href="https://github.com/hashhar"><code>@hashhar</code></a> in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/139">docker/setup-buildx-action#139</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.56.0 to 0.62.1 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/422">docker/setup-buildx-action#422</a> <a href="https://redirect.github.com/docker/setup-buildx-action/pull/425">docker/setup-buildx-action#425</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-buildx-action/compare/v3.10.0...v3.11.0">https://github.com/docker/setup-buildx-action/compare/v3.10.0...v3.11.0</a></p> <h2>v3.10.0</h2> <ul> <li>Bump <code>@docker/actions-toolkit</code> from 0.54.0 to 0.56.0 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/408">docker/setup-buildx-action#408</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-buildx-action/compare/v3.9.0...v3.10.0">https://github.com/docker/setup-buildx-action/compare/v3.9.0...v3.10.0</a></p> <h2>v3.9.0</h2> <ul> <li>Bump <code>@docker/actions-toolkit</code> from 0.48.0 to 0.54.0 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/402">docker/setup-buildx-action#402</a> <a href="https://redirect.github.com/docker/setup-buildx-action/pull/404">docker/setup-buildx-action#404</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-buildx-action/compare/v3.8.0...v3.9.0">https://github.com/docker/setup-buildx-action/compare/v3.8.0...v3.9.0</a></p> <h2>v3.8.0</h2> <ul> <li>Make cloud prefix optional to download buildx if driver is cloud by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/390">docker/setup-buildx-action#390</a></li> <li>Bump <code>@actions/core</code> from 1.10.1 to 1.11.1 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/370">docker/setup-buildx-action#370</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.39.0 to 0.48.0 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/389">docker/setup-buildx-action#389</a></li> <li>Bump cross-spawn from 7.0.3 to 7.0.6 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/382">docker/setup-buildx-action#382</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-buildx-action/compare/v3.7.1...v3.8.0">https://github.com/docker/setup-buildx-action/compare/v3.7.1...v3.8.0</a></p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="`4d04d5d948`"><code>4d04d5d</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/485">#485</a> from docker/dependabot/npm_and_yarn/docker/actions-to...</li> <li><a href="`cd74e05d9b`"><code>cd74e05</code></a> chore: update generated content</li> <li><a href="`eee38ec7b3`"><code>eee38ec</code></a> build(deps): bump <code>@docker/actions-toolkit</code> from 0.77.0 to 0.79.0</li> <li><a href="`7a83f65b5a`"><code>7a83f65</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/484">#484</a> from docker/dependabot/github_actions/docker/setup-qe...</li> <li><a href="`a5aa96747d`"><code>a5aa967</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/464">#464</a> from crazy-max/rm-deprecated</li> <li><a href="`e73d53fa4e`"><code>e73d53f</code></a> build(deps): bump docker/setup-qemu-action from 3 to 4</li> <li><a href="`28a438e9ed`"><code>28a438e</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/483">#483</a> from crazy-max/node24</li> <li><a href="`034e9d37dd`"><code>034e9d3</code></a> chore: update generated content</li> <li><a href="`b4664d8fd0`"><code>b4664d8</code></a> remove deprecated inputs/outputs</li> <li><a href="`a8257dec35`"><code>a8257de</code></a> node 24 as default runtime</li> <li>Additional commits viewable in <a href="https://github.com/docker/setup-buildx-action/compare/v3...v4">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-buildx-action&package-manager=github_actions&previous-version=3&new-version=4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-05-01 17:23:27 +02:00
dependabot[bot]	9874390d16	Bump ruff from 0.15.9 to 0.15.12 (#502 ) Bumps [ruff](https://github.com/astral-sh/ruff) from 0.15.9 to 0.15.12. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/astral-sh/ruff/releases">ruff's releases</a>.</em></p> <blockquote> <h2>0.15.12</h2> <h2>Release Notes</h2> <p>Released on 2026-04-24.</p> <h3>Preview features</h3> <ul> <li>Implement <code>#ruff:file-ignore</code> file-level suppressions (<a href="https://redirect.github.com/astral-sh/ruff/pull/23599">#23599</a>)</li> <li>Implement <code>#ruff:ignore</code> logical-line suppressions (<a href="https://redirect.github.com/astral-sh/ruff/pull/23404">#23404</a>)</li> <li>Revert preview changes to displayed diagnostic severity in LSP (<a href="https://redirect.github.com/astral-sh/ruff/pull/24789">#24789</a>)</li> <li>[<code>airflow</code>] Implement <code>task-branch-as-short-circuit</code> (<code>AIR004</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/23579">#23579</a>)</li> <li>[<code>flake8-bugbear</code>] Fix <code>break</code>/<code>continue</code> handling in <code>loop-iterator-mutation</code> (<code>B909</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/24440">#24440</a>)</li> <li>[<code>pylint</code>] Fix <code>PLC2701</code> for type parameter scopes (<a href="https://redirect.github.com/astral-sh/ruff/pull/24576">#24576</a>)</li> </ul> <h3>Rule changes</h3> <ul> <li>[<code>pandas-vet</code>] Suggest <code>.array</code> as well in <code>PD011</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/24805">#24805</a>)</li> </ul> <h3>CLI</h3> <ul> <li>Respect default Unix permissions for cache files (<a href="https://redirect.github.com/astral-sh/ruff/pull/24794">#24794</a>)</li> </ul> <h3>Documentation</h3> <ul> <li>[<code>pylint</code>] Fix <code>PLR0124</code> description not to claim self-comparison always returns the same value (<a href="https://redirect.github.com/astral-sh/ruff/pull/24749">#24749</a>)</li> <li>[<code>pyupgrade</code>] Expand docs on reusable <code>TypeVar</code>s and scoping (<code>UP046</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/24153">#24153</a>)</li> <li>Improve rules table accessibility (<a href="https://redirect.github.com/astral-sh/ruff/pull/24711">#24711</a>)</li> </ul> <h3>Contributors</h3> <ul> <li><a href="https://github.com/dylwil3"><code>@dylwil3</code></a></li> <li><a href="https://github.com/AlexWaygood"><code>@AlexWaygood</code></a></li> <li><a href="https://github.com/woodruffw"><code>@woodruffw</code></a></li> <li><a href="https://github.com/avasis-ai"><code>@avasis-ai</code></a></li> <li><a href="https://github.com/Dev-iL"><code>@Dev-iL</code></a></li> <li><a href="https://github.com/denyszhak"><code>@denyszhak</code></a></li> <li><a href="https://github.com/ShipItAndPray"><code>@ShipItAndPray</code></a></li> <li><a href="https://github.com/anishgirianish"><code>@anishgirianish</code></a></li> <li><a href="https://github.com/augustelalande"><code>@augustelalande</code></a></li> <li><a href="https://github.com/amyreese"><code>@amyreese</code></a></li> <li><a href="https://github.com/majiayu000"><code>@majiayu000</code></a></li> </ul> <h2>Install ruff 0.15.12</h2> <h3>Install prebuilt binaries via shell script</h3> <pre lang="sh"><code>curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/ruff/releases/download/0.15.12/ruff-installer.sh \| sh </code></pre> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md">ruff's changelog</a>.</em></p> <blockquote> <h2>0.15.12</h2> <p>Released on 2026-04-24.</p> <h3>Preview features</h3> <ul> <li>Implement <code>#ruff:file-ignore</code> file-level suppressions (<a href="https://redirect.github.com/astral-sh/ruff/pull/23599">#23599</a>)</li> <li>Implement <code>#ruff:ignore</code> logical-line suppressions (<a href="https://redirect.github.com/astral-sh/ruff/pull/23404">#23404</a>)</li> <li>Revert preview changes to displayed diagnostic severity in LSP (<a href="https://redirect.github.com/astral-sh/ruff/pull/24789">#24789</a>)</li> <li>[<code>airflow</code>] Implement <code>task-branch-as-short-circuit</code> (<code>AIR004</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/23579">#23579</a>)</li> <li>[<code>flake8-bugbear</code>] Fix <code>break</code>/<code>continue</code> handling in <code>loop-iterator-mutation</code> (<code>B909</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/24440">#24440</a>)</li> <li>[<code>pylint</code>] Fix <code>PLC2701</code> for type parameter scopes (<a href="https://redirect.github.com/astral-sh/ruff/pull/24576">#24576</a>)</li> </ul> <h3>Rule changes</h3> <ul> <li>[<code>pandas-vet</code>] Suggest <code>.array</code> as well in <code>PD011</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/24805">#24805</a>)</li> </ul> <h3>CLI</h3> <ul> <li>Respect default Unix permissions for cache files (<a href="https://redirect.github.com/astral-sh/ruff/pull/24794">#24794</a>)</li> </ul> <h3>Documentation</h3> <ul> <li>[<code>pylint</code>] Fix <code>PLR0124</code> description not to claim self-comparison always returns the same value (<a href="https://redirect.github.com/astral-sh/ruff/pull/24749">#24749</a>)</li> <li>[<code>pyupgrade</code>] Expand docs on reusable <code>TypeVar</code>s and scoping (<code>UP046</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/24153">#24153</a>)</li> <li>Improve rules table accessibility (<a href="https://redirect.github.com/astral-sh/ruff/pull/24711">#24711</a>)</li> </ul> <h3>Contributors</h3> <ul> <li><a href="https://github.com/dylwil3"><code>@dylwil3</code></a></li> <li><a href="https://github.com/AlexWaygood"><code>@AlexWaygood</code></a></li> <li><a href="https://github.com/woodruffw"><code>@woodruffw</code></a></li> <li><a href="https://github.com/avasis-ai"><code>@avasis-ai</code></a></li> <li><a href="https://github.com/Dev-iL"><code>@Dev-iL</code></a></li> <li><a href="https://github.com/denyszhak"><code>@denyszhak</code></a></li> <li><a href="https://github.com/ShipItAndPray"><code>@ShipItAndPray</code></a></li> <li><a href="https://github.com/anishgirianish"><code>@anishgirianish</code></a></li> <li><a href="https://github.com/augustelalande"><code>@augustelalande</code></a></li> <li><a href="https://github.com/amyreese"><code>@amyreese</code></a></li> <li><a href="https://github.com/majiayu000"><code>@majiayu000</code></a></li> </ul> <h2>0.15.11</h2> <p>Released on 2026-04-16.</p> <h3>Preview features</h3> <ul> <li>[<code>ruff</code>] Ignore <code>RUF029</code> when function is decorated with <code>asynccontextmanager</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/24642">#24642</a>)</li> <li>[<code>airflow</code>] Implement <code>airflow-xcom-pull-in-template-string</code> (<code>AIR201</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/23583">#23583</a>)</li> <li>[<code>flake8-bandit</code>] Fix <code>S103</code> false positives and negatives in mask analysis (<a href="https://redirect.github.com/astral-sh/ruff/pull/24424">#24424</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="`66f93cf7ed`"><code>66f93cf</code></a> Bump 0.15.12 (<a href="https://redirect.github.com/astral-sh/ruff/issues/24815">#24815</a>)</li> <li><a href="`476a4d02e8`"><code>476a4d0</code></a> [ty] Complete support for more detailed diagnostics on possibly unbound error...</li> <li><a href="`ed669eab30`"><code>ed669ea</code></a> Implement <code>#ruff:file-ignore</code> file-level suppressions (<a href="https://redirect.github.com/astral-sh/ruff/issues/23599">#23599</a>)</li> <li><a href="`e73d952e43`"><code>e73d952</code></a> [ty] Include inferred type in <code>invalid-key</code> concise diagnostic for union/inte...</li> <li><a href="`80feb29b31`"><code>80feb29</code></a> [ty] report only dead annotation-only locals as unused (<a href="https://redirect.github.com/astral-sh/ruff/issues/24811">#24811</a>)</li> <li><a href="`0fbf2bc273`"><code>0fbf2bc</code></a> Drop deprecated license classifier (<a href="https://redirect.github.com/astral-sh/ruff/issues/24808">#24808</a>)</li> <li><a href="`43b174cc7f`"><code>43b174c</code></a> [ty] Infer lambda parameter types with <code>Callable</code> type context (<a href="https://redirect.github.com/astral-sh/ruff/issues/24317">#24317</a>)</li> <li><a href="`4f449ae4a2`"><code>4f449ae</code></a> [ty] Add error context for intersection types (<a href="https://redirect.github.com/astral-sh/ruff/issues/24772">#24772</a>)</li> <li><a href="`5b4e753acb`"><code>5b4e753</code></a> [ty] Add support for goto in literal enum member inlay hint (<a href="https://redirect.github.com/astral-sh/ruff/issues/24792">#24792</a>)</li> <li><a href="`e7cc76275a`"><code>e7cc762</code></a> [ty] Add error context for TypedDict assignments (<a href="https://redirect.github.com/astral-sh/ruff/issues/24790">#24790</a>)</li> <li>Additional commits viewable in <a href="https://github.com/astral-sh/ruff/compare/0.15.9...0.15.12">compare view</a></li> </ul> </details> <br /> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-05-01 17:22:38 +02:00
dependabot[bot]	861380af7b	Bump the uv group across 1 directory with 2 updates (#523 ) Bumps the uv group with 2 updates in the /metadata_relay directory: [python-dotenv](https://github.com/theskumar/python-dotenv) and [python-multipart](https://github.com/Kludex/python-multipart). Updates `python-dotenv` from 1.2.1 to 1.2.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/theskumar/python-dotenv/releases">python-dotenv's releases</a>.</em></p> <blockquote> <h2>v1.2.2</h2> <h3>Added</h3> <ul> <li>Support for Python 3.14, including the free-threaded (3.14t) build. (#)</li> </ul> <h3>Changed</h3> <ul> <li>The <code>dotenv run</code> command now forwards flags directly to the specified command by <a href="https://github.com/bbc2"><code>@bbc2</code></a> in <a href="https://redirect.github.com/theskumar/python-dotenv/pull/607">theskumar/python-dotenv#607</a></li> <li>Improved documentation clarity regarding override behavior and the reference page.</li> <li>Updated PyPy support to version 3.11.</li> <li>Documentation for FIFO file support.</li> <li>Support for Python 3.9.</li> </ul> <h3>Fixed</h3> <ul> <li>Improved <code>set_key</code> and <code>unset_key</code> behavior when interacting with symlinks by <a href="https://github.com/bbc2"><code>@bbc2</code></a> in <a href="`790c5c0299`">#790c5</a></li> <li>Corrected the license specifier and added missing Python 3.14 classifiers in package metadata by <a href="https://github.com/JYOuyang"><code>@JYOuyang</code></a> in <a href="https://redirect.github.com/theskumar/python-dotenv/pull/590">theskumar/python-dotenv#590</a></li> </ul> <h3>Breaking Changes</h3> <ul> <li> <p><code>dotenv.set_key</code> and <code>dotenv.unset_key</code> used to follow symlinks in some situations. This is no longer the case. For that behavior to be restored in all cases, <code>follow_symlinks=True</code> should be used.</p> </li> <li> <p>In the CLI, <code>set</code> and <code>unset</code> used to follow symlinks in some situations. This is no longer the case.</p> </li> <li> <p><code>dotenv.set_key</code>, <code>dotenv.unset_key</code> and the CLI commands <code>set</code> and <code>unset</code> used to reset the file mode of the modified .env file to <code>0o600</code> in some situations. This is no longer the case: The original mode of the file is now preserved. Is the file needed to be created or wasn't a regular file, mode <code>0o600</code> is used.</p> </li> </ul> <h3>Misc</h3> <ul> <li>skip 000 permission tests for root user by <a href="https://github.com/burnout-projects"><code>@burnout-projects</code></a> in <a href="https://redirect.github.com/theskumar/python-dotenv/pull/561">theskumar/python-dotenv#561</a></li> <li>Bump actions/checkout from 5 to 6 in the github-actions group by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/theskumar/python-dotenv/pull/593">theskumar/python-dotenv#593</a></li> <li>Add Windows testing to CI by <a href="https://github.com/bbc2"><code>@bbc2</code></a> in <a href="https://redirect.github.com/theskumar/python-dotenv/pull/604">theskumar/python-dotenv#604</a></li> <li>Improve workflow efficiency with best practices by <a href="https://github.com/theskumar"><code>@theskumar</code></a> in <a href="https://redirect.github.com/theskumar/python-dotenv/pull/609">theskumar/python-dotenv#609</a></li> <li>Remove the use of <code>sh</code> in tests by <a href="https://github.com/bbc2"><code>@bbc2</code></a> in <a href="https://redirect.github.com/theskumar/python-dotenv/pull/612">theskumar/python-dotenv#612</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/JYOuyang"><code>@JYOuyang</code></a> made their first contribution in <a href="https://redirect.github.com/theskumar/python-dotenv/pull/590">theskumar/python-dotenv#590</a></li> <li><a href="https://github.com/burnout-projects"><code>@burnout-projects</code></a> made their first contribution in <a href="https://redirect.github.com/theskumar/python-dotenv/pull/561">theskumar/python-dotenv#561</a></li> <li><a href="https://github.com/cpackham-atlnz"><code>@cpackham-atlnz</code></a> made their first contribution in <a href="https://redirect.github.com/theskumar/python-dotenv/pull/597">theskumar/python-dotenv#597</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/theskumar/python-dotenv/compare/v1.2.1...v1.2.2">https://github.com/theskumar/python-dotenv/compare/v1.2.1...v1.2.2</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/theskumar/python-dotenv/blob/main/CHANGELOG.md">python-dotenv's changelog</a>.</em></p> <blockquote> <h2>[1.2.2] - 2026-03-01</h2> <h3>Added</h3> <ul> <li>Support for Python 3.14, including the free-threaded (3.14t) build. (<a href="https://redirect.github.com/theskumar/python-dotenv/issues/588">#588</a>)</li> </ul> <h3>Changed</h3> <ul> <li>The <code>dotenv run</code> command now forwards flags directly to the specified command by [<a href="https://github.com/bbc2"><code>@bbc2</code></a>] in <a href="https://redirect.github.com/theskumar/python-dotenv/issues/607">#607</a></li> <li>Improved documentation clarity regarding override behavior and the reference page.</li> <li>Updated PyPy support to version 3.11.</li> <li>Documentation for FIFO file support.</li> <li>Dropped Support for Python 3.9.</li> </ul> <h3>Fixed</h3> <ul> <li>Improved <code>set_key</code> and <code>unset_key</code> behavior when interacting with symlinks by [<a href="https://github.com/bbc2"><code>@bbc2</code></a>] in [790c5c0]</li> <li>Corrected the license specifier and added missing Python 3.14 classifiers in package metadata by [<a href="https://github.com/JYOuyang"><code>@JYOuyang</code></a>] in <a href="https://redirect.github.com/theskumar/python-dotenv/issues/590">#590</a></li> </ul> <h3>Breaking Changes</h3> <ul> <li> <p><code>dotenv.set_key</code> and <code>dotenv.unset_key</code> used to follow symlinks in some situations. This is no longer the case. For that behavior to be restored in all cases, <code>follow_symlinks=True</code> should be used.</p> </li> <li> <p>In the CLI, <code>set</code> and <code>unset</code> used to follow symlinks in some situations. This is no longer the case.</p> </li> <li> <p><code>dotenv.set_key</code>, <code>dotenv.unset_key</code> and the CLI commands <code>set</code> and <code>unset</code> used to reset the file mode of the modified .env file to <code>0o600</code> in some situations. This is no longer the case: The original mode of the file is now preserved. Is the file needed to be created or wasn't a regular file, mode <code>0o600</code> is used.</p> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`36004e0e34`"><code>36004e0</code></a> Bump version: 1.2.1 → 1.2.2</li> <li><a href="`eb202520e5`"><code>eb20252</code></a> docs: update changelog for v1.2.2</li> <li><a href="`790c5c0299`"><code>790c5c0</code></a> Merge commit from fork</li> <li><a href="`43340da220`"><code>43340da</code></a> Remove the use of <code>sh</code> in tests (<a href="https://redirect.github.com/theskumar/python-dotenv/issues/612">#612</a>)</li> <li><a href="`09d7cee324`"><code>09d7cee</code></a> docs: clarify override behavior and document FIFO support (<a href="https://redirect.github.com/theskumar/python-dotenv/issues/610">#610</a>)</li> <li><a href="`c8de2887c0`"><code>c8de288</code></a> ci: improve workflow efficiency with best practices (<a href="https://redirect.github.com/theskumar/python-dotenv/issues/609">#609</a>)</li> <li><a href="`7bd9e3dbfe`"><code>7bd9e3d</code></a> Add Windows testing to CI (<a href="https://redirect.github.com/theskumar/python-dotenv/issues/604">#604</a>)</li> <li><a href="`1baaf04f33`"><code>1baaf04</code></a> Drop Python 3.9 support and update to PyPy 3.11 (<a href="https://redirect.github.com/theskumar/python-dotenv/issues/608">#608</a>)</li> <li><a href="`4a22cf8993`"><code>4a22cf8</code></a> ci: enable testing on Python 3.14t (free-threaded) (<a href="https://redirect.github.com/theskumar/python-dotenv/issues/588">#588</a>)</li> <li><a href="`e2e8e776b4`"><code>e2e8e77</code></a> Fix license specifier (<a href="https://redirect.github.com/theskumar/python-dotenv/issues/597">#597</a>)</li> <li>Additional commits viewable in <a href="https://github.com/theskumar/python-dotenv/compare/v1.2.1...v1.2.2">compare view</a></li> </ul> </details> <br /> Updates `python-multipart` from 0.0.22 to 0.0.26 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/Kludex/python-multipart/releases">python-multipart's releases</a>.</em></p> <blockquote> <h2>Version 0.0.26</h2> <h2>What's Changed</h2> <ul> <li>Skip preamble before first multipart boundary by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/python-multipart/pull/262">Kludex/python-multipart#262</a></li> <li>Silently discard epilogue data after the closing boundary by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/python-multipart/pull/259">Kludex/python-multipart#259</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/Kludex/python-multipart/compare/0.0.25...0.0.26">https://github.com/Kludex/python-multipart/compare/0.0.25...0.0.26</a></p> <h2>Version 0.0.25</h2> <h2>What's Changed</h2> <ul> <li>Apply Apache-2.0 properly by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/python-multipart/pull/247">Kludex/python-multipart#247</a></li> <li>Handle multipart headers case-insensitively by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/python-multipart/pull/252">Kludex/python-multipart#252</a></li> <li>Emit <code>field_end</code> for trailing bare field names on finalize by <a href="https://github.com/bysiber"><code>@bysiber</code></a> in <a href="https://redirect.github.com/Kludex/python-multipart/pull/230">Kludex/python-multipart#230</a></li> <li>Add <code>UPLOAD_DELETE_TMP</code> to <code>FormParser</code> config by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/python-multipart/pull/254">Kludex/python-multipart#254</a></li> <li>Remove custom FormParser classes by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/python-multipart/pull/257">Kludex/python-multipart#257</a></li> <li>Handle CTE values case-insensitively by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/python-multipart/pull/258">Kludex/python-multipart#258</a></li> <li>Add MIME content type info to File by <a href="https://github.com/jhnstrk"><code>@jhnstrk</code></a> in <a href="https://redirect.github.com/Kludex/python-multipart/pull/143">Kludex/python-multipart#143</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/Kludex/python-multipart/compare/0.0.24...0.0.25">https://github.com/Kludex/python-multipart/compare/0.0.24...0.0.25</a></p> <h2>Version 0.0.24</h2> <h2>What's Changed</h2> <ul> <li>Validate <code>chunk_size</code> in <code>parse_form()</code> by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/python-multipart/pull/244">Kludex/python-multipart#244</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/Kludex/python-multipart/compare/0.0.23...0.0.24">https://github.com/Kludex/python-multipart/compare/0.0.23...0.0.24</a></p> <h2>Version 0.0.23</h2> <h2>What's Changed</h2> <ul> <li>Remove unused <code>trust_x_headers</code> parameter and <code>X-File-Name</code> fallback by <a href="https://github.com/jhnstrk"><code>@jhnstrk</code></a> in <a href="https://redirect.github.com/Kludex/python-multipart/pull/196">Kludex/python-multipart#196</a></li> <li>Return processed length from <code>QuerystringParser._internal_write</code> by <a href="https://github.com/bysiber"><code>@bysiber</code></a> in <a href="https://redirect.github.com/Kludex/python-multipart/pull/229">Kludex/python-multipart#229</a></li> <li>Cleanup metadata dunders from <code>__init__.py</code> by <a href="https://github.com/Chesars"><code>@Chesars</code></a> in <a href="https://redirect.github.com/Kludex/python-multipart/pull/227">Kludex/python-multipart#227</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/Chesars"><code>@Chesars</code></a> made their first contribution in <a href="https://redirect.github.com/Kludex/python-multipart/pull/227">Kludex/python-multipart#227</a></li> <li><a href="https://github.com/bysiber"><code>@bysiber</code></a> made their first contribution in <a href="https://redirect.github.com/Kludex/python-multipart/pull/229">Kludex/python-multipart#229</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/Kludex/python-multipart/compare/0.0.22...0.0.23">https://github.com/Kludex/python-multipart/compare/0.0.22...0.0.23</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Kludex/python-multipart/blob/main/CHANGELOG.md">python-multipart's changelog</a>.</em></p> <blockquote> <h2>0.0.26 (2026-04-10)</h2> <ul> <li>Skip preamble before the first multipart boundary more efficiently <a href="https://redirect.github.com/Kludex/python-multipart/pull/262">#262</a>.</li> <li>Silently discard epilogue data after the closing multipart boundary <a href="https://redirect.github.com/Kludex/python-multipart/pull/259">#259</a>.</li> </ul> <h2>0.0.25 (2026-04-10)</h2> <ul> <li>Add MIME content type info to <code>File</code> <a href="https://redirect.github.com/Kludex/python-multipart/pull/143">#143</a>.</li> <li>Handle CTE values case-insensitively <a href="https://redirect.github.com/Kludex/python-multipart/pull/258">#258</a>.</li> <li>Remove custom <code>FormParser</code> classes <a href="https://redirect.github.com/Kludex/python-multipart/pull/257">#257</a>.</li> <li>Add <code>UPLOAD_DELETE_TMP</code> to <code>FormParser</code> config <a href="https://redirect.github.com/Kludex/python-multipart/pull/254">#254</a>.</li> <li>Emit <code>field_end</code> for trailing bare field names on finalize <a href="https://redirect.github.com/Kludex/python-multipart/pull/230">#230</a>.</li> <li>Handle multipart headers case-insensitively <a href="https://redirect.github.com/Kludex/python-multipart/pull/252">#252</a>.</li> <li>Apply Apache-2.0 properly <a href="https://redirect.github.com/Kludex/python-multipart/pull/247">#247</a>.</li> </ul> <h2>0.0.24 (2026-04-05)</h2> <ul> <li>Validate <code>chunk_size</code> in <code>parse_form()</code> <a href="https://redirect.github.com/Kludex/python-multipart/pull/244">#244</a>.</li> </ul> <h2>0.0.23 (2026-04-05)</h2> <ul> <li>Remove unused <code>trust_x_headers</code> parameter and <code>X-File-Name</code> fallback <a href="https://redirect.github.com/Kludex/python-multipart/pull/196">#196</a>.</li> <li>Return processed length from <code>QuerystringParser._internal_write</code> <a href="https://redirect.github.com/Kludex/python-multipart/pull/229">#229</a>.</li> <li>Cleanup metadata dunders from <code>__init__.py</code> <a href="https://redirect.github.com/Kludex/python-multipart/pull/227">#227</a>.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`28f47859b4`"><code>28f4785</code></a> Version 0.0.26 (<a href="https://redirect.github.com/Kludex/python-multipart/issues/263">#263</a>)</li> <li><a href="`d4452a78bb`"><code>d4452a7</code></a> Silently discard epilogue data after the closing boundary (<a href="https://redirect.github.com/Kludex/python-multipart/issues/259">#259</a>)</li> <li><a href="`6a7b76dd26`"><code>6a7b76d</code></a> Skip preamble before first multipart boundary (<a href="https://redirect.github.com/Kludex/python-multipart/issues/262">#262</a>)</li> <li><a href="`4addb60350`"><code>4addb60</code></a> Version 0.0.25 (<a href="https://redirect.github.com/Kludex/python-multipart/issues/261">#261</a>)</li> <li><a href="`d3a4698e0d`"><code>d3a4698</code></a> Add MIME content type info to File (<a href="https://redirect.github.com/Kludex/python-multipart/issues/143">#143</a>)</li> <li><a href="`9a1ecbd074`"><code>9a1ecbd</code></a> Handle CTE values case-insensitively (<a href="https://redirect.github.com/Kludex/python-multipart/issues/258">#258</a>)</li> <li><a href="`ef2a0b94f9`"><code>ef2a0b9</code></a> Remove custom FormParser classes (<a href="https://redirect.github.com/Kludex/python-multipart/issues/257">#257</a>)</li> <li><a href="`3a757d7cf2`"><code>3a757d7</code></a> Ignore local Claude state (<a href="https://redirect.github.com/Kludex/python-multipart/issues/255">#255</a>)</li> <li><a href="`55e739617d`"><code>55e7396</code></a> fuzz: Add cifuzz (<a href="https://redirect.github.com/Kludex/python-multipart/issues/186">#186</a>)</li> <li><a href="`d6d1d111e7`"><code>d6d1d11</code></a> Bump the github-actions group with 2 updates (<a href="https://redirect.github.com/Kludex/python-multipart/issues/249">#249</a>)</li> <li>Additional commits viewable in <a href="https://github.com/Kludex/python-multipart/compare/0.0.22...0.0.26">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/maxdorninger/MediaManager/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-05-01 17:20:59 +02:00
dependabot[bot]	b024c78fa9	Bump @lucide/svelte from 0.482.0 to 0.577.0 in /web (#479 ) Bumps [@lucide/svelte](https://github.com/lucide-icons/lucide/tree/HEAD/packages/svelte) from 0.482.0 to 0.577.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/lucide-icons/lucide/releases"><code>@lucide/svelte</code>'s releases</a>.</em></p> <blockquote> <h2>Version 0.577.0</h2> <h2>What's Changed</h2> <ul> <li>chore(deps): bump rollup from 4.53.3 to 4.59.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4106">lucide-icons/lucide#4106</a></li> <li>fix(repo): correctly ignore docs/releaseMetadata via .gitignore by <a href="https://github.com/bhavberi"><code>@bhavberi</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4100">lucide-icons/lucide#4100</a></li> <li>feat(icons): added <code>ellipse</code> icon by <a href="https://github.com/KISHORE-KUMAR-S"><code>@KISHORE-KUMAR-S</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/3749">lucide-icons/lucide#3749</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/bhavberi"><code>@bhavberi</code></a> made their first contribution in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4100">lucide-icons/lucide#4100</a></li> <li><a href="https://github.com/KISHORE-KUMAR-S"><code>@KISHORE-KUMAR-S</code></a> made their first contribution in <a href="https://redirect.github.com/lucide-icons/lucide/pull/3749">lucide-icons/lucide#3749</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/lucide-icons/lucide/compare/0.576.0...0.577.0">https://github.com/lucide-icons/lucide/compare/0.576.0...0.577.0</a></p> <h2>Version 0.576.0</h2> <h2>What's Changed</h2> <ul> <li>Added zodiac signs by <a href="https://github.com/karsa-mistmere"><code>@karsa-mistmere</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/712">lucide-icons/lucide#712</a></li> <li>fix(icons): fixes guideline violations in <code>package-</code> icons. by <a href="https://github.com/karsa-mistmere"><code>@karsa-mistmere</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4074">lucide-icons/lucide#4074</a></li> <li>fix(icons): changed <code>receipt</code> icon by <a href="https://github.com/karsa-mistmere"><code>@karsa-mistmere</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4075">lucide-icons/lucide#4075</a></li> <li>fix(icons): updated <code>cuboid</code> icon tags and categories by <a href="https://github.com/karsa-mistmere"><code>@karsa-mistmere</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4095">lucide-icons/lucide#4095</a></li> <li>fix(icons): changed <code>cuboid</code> icon by <a href="https://github.com/jamiemlaw"><code>@jamiemlaw</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4098">lucide-icons/lucide#4098</a></li> <li>fix(lucide-font, lucide-static): Fixing stable code points by <a href="https://github.com/ericfennis"><code>@ericfennis</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/3894">lucide-icons/lucide#3894</a></li> <li>feat(icons): added <code>fishing-rod</code> icon by <a href="https://github.com/7ender"><code>@7ender</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/3839">lucide-icons/lucide#3839</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/lucide-icons/lucide/compare/0.575.0...0.576.0">https://github.com/lucide-icons/lucide/compare/0.575.0...0.576.0</a></p> <h2>Version 0.575.0</h2> <h2>What's Changed</h2> <ul> <li>feat(icons): added <code>message-square-check</code> icon by <a href="https://github.com/karsa-mistmere"><code>@karsa-mistmere</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4076">lucide-icons/lucide#4076</a></li> <li>fix(lucide): Fix ESM Module output path in build by <a href="https://github.com/ericfennis"><code>@ericfennis</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4084">lucide-icons/lucide#4084</a></li> <li>feat(icons): added <code>metronome</code> icon by <a href="https://github.com/edwloef"><code>@edwloef</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4063">lucide-icons/lucide#4063</a></li> <li>fix(icons): remove execution permission of SVG files by <a href="https://github.com/duckafire"><code>@duckafire</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4053">lucide-icons/lucide#4053</a></li> <li>fix(icons): changed <code>file-pen-line</code> icon by <a href="https://github.com/jguddas"><code>@jguddas</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/3970">lucide-icons/lucide#3970</a></li> <li>feat(icons): added <code>square-arrow-right-exit</code> and <code>square-arrow-right-enter</code> icons by <a href="https://github.com/EthanHazel"><code>@EthanHazel</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/3958">lucide-icons/lucide#3958</a></li> <li>fix(icons): renamed <code>flip-</code> to <code>square-centerline-dashed-</code> by <a href="https://github.com/jguddas"><code>@jguddas</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/3945">lucide-icons/lucide#3945</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/edwloef"><code>@edwloef</code></a> made their first contribution in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4063">lucide-icons/lucide#4063</a></li> <li><a href="https://github.com/duckafire"><code>@duckafire</code></a> made their first contribution in <a href="https://redirect.github.com/lucide-icons/lucide/pull/4053">lucide-icons/lucide#4053</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/lucide-icons/lucide/compare/0.573.0...0.575.0">https://github.com/lucide-icons/lucide/compare/0.573.0...0.575.0</a></p> <h2>Version 0.574.0</h2> <h2>What's Changed</h2> <ul> <li>fix(icons): changed <code>rocking-chair</code> icon by <a href="https://github.com/jamiemlaw"><code>@jamiemlaw</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/3445">lucide-icons/lucide#3445</a></li> <li>fix(icons): flipped <code>coins</code> icon by <a href="https://github.com/jguddas"><code>@jguddas</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/3158">lucide-icons/lucide#3158</a></li> <li>feat(icons): added <code>x-line-top</code> icon by <a href="https://github.com/jguddas"><code>@jguddas</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/2838">lucide-icons/lucide#2838</a></li> <li>feat(icons): added <code>mouse-left</code> icon by <a href="https://github.com/marvfash"><code>@marvfash</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/2788">lucide-icons/lucide#2788</a></li> <li>feat(icons): added <code>mouse-right</code> icon by <a href="https://github.com/marvfash"><code>@marvfash</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/2787">lucide-icons/lucide#2787</a></li> </ul> <h2>New Contributors</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="`cbaaf4e21e`"><code>cbaaf4e</code></a> fix(<code>@lucide/svelte</code>): Fix build in (<a href="https://github.com/lucide-icons/lucide/tree/HEAD/packages/svelte/issues/4026">#4026</a>)</li> <li><a href="`67c0485457`"><code>67c0485</code></a> feat(scripts): added helper script to automatically update OpenCollective bac...</li> <li><a href="`b6ed43d48c`"><code>b6ed43d</code></a> feat(packages): Added aria-hidden fallback for decorative icons to all packag...</li> <li><a href="`076e0bbcd9`"><code>076e0bb</code></a> chore(dependencies): Update dependencies (<a href="https://github.com/lucide-icons/lucide/tree/HEAD/packages/svelte/issues/3809">#3809</a>)</li> <li><a href="`673e76831d`"><code>673e768</code></a> fix: add extensions to imports (<a href="https://github.com/lucide-icons/lucide/tree/HEAD/packages/svelte/issues/2950">#2950</a>)</li> <li><a href="`3e644fda2d`"><code>3e644fd</code></a> chore(scripts): Refactor scripts to typescript (<a href="https://github.com/lucide-icons/lucide/tree/HEAD/packages/svelte/issues/3316">#3316</a>)</li> <li><a href="`239bbd9a9a`"><code>239bbd9</code></a> build(deps-dev): bump vite from 6.0.7 to 6.1.6 (<a href="https://github.com/lucide-icons/lucide/tree/HEAD/packages/svelte/issues/3236">#3236</a>)</li> <li><a href="`19fa01b5fc`"><code>19fa01b</code></a> build(deps-dev): bump vite from 6.3.2 to 6.3.4 (<a href="https://github.com/lucide-icons/lucide/tree/HEAD/packages/svelte/issues/3181">#3181</a>)</li> <li><a href="`0fccc276c3`"><code>0fccc27</code></a> Bump dependencies (<a href="https://github.com/lucide-icons/lucide/tree/HEAD/packages/svelte/issues/3096">#3096</a>)</li> <li><a href="`7b954807da`"><code>7b95480</code></a> Added periods (<a href="https://github.com/lucide-icons/lucide/tree/HEAD/packages/svelte/issues/3065">#3065</a>)</li> <li>See full diff in <a href="https://github.com/lucide-icons/lucide/commits/0.577.0/packages/svelte">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by [GitHub Actions](<a href="https://www.npmjs.com/~GitHub">https://www.npmjs.com/~GitHub</a> Actions), a new releaser for <code>@lucide/svelte</code> since your current version.</p> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@lucide/svelte&package-manager=npm_and_yarn&previous-version=0.482.0&new-version=0.577.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> > Note* > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-05-01 17:17:20 +02:00
dependabot[bot]	c552aa3dd8	Bump cachetools from 7.0.1 to 7.0.5 (#494 ) Bumps [cachetools](https://github.com/tkem/cachetools) from 7.0.1 to 7.0.5. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tkem/cachetools/blob/master/CHANGELOG.rst">cachetools's changelog</a>.</em></p> <blockquote> <h1>v7.0.5 (2026-03-09)</h1> <ul> <li>Minor <code>@cachedmethod</code> performance improvements.</li> </ul> <h1>v7.0.4 (2026-03-08)</h1> <ul> <li> <p>Fix and properly document <code>@cachedmethod.cache_key</code> behavior.</p> </li> <li> <p>Minor documentation improvements.</p> </li> </ul> <h1>v7.0.3 (2026-03-05)</h1> <ul> <li>Fix <code>DeprecationWarning</code> when creating an autospec mock with <code>@cachedmethod</code> decorations.</li> </ul> <h1>v7.0.2 (2026-03-02)</h1> <ul> <li>Provide more efficient <code>clear()</code> implementation for all support Cache classes (courtesy Josep Pon Farreny).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`5dce86fc5c`"><code>5dce86f</code></a> Release v7.0.5.</li> <li><a href="`af5e68812b`"><code>af5e688</code></a> Minor <a href="https://github.com/cachedmethod"><code>@cachedmethod</code></a> performance improvements.</li> <li><a href="`0ca75e6049`"><code>0ca75e6</code></a> Relase v7.0.4.</li> <li><a href="`5b1fa392d0`"><code>5b1fa39</code></a> Prepare v7.0.4.</li> <li><a href="`18e5930ced`"><code>18e5930</code></a> Fix <a href="https://redirect.github.com/tkem/cachetools/issues/218">#218</a>: Fix and properly document <a href="https://github.com/cachedmethod"><code>@cachedmethod</code></a>.cache_key handling.</li> <li><a href="`98ec79ff8b`"><code>98ec79f</code></a> Drop "class method" from <a href="https://github.com/cachedmethod"><code>@cachedmethod</code></a> docstring.</li> <li><a href="`93822a30fc`"><code>93822a3</code></a> Release v7.0.3.</li> <li><a href="`57d2e4813d`"><code>57d2e48</code></a> Fix <a href="https://redirect.github.com/tkem/cachetools/issues/387">#387</a>: Handle obj=None case for inspection in _DescriptorBase.</li> <li><a href="`8011b71949`"><code>8011b71</code></a> Release v7.0.2.</li> <li><a href="`73d1602569`"><code>73d1602</code></a> Minor cleanups.</li> <li>Additional commits viewable in <a href="https://github.com/tkem/cachetools/compare/v7.0.1...v7.0.5">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cachetools&package-manager=uv&previous-version=7.0.1&new-version=7.0.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> > Note > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-05-01 17:17:02 +02:00
dependabot[bot]	f8f4fa8e49	Bump the npm_and_yarn group across 1 directory with 8 updates (#522 ) Bumps the npm_and_yarn group with 8 updates in the /web directory: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [uuid](https://github.com/uuidjs/uuid) \| `11.1.0` \| `14.0.0` \| \| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) \| `7.3.1` \| `7.3.2` \| \| [minimatch](https://github.com/isaacs/minimatch) \| `3.1.3` \| `3.1.5` \| \| [devalue](https://github.com/sveltejs/devalue) \| `5.6.3` \| `5.8.0` \| \| [effect](https://github.com/Effect-TS/effect/tree/HEAD/packages/effect) \| `3.19.19` \| `3.21.2` \| \| [flatted](https://github.com/WebReflection/flatted) \| `3.3.3` \| `3.4.2` \| \| [picomatch](https://github.com/micromatch/picomatch) \| `4.0.3` \| `4.0.4` \| \| [postcss](https://github.com/postcss/postcss) \| `8.5.6` \| `8.5.13` \| Updates `uuid` from 11.1.0 to 14.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/uuidjs/uuid/releases">uuid's releases</a>.</em></p> <blockquote> <h2>v14.0.0</h2> <h2><a href="https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0">14.0.0</a> (2026-04-19)</h2> <h3>⚠ BREAKING CHANGES</h3> <ul> <li>expect <code>crypto</code> to be global everywhere (requires node@20+) (<a href="https://redirect.github.com/uuidjs/uuid/issues/935">#935</a>)</li> <li>drop node@18 support (<a href="https://redirect.github.com/uuidjs/uuid/issues/934">#934</a>)</li> </ul> <h3>Features</h3> <ul> <li>drop node@18 support (<a href="https://redirect.github.com/uuidjs/uuid/issues/934">#934</a>) (<a href="`dc4ddb8727`">dc4ddb8</a>)</li> </ul> <h3>Bug Fixes</h3> <ul> <li>expect <code>crypto</code> to be global everywhere (requires node@20+) (<a href="https://redirect.github.com/uuidjs/uuid/issues/935">#935</a>) (<a href="`f2c235f930`">f2c235f</a>)</li> <li>Use GITHUB_TOKEN for release-please and enable npm provenance (<a href="https://redirect.github.com/uuidjs/uuid/issues/925">#925</a>) (<a href="`ffa31383e8`">ffa3138</a>)</li> </ul> <h2>v13.0.1</h2> <h2><a href="https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1">13.0.1</a> (2026-04-27)</h2> <h3>Bug Fixes</h3> <ul> <li>backport fix for GHSA-w5hq-g745-h8pq (<a href="`9d27ddf704`">9d27ddf</a>)</li> </ul> <h2>v13.0.0</h2> <h2><a href="https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0">13.0.0</a> (2025-09-08)</h2> <h3>⚠ BREAKING CHANGES</h3> <ul> <li>make browser exports the default (<a href="https://redirect.github.com/uuidjs/uuid/issues/901">#901</a>)</li> </ul> <h3>Bug Fixes</h3> <ul> <li>make browser exports the default (<a href="https://redirect.github.com/uuidjs/uuid/issues/901">#901</a>) (<a href="`bce9d72a3a`">bce9d72</a>)</li> </ul> <h2>v12.0.1</h2> <h2><a href="https://github.com/uuidjs/uuid/compare/v12.0.0...v12.0.1">12.0.1</a> (2026-04-29)</h2> <h3>Bug Fixes</h3> <ul> <li>backport fix for GHSA-w5hq-g745-h8pq (<a href="`3d61d6ac1f`">3d61d6a</a>)</li> </ul> <h2>v12.0.0</h2> <h2><a href="https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0">12.0.0</a> (2025-09-05)</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md">uuid's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0">14.0.0</a> (2026-04-19)</h2> <h3>Security</h3> <ul> <li>Fixes <a href="https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq">GHSA-w5hq-g745-h8pq</a>: <code>v3()</code>, <code>v5()</code>, and <code>v6()</code> did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid <code>offset</code> was provided. A <code>RangeError</code> is now thrown if <code>offset < 0</code> or <code>offset + 16 > buf.length</code>.</li> </ul> <h3>⚠ BREAKING CHANGES</h3> <ul> <li><code>crypto</code> is now expected to be globally defined (requires node@20+) (<a href="https://redirect.github.com/uuidjs/uuid/issues/935">#935</a>)</li> <li>drop node@18 support (<a href="https://redirect.github.com/uuidjs/uuid/issues/934">#934</a>)</li> <li>upgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years</li> </ul> <h2><a href="https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0">13.0.0</a> (2025-09-08)</h2> <h3>⚠ BREAKING CHANGES</h3> <ul> <li>make browser exports the default (<a href="https://redirect.github.com/uuidjs/uuid/issues/901">#901</a>)</li> </ul> <h3>Bug Fixes</h3> <ul> <li>make browser exports the default (<a href="https://redirect.github.com/uuidjs/uuid/issues/901">#901</a>) (<a href="`bce9d72a3a`">bce9d72</a>)</li> </ul> <h2><a href="https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0">12.0.0</a> (2025-09-05)</h2> <h3>⚠ BREAKING CHANGES</h3> <ul> <li>update to typescript@5.2 (<a href="https://redirect.github.com/uuidjs/uuid/issues/887">#887</a>)</li> <li>remove CommonJS support (<a href="https://redirect.github.com/uuidjs/uuid/issues/886">#886</a>)</li> <li>drop node@16 support (<a href="https://redirect.github.com/uuidjs/uuid/issues/883">#883</a>)</li> </ul> <h3>Features</h3> <ul> <li>add node@24 to ci matrix (<a href="https://redirect.github.com/uuidjs/uuid/issues/879">#879</a>) (<a href="`42b6178aa2`">42b6178</a>)</li> <li>drop node@16 support (<a href="https://redirect.github.com/uuidjs/uuid/issues/883">#883</a>) (<a href="`0f38cf1036`">0f38cf1</a>)</li> <li>remove CommonJS support (<a href="https://redirect.github.com/uuidjs/uuid/issues/886">#886</a>) (<a href="`ae786e2726`">ae786e2</a>)</li> <li>update to typescript@5.2 (<a href="https://redirect.github.com/uuidjs/uuid/issues/887">#887</a>) (<a href="`c7ee40598e`">c7ee405</a>)</li> </ul> <h3>Bug Fixes</h3> <ul> <li>improve v4() performance (<a href="https://redirect.github.com/uuidjs/uuid/issues/894">#894</a>) (<a href="`5fd974c127`">5fd974c</a>)</li> <li>restore node: prefix (<a href="https://redirect.github.com/uuidjs/uuid/issues/889">#889</a>) (<a href="`e1f42a3545`">e1f42a3</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`7c1ea087a8`"><code>7c1ea08</code></a> chore(main): release 14.0.0 (<a href="https://redirect.github.com/uuidjs/uuid/issues/926">#926</a>)</li> <li><a href="`3d2c5b0342`"><code>3d2c5b0</code></a> Merge commit from fork</li> <li><a href="`f2c235f930`"><code>f2c235f</code></a> fix!: expect <code>crypto</code> to be global everywhere (requires node@20+) (<a href="https://redirect.github.com/uuidjs/uuid/issues/935">#935</a>)</li> <li><a href="`529ef0899f`"><code>529ef08</code></a> chore: upgrade TypeScript and fixup types (<a href="https://redirect.github.com/uuidjs/uuid/issues/927">#927</a>)</li> <li><a href="`086fd7976f`"><code>086fd79</code></a> chore: update dependencies (<a href="https://redirect.github.com/uuidjs/uuid/issues/933">#933</a>)</li> <li><a href="`dc4ddb8727`"><code>dc4ddb8</code></a> feat!: drop node@18 support (<a href="https://redirect.github.com/uuidjs/uuid/issues/934">#934</a>)</li> <li><a href="`0f1f9c9c9c`"><code>0f1f9c9</code></a> chore: switch to Biome for parsing and linting (<a href="https://redirect.github.com/uuidjs/uuid/issues/932">#932</a>)</li> <li><a href="`e2879e64bf`"><code>e2879e6</code></a> chore: use maintained version of npm-run-all (<a href="https://redirect.github.com/uuidjs/uuid/issues/930">#930</a>)</li> <li><a href="`ffa31383e8`"><code>ffa3138</code></a> fix: Use GITHUB_TOKEN for release-please and enable npm provenance (<a href="https://redirect.github.com/uuidjs/uuid/issues/925">#925</a>)</li> <li><a href="`0423d49df2`"><code>0423d49</code></a> docs: remove obsolete v1 option notes (<a href="https://redirect.github.com/uuidjs/uuid/issues/915">#915</a>)</li> <li>Additional commits viewable in <a href="https://github.com/uuidjs/uuid/compare/v11.1.0...v14.0.0">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~GitHub%20Actions">GitHub Actions</a>, a new releaser for uuid since your current version.</p> </details> <br /> Updates `vite` from 7.3.1 to 7.3.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/vitejs/vite/releases">vite's releases</a>.</em></p> <blockquote> <h2>v7.3.2</h2> <p>Please refer to <a href="https://github.com/vitejs/vite/blob/v7.3.2/packages/vite/CHANGELOG.md">CHANGELOG.md</a> for details.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/vitejs/vite/blob/v7.3.2/packages/vite/CHANGELOG.md">vite's changelog</a>.</em></p> <blockquote> <h2><!-- raw HTML omitted --><a href="https://github.com/vitejs/vite/compare/v7.3.1...v7.3.2">7.3.2</a> (2026-04-06)<!-- raw HTML omitted --></h2> <h3>Bug Fixes</h3> <ul> <li>avoid path traversal with optimize deps sourcemap handler (<a href="https://redirect.github.com/vitejs/vite/issues/22161">#22161</a>) (<a href="`09d8c903bd`">09d8c90</a>)</li> <li>backport <a href="https://redirect.github.com/vitejs/vite/issues/22159">#22159</a>, apply server.fs check to env transport (<a href="https://redirect.github.com/vitejs/vite/issues/22162">#22162</a>) (<a href="`19db0f29c3`">19db0f2</a>)</li> <li>check <code>server.fs</code> after stripping query as well (<a href="https://redirect.github.com/vitejs/vite/issues/22160">#22160</a>) (<a href="`f8103cc946`">f8103cc</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`cc383e07b6`"><code>cc383e0</code></a> release: v7.3.2</li> <li><a href="`09d8c903bd`"><code>09d8c90</code></a> fix: avoid path traversal with optimize deps sourcemap handler (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161">#22161</a>)</li> <li><a href="`f8103cc946`"><code>f8103cc</code></a> fix: check <code>server.fs</code> after stripping query as well (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22160">#22160</a>)</li> <li><a href="`19db0f29c3`"><code>19db0f2</code></a> fix: backport <a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159">#22159</a>, apply server.fs check to env transport (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22162">#22162</a>)</li> <li>See full diff in <a href="https://github.com/vitejs/vite/commits/v7.3.2/packages/vite">compare view</a></li> </ul> </details> <br /> Updates `minimatch` from 3.1.3 to 3.1.5 <details> <summary>Commits</summary> <ul> <li><a href="`7bba97888a`"><code>7bba978</code></a> 3.1.5</li> <li><a href="`bd259425b2`"><code>bd25942</code></a> docs: add warning about ReDoS</li> <li><a href="`1a9c27c757`"><code>1a9c27c</code></a> fix partial matching of globstar patterns</li> <li><a href="`1a2e084af5`"><code>1a2e084</code></a> 3.1.4</li> <li><a href="`ae24656237`"><code>ae24656</code></a> update lockfile</li> <li><a href="`b100374922`"><code>b100374</code></a> limit recursion for *, improve perf considerably</li> <li><a href="`26ffeaa091`"><code>26ffeaa</code></a> lockfile update</li> <li><a href="`9eca892a4e`"><code>9eca892</code></a> lock node version to 14</li> <li>See full diff in <a href="https://github.com/isaacs/minimatch/compare/v3.1.3...v3.1.5">compare view</a></li> </ul> </details> <br /> Updates `devalue` from 5.6.3 to 5.8.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sveltejs/devalue/releases">devalue's releases</a>.</em></p> <blockquote> <h2>v5.8.0</h2> <h3>Minor Changes</h3> <ul> <li>c5115b0: feat: add <code>stringifyAsync</code> for async serialization</li> </ul> <h2>v5.7.1</h2> <h3>Patch Changes</h3> <ul> <li>8becc7c: fix: handle regexes consistently in uneval's value and reference formats</li> </ul> <h2>v5.7.0</h2> <h3>Minor Changes</h3> <ul> <li>df2e284: feat: use native alternatives to encode/decode base64</li> <li>498656e: feat: add <code>DataView</code> support</li> <li>a210130: feat: whitelist <code>Float16Array</code></li> <li>df2e284: feat: simplify TypedArray slices</li> </ul> <h3>Patch Changes</h3> <ul> <li>5590634: fix: get <code>uneval</code> type handling up to parity with <code>stringify</code></li> <li>57f73fc: fix: correctly support boxed bigints and sentinel values</li> </ul> <h2>v5.6.4</h2> <h3>Patch Changes</h3> <ul> <li> <p>87c1f3c: fix: reject <code>__proto__</code> keys in malformed <code>Object</code> wrapper payloads</p> <p>This validates the <code>"Object"</code> parse path and throws when the wrapped value has an own <code>__proto__</code> key.</p> </li> <li> <p>40f1db1: fix: ensure sparse array indices are integers</p> </li> <li> <p>87c1f3c: fix: disallow <code>__proto__</code> keys in null-prototype object parsing</p> <p>This disallows <code>__proto__</code> keys in the <code>"null"</code> parse path so null-prototype object hydration cannot carry that key through parse/unflatten.</p> </li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/sveltejs/devalue/blob/main/CHANGELOG.md">devalue's changelog</a>.</em></p> <blockquote> <h2>5.8.0</h2> <h3>Minor Changes</h3> <ul> <li>c5115b0: feat: add <code>stringifyAsync</code> for async serialization</li> </ul> <h2>5.7.1</h2> <h3>Patch Changes</h3> <ul> <li>8becc7c: fix: handle regexes consistently in uneval's value and reference formats</li> </ul> <h2>5.7.0</h2> <h3>Minor Changes</h3> <ul> <li>df2e284: feat: use native alternatives to encode/decode base64</li> <li>498656e: feat: add <code>DataView</code> support</li> <li>a210130: feat: whitelist <code>Float16Array</code></li> <li>df2e284: feat: simplify TypedArray slices</li> </ul> <h3>Patch Changes</h3> <ul> <li>5590634: fix: get <code>uneval</code> type handling up to parity with <code>stringify</code></li> <li>57f73fc: fix: correctly support boxed bigints and sentinel values</li> </ul> <h2>5.6.4</h2> <h3>Patch Changes</h3> <ul> <li> <p>87c1f3c: fix: reject <code>__proto__</code> keys in malformed <code>Object</code> wrapper payloads</p> <p>This validates the <code>"Object"</code> parse path and throws when the wrapped value has an own <code>__proto__</code> key.</p> </li> <li> <p>40f1db1: fix: ensure sparse array indices are integers</p> </li> <li> <p>87c1f3c: fix: disallow <code>__proto__</code> keys in null-prototype object parsing</p> <p>This disallows <code>__proto__</code> keys in the <code>"null"</code> parse path so null-prototype object hydration cannot carry that key through parse/unflatten.</p> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`14933f78ff`"><code>14933f7</code></a> Version Packages (<a href="https://redirect.github.com/sveltejs/devalue/issues/151">#151</a>)</li> <li><a href="`c5115b0074`"><code>c5115b0</code></a> feat: <code>stringifyAsync</code> (<a href="https://redirect.github.com/sveltejs/devalue/issues/150">#150</a>)</li> <li><a href="`67dad450b5`"><code>67dad45</code></a> docs: update README to reflect serialization stability non-goal (<a href="https://redirect.github.com/sveltejs/devalue/issues/147">#147</a>)</li> <li><a href="`6eb920a7db`"><code>6eb920a</code></a> Version Packages (<a href="https://redirect.github.com/sveltejs/devalue/issues/146">#146</a>)</li> <li><a href="`8becc7c436`"><code>8becc7c</code></a> fix: handle regexes consistently in uneval's value and reference formats (<a href="https://redirect.github.com/sveltejs/devalue/issues/145">#145</a>)</li> <li><a href="`2eee2e435e`"><code>2eee2e4</code></a> Version Packages (<a href="https://redirect.github.com/sveltejs/devalue/issues/144">#144</a>)</li> <li><a href="`498656e75d`"><code>498656e</code></a> DataView support (<a href="https://redirect.github.com/sveltejs/devalue/issues/143">#143</a>)</li> <li><a href="`5590634db5`"><code>5590634</code></a> Improve platform types support (<a href="https://redirect.github.com/sveltejs/devalue/issues/142">#142</a>)</li> <li><a href="`57f73fc513`"><code>57f73fc</code></a> fix: support boxed <code>bigint</code>s and sentinel values (<a href="https://redirect.github.com/sveltejs/devalue/issues/141">#141</a>)</li> <li><a href="`baec4cbcf1`"><code>baec4cb</code></a> Add prettier configuration (<a href="https://redirect.github.com/sveltejs/devalue/issues/140">#140</a>)</li> <li>Additional commits viewable in <a href="https://github.com/sveltejs/devalue/compare/v5.6.3...v5.8.0">compare view</a></li> </ul> </details> <br /> Updates `effect` from 3.19.19 to 3.21.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/Effect-TS/effect/releases">effect's releases</a>.</em></p> <blockquote> <h2>effect@3.21.2</h2> <h3>Patch Changes</h3> <ul> <li><a href="https://redirect.github.com/Effect-TS/effect/pull/6194">#6194</a> <a href="`74f3267a6c`"><code>74f3267</code></a> Thanks <a href="https://github.com/mikearnaldi"><code>@mikearnaldi</code></a>! - Fix <code>TestClock.unsafeCurrentTimeNanos()</code> to floor fractional millisecond instants before converting them to <code>BigInt</code>.</li> </ul> <h2>effect@3.21.1</h2> <h3>Patch Changes</h3> <ul> <li> <p><a href="https://redirect.github.com/Effect-TS/effect/pull/6139">#6139</a> <a href="`f99048e9f4`"><code>f99048e</code></a> Thanks <a href="https://github.com/marbemac"><code>@marbemac</code></a>! - Fix batched request resolver defects causing consumer fibers to hang forever.</p> <p>When a <code>RequestResolver.makeBatched</code> resolver died with a defect, the request <code>Deferred</code>s were never completed because the cleanup logic in <code>invokeWithInterrupt</code> used <code>flatMap</code> (which only runs on success). Changed to <code>ensuring</code> so uncompleted request entries are always resolved regardless of exit type.</p> </li> </ul> <h2>effect@3.21.0</h2> <h3>Minor Changes</h3> <ul> <li> <p><a href="https://redirect.github.com/Effect-TS/effect/pull/5780">#5780</a> <a href="`f7bb09b022`"><code>f7bb09b</code></a> Thanks <a href="https://github.com/kitlangton"><code>@kitlangton</code></a>! - Add <code>Cron.prev</code> and reverse iteration support, aligning next/prev lookup tables, fixing DST handling symmetry, and expanding cron backward/forward test coverage.</p> </li> <li> <p><a href="https://redirect.github.com/Effect-TS/effect/pull/5780">#5780</a> <a href="`bd7552a19c`"><code>bd7552a</code></a> Thanks <a href="https://github.com/mattiamanzati"><code>@mattiamanzati</code></a>! - Add type-level utils to asserting layer types</p> </li> <li> <p><a href="https://redirect.github.com/Effect-TS/effect/pull/5780">#5780</a> <a href="`ad1a7eb7f6`"><code>ad1a7eb</code></a> Thanks <a href="https://github.com/schickling"><code>@schickling</code></a>! - RcMap: support dynamic <code>idleTimeToLive</code> values per key</p> <p>The <code>idleTimeToLive</code> option can now be a function that receives the key and returns a duration, allowing different TTL values for different resources.</p> <pre lang="ts"><code>const map = yield RcMap.make({ lookup: (key: string) => acquireResource(key), idleTimeToLive: (key: string) => { if (key.startsWith("premium:")) return Duration.minutes(10) return Duration.minutes(1) } }) </code></pre> </li> <li> <p><a href="https://redirect.github.com/Effect-TS/effect/pull/5780">#5780</a> <a href="`0d32048f98`"><code>0d32048</code></a> Thanks <a href="https://github.com/mikearnaldi"><code>@mikearnaldi</code></a>! - Fix annotateCurrentSpan, add Effect.currentPropagatedSpan</p> </li> </ul> <h3>Patch Changes</h3> <ul> <li> <p><a href="https://redirect.github.com/Effect-TS/effect/pull/5780">#5780</a> <a href="`0d32048f98`"><code>0d32048</code></a> Thanks <a href="https://github.com/mikearnaldi"><code>@mikearnaldi</code></a>! - Add logs to first propagated span, in the following case before this fix the log would not be added to the <code>p</code> span because <code>Effect.fn</code> adds a fake span for the purpose of adding a stack frame.</p> <pre lang="ts"><code>import { Effect } from "effect" <p>const f = Effect.fn(function* () {<br /> yield* Effect.logWarning("FooBar")<br /> return yield* Effect.fail("Oops")<br /> })</p> <p>const p = f().pipe(Effect.withSpan("p"))<br /> </code></pre></p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Effect-TS/effect/blob/main/packages/effect/CHANGELOG.md">effect's changelog</a>.</em></p> <blockquote> <h2>3.21.2</h2> <h3>Patch Changes</h3> <ul> <li><a href="https://redirect.github.com/Effect-TS/effect/pull/6194">#6194</a> <a href="`74f3267a6c`"><code>74f3267</code></a> Thanks <a href="https://github.com/mikearnaldi"><code>@mikearnaldi</code></a>! - Fix <code>TestClock.unsafeCurrentTimeNanos()</code> to floor fractional millisecond instants before converting them to <code>BigInt</code>.</li> </ul> <h2>3.21.1</h2> <h3>Patch Changes</h3> <ul> <li> <p><a href="https://redirect.github.com/Effect-TS/effect/pull/6139">#6139</a> <a href="`f99048e9f4`"><code>f99048e</code></a> Thanks <a href="https://github.com/marbemac"><code>@marbemac</code></a>! - Fix batched request resolver defects causing consumer fibers to hang forever.</p> <p>When a <code>RequestResolver.makeBatched</code> resolver died with a defect, the request <code>Deferred</code>s were never completed because the cleanup logic in <code>invokeWithInterrupt</code> used <code>flatMap</code> (which only runs on success). Changed to <code>ensuring</code> so uncompleted request entries are always resolved regardless of exit type.</p> </li> </ul> <h2>3.21.0</h2> <h3>Minor Changes</h3> <ul> <li> <p><a href="https://redirect.github.com/Effect-TS/effect/pull/5780">#5780</a> <a href="`f7bb09b022`"><code>f7bb09b</code></a> Thanks <a href="https://github.com/kitlangton"><code>@kitlangton</code></a>! - Add <code>Cron.prev</code> and reverse iteration support, aligning next/prev lookup tables, fixing DST handling symmetry, and expanding cron backward/forward test coverage.</p> </li> <li> <p><a href="https://redirect.github.com/Effect-TS/effect/pull/5780">#5780</a> <a href="`bd7552a19c`"><code>bd7552a</code></a> Thanks <a href="https://github.com/mattiamanzati"><code>@mattiamanzati</code></a>! - Add type-level utils to asserting layer types</p> </li> <li> <p><a href="https://redirect.github.com/Effect-TS/effect/pull/5780">#5780</a> <a href="`ad1a7eb7f6`"><code>ad1a7eb</code></a> Thanks <a href="https://github.com/schickling"><code>@schickling</code></a>! - RcMap: support dynamic <code>idleTimeToLive</code> values per key</p> <p>The <code>idleTimeToLive</code> option can now be a function that receives the key and returns a duration, allowing different TTL values for different resources.</p> <pre lang="ts"><code>const map = yield * RcMap.make({ lookup: (key: string) => acquireResource(key), idleTimeToLive: (key: string) => { if (key.startsWith("premium:")) return Duration.minutes(10) return Duration.minutes(1) } }) </code></pre> </li> <li> <p><a href="https://redirect.github.com/Effect-TS/effect/pull/5780">#5780</a> <a href="`0d32048f98`"><code>0d32048</code></a> Thanks <a href="https://github.com/mikearnaldi"><code>@mikearnaldi</code></a>! - Fix annotateCurrentSpan, add Effect.currentPropagatedSpan</p> </li> </ul> <h3>Patch Changes</h3> <ul> <li> <p><a href="https://redirect.github.com/Effect-TS/effect/pull/5780">#5780</a> <a href="`0d32048f98`"><code>0d32048</code></a> Thanks <a href="https://github.com/mikearnaldi"><code>@mikearnaldi</code></a>! - Add logs to first propagated span, in the following case before this fix the log would not be added to the <code>p</code> span because <code>Effect.fn</code> adds a fake span for the purpose of adding a stack frame.</p> <pre lang="ts"><code>import { Effect } from "effect" <p>const f = Effect.fn(function* () {<br /> yield* Effect.logWarning("FooBar")<br /> return yield* Effect.fail("Oops")<br /> </code></pre></p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="`39c934c147`"><code>39c934c</code></a> Version Packages (<a href="https://github.com/Effect-TS/effect/tree/HEAD/packages/effect/issues/6195">#6195</a>)</li> <li><a href="`74f3267a6c`"><code>74f3267</code></a> fix: floor TestClock nanoseconds before BigInt conversion (<a href="https://github.com/Effect-TS/effect/tree/HEAD/packages/effect/issues/6194">#6194</a>)</li> <li><a href="`cc0c40a2fe`"><code>cc0c40a</code></a> Version Packages (<a href="https://github.com/Effect-TS/effect/tree/HEAD/packages/effect/issues/6142">#6142</a>)</li> <li><a href="`f99048e9f4`"><code>f99048e</code></a> fix: resolve batched request resolver defects hanging consumer fibers (<a href="https://github.com/Effect-TS/effect/tree/HEAD/packages/effect/issues/6139">#6139</a>)</li> <li><a href="`6e3782af7a`"><code>6e3782a</code></a> Version Packages (<a href="https://github.com/Effect-TS/effect/tree/HEAD/packages/effect/issues/6135">#6135</a>)</li> <li><a href="`f7bb09b022`"><code>f7bb09b</code></a> Add Cron.prev reverse iteration support (<a href="https://github.com/Effect-TS/effect/tree/HEAD/packages/effect/issues/5786">#5786</a>)</li> <li><a href="`bd7552a19c`"><code>bd7552a</code></a> Add type-level utils to asserting layer types (<a href="https://github.com/Effect-TS/effect/tree/HEAD/packages/effect/issues/5920">#5920</a>)</li> <li><a href="`ad1a7eb7f6`"><code>ad1a7eb</code></a> RcMap: support dynamic idleTimeToLive values per key (<a href="https://github.com/Effect-TS/effect/tree/HEAD/packages/effect/issues/5859">#5859</a>)</li> <li><a href="`0d32048f98`"><code>0d32048</code></a> Add logs to first propagated span (<a href="https://github.com/Effect-TS/effect/tree/HEAD/packages/effect/issues/5710">#5710</a>)</li> <li><a href="`37a8af53e3`"><code>37a8af5</code></a> Version Packages (<a href="https://github.com/Effect-TS/effect/tree/HEAD/packages/effect/issues/6134">#6134</a>)</li> <li>Additional commits viewable in <a href="https://github.com/Effect-TS/effect/commits/effect@3.21.2/packages/effect">compare view</a></li> </ul> </details> <br /> Updates `flatted` from 3.3.3 to 3.4.2 <details> <summary>Commits</summary> <ul> <li><a href="`3bf09091c3`"><code>3bf0909</code></a> 3.4.2</li> <li><a href="`885ddcc33c`"><code>885ddcc</code></a> fix CWE-1321</li> <li><a href="`0bdba705d1`"><code>0bdba70</code></a> added flatted-view to the benchmark</li> <li><a href="`2a02dce7c6`"><code>2a02dce</code></a> 3.4.1</li> <li><a href="`fba4e8f2e1`"><code>fba4e8f</code></a> Merge pull request <a href="https://redirect.github.com/WebReflection/flatted/issues/89">#89</a> from WebReflection/python-fix</li> <li><a href="`5fe86485e6`"><code>5fe8648</code></a> added "when in Rome" also a test for PHP</li> <li><a href="`53517adbef`"><code>53517ad</code></a> some minor improvement</li> <li><a href="`b3e2a0c387`"><code>b3e2a0c</code></a> Fixing recursion issue in Python too</li> <li><a href="`c4b46dbcbf`"><code>c4b46db</code></a> Add SECURITY.md for security policy and reporting</li> <li><a href="`f86d071e0f`"><code>f86d071</code></a> Create dependabot.yml for version updates</li> <li>Additional commits viewable in <a href="https://github.com/WebReflection/flatted/compare/v3.3.3...v3.4.2">compare view</a></li> </ul> </details> <br /> Updates `picomatch` from 4.0.3 to 4.0.4 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/micromatch/picomatch/releases">picomatch's releases</a>.</em></p> <blockquote> <h2>4.0.4</h2> <p>This is a security release fixing several security relevant issues.</p> <h2>What's Changed</h2> <ul> <li>Fix for <a href="https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj">CVE-2026-33671</a></li> <li>Fix for <a href="https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p">CVE-2026-33672</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/micromatch/picomatch/compare/4.0.3...4.0.4">https://github.com/micromatch/picomatch/compare/4.0.3...4.0.4</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`e5474fc1a4`"><code>e5474fc</code></a> Publish 4.0.4</li> <li><a href="`4516eb521f`"><code>4516eb5</code></a> Merge commit from fork</li> <li><a href="`5eceecd275`"><code>5eceecd</code></a> Merge commit from fork</li> <li><a href="`0db7dd7065`"><code>0db7dd7</code></a> Run benchmark again against latest minimatch version (<a href="https://redirect.github.com/micromatch/picomatch/issues/161">#161</a>)</li> <li><a href="`95003777eb`"><code>9500377</code></a> docs: clarify what brace expansion syntax is and isn't supported (<a href="https://redirect.github.com/micromatch/picomatch/issues/134">#134</a>)</li> <li><a href="`2661f23eca`"><code>2661f23</code></a> fix typo in globstars.js test name (<a href="https://redirect.github.com/micromatch/picomatch/issues/138">#138</a>)</li> <li><a href="`1798b07e9d`"><code>1798b07</code></a> docs: fix <code>makeRe</code> example (<a href="https://redirect.github.com/micromatch/picomatch/issues/143">#143</a>)</li> <li><a href="`9d76bc57a0`"><code>9d76bc5</code></a> chore: undocument removed options (<a href="https://redirect.github.com/micromatch/picomatch/issues/146">#146</a>)</li> <li><a href="`e4d718bbfb`"><code>e4d718b</code></a> Remove unused time-require (<a href="https://redirect.github.com/micromatch/picomatch/issues/160">#160</a>)</li> <li><a href="`38dffeb162`"><code>38dffeb</code></a> chore(deps): pin dependencies (<a href="https://redirect.github.com/micromatch/picomatch/issues/158">#158</a>)</li> <li>Additional commits viewable in <a href="https://github.com/micromatch/picomatch/compare/4.0.3...4.0.4">compare view</a></li> </ul> </details> <br /> Updates `postcss` from 8.5.6 to 8.5.13 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/postcss/postcss/releases">postcss's releases</a>.</em></p> <blockquote> <h2>8.5.13</h2> <ul> <li>Fixed <code>postcss-scss</code> commend regression.</li> </ul> <h2>8.5.12</h2> <ul> <li>Fixed reading any file via user-generated CSS.</li> <li>Added <code>opts.unsafeMap</code> to disable checks.</li> </ul> <h2>8.5.11</h2> <ul> <li>Fixed nested brackets parsing performance (by <a href="https://github.com/offset"><code>@offset</code></a>).</li> </ul> <h2>8.5.10</h2> <ul> <li>Fixed XSS via unescaped <code></style></code> in non-bundler cases (by <a href="https://github.com/TharVid"><code>@TharVid</code></a>).</li> </ul> <h2>8.5.9</h2> <ul> <li>Speed up source map encoding paring in case of the error.</li> </ul> <h2>8.5.8</h2> <ul> <li>Fixed <code>Processor#version</code>.</li> </ul> <h2>8.5.7</h2> <ul> <li>Improved source map annotation cleaning performance (by CodeAnt AI).</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/postcss/postcss/blob/main/CHANGELOG.md">postcss's changelog</a>.</em></p> <blockquote> <h2>8.5.13</h2> <ul> <li>Fixed <code>postcss-scss</code> commend regression.</li> </ul> <h2>8.5.12</h2> <ul> <li>Fixed reading any file via user-generated CSS.</li> <li>Added <code>opts.unsafeMap</code> to disable checks.</li> </ul> <h2>8.5.11</h2> <ul> <li>Fixed nested brackets parsing performance (by <a href="https://github.com/offset"><code>@offset</code></a>).</li> </ul> <h2>8.5.10</h2> <ul> <li>Fixed XSS via unescaped <code></style></code> in non-bundler cases (by <a href="https://github.com/TharVid"><code>@TharVid</code></a>).</li> </ul> <h2>8.5.9</h2> <ul> <li>Speed up source map encoding paring in case of the error.</li> </ul> <h2>8.5.8</h2> <ul> <li>Fixed <code>Processor#version</code>.</li> </ul> <h2>8.5.7</h2> <ul> <li>Improved source map annotation cleaning performance (by CodeAnt AI).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`af58cf1b7a`"><code>af58cf1</code></a> Release 8.5.13 version</li> <li><a href="`f227dbd0e9`"><code>f227dbd</code></a> Temporary ignore pnpm 11 config</li> <li><a href="`d3abd40d72`"><code>d3abd40</code></a> Update dependencies</li> <li><a href="`dd06c3e113`"><code>dd06c3e</code></a> Revert stringifier changes because of the conflict with postcss-scss</li> <li><a href="`ae889c815f`"><code>ae889c8</code></a> Try to fix CI</li> <li><a href="`e0093e49bc`"><code>e0093e4</code></a> Move to pnpm 11</li> <li><a href="`9bc81c48f0`"><code>9bc81c4</code></a> Release 8.5.12 version</li> <li><a href="`85c4d7dab8`"><code>85c4d7d</code></a> Another try to fix coverage</li> <li><a href="`94484cae6d`"><code>94484ca</code></a> Try to fix coverage</li> <li><a href="`c64b7488d2`"><code>c64b748</code></a> Load only .map source maps</li> <li>Additional commits viewable in <a href="https://github.com/postcss/postcss/compare/8.5.6...8.5.13">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/maxdorninger/MediaManager/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-05-01 17:16:37 +02:00
dependabot[bot]	7b400f4f9c	Bump tailwind-variants from 0.2.1 to 3.2.2 in /web (#466 ) Bumps [tailwind-variants](https://github.com/heroui-inc/tailwind-variants) from 0.2.1 to 3.2.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/heroui-inc/tailwind-variants/releases">tailwind-variants's releases</a>.</em></p> <blockquote> <h2>v3.2.2</h2> <p><em>No significant changes</em></p> <h5> <a href="https://github.com/heroui-inc/tailwind-variants/compare/v3.2.1...v3.2.2">View changes on GitHub</a></h5> <h2>v3.2.1</h2> <h3> 🐞 Bug Fixes</h3> <ul> <li>Update cn function type and import cx from tailwind-variants/lite - by <a href="https://github.com/jrgarciadev"><code>@jrgarciadev</code></a> in <a href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/285">heroui-inc/tailwind-variants#285</a> <a href="https://github.com/heroui-inc/tailwind-variants/commit/3a3afce"><!-- raw HTML omitted -->(3a3af)<!-- raw HTML omitted --></a></li> </ul> <h5> <a href="https://github.com/heroui-inc/tailwind-variants/compare/v3.2.0...v3.2.1">View changes on GitHub</a></h5> <h2>v3.2.0</h2> <h3> 🚀 Features</h3> <ul> <li>Add cx function and refactor cn to use tailwind-merge - by <a href="https://github.com/jrgarciadev"><code>@jrgarciadev</code></a> in <a href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/278">heroui-inc/tailwind-variants#278</a> <a href="https://github.com/heroui-inc/tailwind-variants/commit/8ec5f6f"><!-- raw HTML omitted -->(8ec5f)<!-- raw HTML omitted --></a></li> </ul> <h3> 🐞 Bug Fixes</h3> <ul> <li>No longer minifyng the code - by <a href="https://github.com/jrgarciadev"><code>@jrgarciadev</code></a> in <a href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/282">heroui-inc/tailwind-variants#282</a> <a href="https://github.com/heroui-inc/tailwind-variants/commit/34c62f4"><!-- raw HTML omitted -->(34c62)<!-- raw HTML omitted --></a></li> <li>Make twMerge default to true in cn function - by <a href="https://github.com/jrgarciadev"><code>@jrgarciadev</code></a> in <a href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/283">heroui-inc/tailwind-variants#283</a> <a href="https://github.com/heroui-inc/tailwind-variants/commit/1659aa7"><!-- raw HTML omitted -->(1659a)<!-- raw HTML omitted --></a></li> <li>Export defaultConfig as value and remove responsiveVariants - by <a href="https://github.com/jrgarciadev"><code>@jrgarciadev</code></a> in <a href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/284">heroui-inc/tailwind-variants#284</a> <a href="https://github.com/heroui-inc/tailwind-variants/commit/65ee73c"><!-- raw HTML omitted -->(65ee7)<!-- raw HTML omitted --></a></li> </ul> <h5> <a href="https://github.com/heroui-inc/tailwind-variants/compare/v3.1.1...v3.2.0">View changes on GitHub</a></h5> <h2>v3.1.1</h2> <h3> 🐞 Bug Fixes</h3> <ul> <li>Use 'type' for type-only imports and specify file extensions - by <a href="https://github.com/tmkx"><code>@tmkx</code></a> in <a href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/272">heroui-inc/tailwind-variants#272</a> <a href="https://github.com/heroui-inc/tailwind-variants/commit/58aa71e"><!-- raw HTML omitted -->(58aa7)<!-- raw HTML omitted --></a></li> </ul> <h5> <a href="https://github.com/heroui-inc/tailwind-variants/compare/v3.1.0...v3.1.1">View changes on GitHub</a></h5> <h2>v3.1.0</h2> <h3> 🚀 Features</h3> <ul> <li>Export config types - by <a href="https://github.com/tianenpang"><code>@tianenpang</code></a> in <a href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/267">heroui-inc/tailwind-variants#267</a> <a href="https://github.com/heroui-inc/tailwind-variants/commit/5fd06fa"><!-- raw HTML omitted -->(5fd06)<!-- raw HTML omitted --></a></li> </ul> <h5> <a href="https://github.com/heroui-inc/tailwind-variants/compare/v3.0.0...v3.1.0">View changes on GitHub</a></h5> <h2>v3.0.0</h2> <h2>What's new?</h2> <h3> 🚀 Features</h3> <ul> <li>Split tv into original and lite versions - by <a href="https://github.com/tianenpang"><code>@tianenpang</code></a> in <a href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/264">heroui-inc/tailwind-variants#264</a> <a href="https://github.com/heroui-inc/tailwind-variants/commit/0eb65ba"><!-- raw HTML omitted -->(0eb65)<!-- raw HTML omitted --></a></li> </ul> <p>Resolves <a href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/262">heroui-inc/tailwind-variants#262</a>, resolves <a href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/259">heroui-inc/tailwind-variants#259</a>, resolves <a href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/258">heroui-inc/tailwind-variants#258</a>, resolves <a href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/246">heroui-inc/tailwind-variants#246</a></p> <h3>Problem with v2</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/heroui-inc/tailwind-variants/blob/main/CHANGELOG.md">tailwind-variants's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/heroui-inc/tailwind-variants/compare/v3.2.1...v3.2.2">3.2.2</a> (2025-11-22)</h2> <h2><a href="https://github.com/heroui-inc/tailwind-variants/compare/v3.2.0...v3.2.1">3.2.1</a> (2025-11-22)</h2> <h3>Bug Fixes</h3> <ul> <li>update cn function type and import cx from tailwind-variants/lite (<a href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/285">#285</a>) (<a href="`3a3afce788`">3a3afce</a>)</li> </ul> <h1><a href="https://github.com/heroui-inc/tailwind-variants/compare/v3.1.1...v3.2.0">3.2.0</a> (2025-11-22)</h1> <h3>Bug Fixes</h3> <ul> <li>export defaultConfig as value and remove responsiveVariants (<a href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/284">#284</a>) (<a href="`65ee73cc80`">65ee73c</a>)</li> <li>make twMerge default to true in cn function (<a href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/283">#283</a>) (<a href="`1659aa7acc`">1659aa7</a>)</li> <li>no longer minifyng the code (<a href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/282">#282</a>) (<a href="`34c62f48a7`">34c62f4</a>)</li> </ul> <h3>Features</h3> <ul> <li>add cx function and refactor cn to use tailwind-merge (<a href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/278">#278</a>) (<a href="`8ec5f6fbd0`">8ec5f6f</a>)</li> </ul> <h2><a href="https://github.com/heroui-inc/tailwind-variants/compare/v3.1.0...v3.1.1">3.1.1</a> (2025-09-08)</h2> <h3>Bug Fixes</h3> <ul> <li>use 'type' for type-only imports and specify file extensions (<a href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/272">#272</a>) (<a href="`58aa71eaf1`">58aa71e</a>)</li> </ul> <h1><a href="https://github.com/heroui-inc/tailwind-variants/compare/v3.0.0...v3.1.0">3.1.0</a> (2025-08-25)</h1> <h3>Features</h3> <ul> <li>export config types (<a href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/267">#267</a>) (<a href="`5fd06face1`">5fd06fa</a>)</li> </ul> <h1><a href="https://github.com/heroui-inc/tailwind-variants/compare/v2.1.0...v3.0.0">3.0.0</a> (2025-08-24)</h1> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="`fb6e0bfdeb`"><code>fb6e0bf</code></a> chore: release v3.2.2</li> <li><a href="`ee83f93b71`"><code>ee83f93</code></a> refactor: split cn into cn and cnMerge functions (<a href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/286">#286</a>)</li> <li><a href="`9c3a9371cc`"><code>9c3a937</code></a> chore: release v3.2.1</li> <li><a href="`3a3afce788`"><code>3a3afce</code></a> fix: update cn function type and import cx from tailwind-variants/lite (<a href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/285">#285</a>)</li> <li><a href="`c19f93d8ef`"><code>c19f93d</code></a> chore: release v3.2.0</li> <li><a href="`65ee73cc80`"><code>65ee73c</code></a> fix: export defaultConfig as value and remove responsiveVariants (<a href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/284">#284</a>)</li> <li><a href="`e531070d21`"><code>e531070</code></a> Merge branch 'main' of github.com:nextui-org/tailwind-variants</li> <li><a href="`a3c7505adf`"><code>a3c7505</code></a> refactor: simplify withFalsy array in benchmark.js</li> <li><a href="`1659aa7acc`"><code>1659aa7</code></a> fix: make twMerge default to true in cn function (<a href="https://redirect.github.com/heroui-inc/tailwind-variants/issues/283">#283</a>)</li> <li><a href="`d85ad99613`"><code>d85ad99</code></a> Merge branch 'main' of github.com:nextui-org/tailwind-variants</li> <li>Additional commits viewable in <a href="https://github.com/heroui-inc/tailwind-variants/compare/v0.2.1...v3.2.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tailwind-variants&package-manager=npm_and_yarn&previous-version=0.2.1&new-version=3.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> > Note > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-05-01 16:42:45 +02:00
dependabot[bot]	210ff4e2cb	Bump svelte from 5.53.2 to 5.53.6 in /web in the npm_and_yarn group across 1 directory (#476 ) Bumps the npm_and_yarn group with 1 update in the /web directory: [svelte](https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte). Updates `svelte` from 5.53.2 to 5.53.6 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sveltejs/svelte/releases">svelte's releases</a>.</em></p> <blockquote> <h2>svelte@5.53.6</h2> <h3>Patch Changes</h3> <ul> <li> <p>perf: optimize parser hot paths for faster compilation (<a href="https://redirect.github.com/sveltejs/svelte/pull/17811">#17811</a>)</p> </li> <li> <p>fix: <code>SvelteMap</code> incorrectly handles keys with <code>undefined</code> values (<a href="https://redirect.github.com/sveltejs/svelte/pull/17826">#17826</a>)</p> </li> <li> <p>fix: SvelteURL <code>search</code> setter now returns the normalized value, matching native URL behavior (<a href="https://redirect.github.com/sveltejs/svelte/pull/17828">#17828</a>)</p> </li> <li> <p>fix: visit synthetic value node during ssr (<a href="https://redirect.github.com/sveltejs/svelte/pull/17824">#17824</a>)</p> </li> <li> <p>fix: always case insensitive event handlers during ssr (<a href="https://redirect.github.com/sveltejs/svelte/pull/17822">#17822</a>)</p> </li> <li> <p>chore: more efficient effect scheduling (<a href="https://redirect.github.com/sveltejs/svelte/pull/17808">#17808</a>)</p> </li> <li> <p>perf: optimize compiler analysis phase (<a href="https://redirect.github.com/sveltejs/svelte/pull/17823">#17823</a>)</p> </li> <li> <p>fix: skip redundant batch.apply (<a href="https://redirect.github.com/sveltejs/svelte/pull/17816">#17816</a>)</p> </li> <li> <p>chore: null out current_batch before committing branches (<a href="https://redirect.github.com/sveltejs/svelte/pull/17809">#17809</a>)</p> </li> </ul> <h2>svelte@5.53.5</h2> <h3>Patch Changes</h3> <ul> <li> <p>fix: escape <code>innerText</code> and <code>textContent</code> bindings of <code>contenteditable</code> (<a href="`0df5abcae2`"><code>0df5abcae223058ceb95491470372065fb87951d</code></a>)</p> </li> <li> <p>fix: sanitize <code>transformError</code> values prior to embedding in HTML comments (<a href="`0298e97937`"><code>0298e979371bb583855c9810db79a70a551d22b9</code></a>)</p> </li> </ul> <h2>svelte@5.53.4</h2> <h3>Patch Changes</h3> <ul> <li> <p>fix: set server context after async transformError (<a href="https://redirect.github.com/sveltejs/svelte/pull/17799">#17799</a>)</p> </li> <li> <p>fix: hydrate if blocks correctly (<a href="https://redirect.github.com/sveltejs/svelte/pull/17784">#17784</a>)</p> </li> <li> <p>fix: handle default parameters scope leaks (<a href="https://redirect.github.com/sveltejs/svelte/pull/17788">#17788</a>)</p> </li> <li> <p>fix: prevent flushed effects from running again (<a href="https://redirect.github.com/sveltejs/svelte/pull/17787">#17787</a>)</p> </li> </ul> <h2>svelte@5.53.3</h2> <h3>Patch Changes</h3> <ul> <li> <p>fix: render <code>:catch</code> of <code>#await</code> block with correct key (<a href="https://redirect.github.com/sveltejs/svelte/pull/17769">#17769</a>)</p> </li> <li> <p>chore: pin aria-query@5.3.1 (<a href="https://redirect.github.com/sveltejs/svelte/pull/17772">#17772</a>)</p> </li> <li> <p>fix: make string coercion consistent to <code>toString</code> (<a href="https://redirect.github.com/sveltejs/svelte/pull/17774">#17774</a>)</p> </li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/sveltejs/svelte/blob/main/packages/svelte/CHANGELOG.md">svelte's changelog</a>.</em></p> <blockquote> <h2>5.53.6</h2> <h3>Patch Changes</h3> <ul> <li> <p>perf: optimize parser hot paths for faster compilation (<a href="https://redirect.github.com/sveltejs/svelte/pull/17811">#17811</a>)</p> </li> <li> <p>fix: <code>SvelteMap</code> incorrectly handles keys with <code>undefined</code> values (<a href="https://redirect.github.com/sveltejs/svelte/pull/17826">#17826</a>)</p> </li> <li> <p>fix: SvelteURL <code>search</code> setter now returns the normalized value, matching native URL behavior (<a href="https://redirect.github.com/sveltejs/svelte/pull/17828">#17828</a>)</p> </li> <li> <p>fix: visit synthetic value node during ssr (<a href="https://redirect.github.com/sveltejs/svelte/pull/17824">#17824</a>)</p> </li> <li> <p>fix: always case insensitive event handlers during ssr (<a href="https://redirect.github.com/sveltejs/svelte/pull/17822">#17822</a>)</p> </li> <li> <p>chore: more efficient effect scheduling (<a href="https://redirect.github.com/sveltejs/svelte/pull/17808">#17808</a>)</p> </li> <li> <p>perf: optimize compiler analysis phase (<a href="https://redirect.github.com/sveltejs/svelte/pull/17823">#17823</a>)</p> </li> <li> <p>fix: skip redundant batch.apply (<a href="https://redirect.github.com/sveltejs/svelte/pull/17816">#17816</a>)</p> </li> <li> <p>chore: null out current_batch before committing branches (<a href="https://redirect.github.com/sveltejs/svelte/pull/17809">#17809</a>)</p> </li> </ul> <h2>5.53.5</h2> <h3>Patch Changes</h3> <ul> <li> <p>fix: escape <code>innerText</code> and <code>textContent</code> bindings of <code>contenteditable</code> (<a href="`0df5abcae2`"><code>0df5abcae223058ceb95491470372065fb87951d</code></a>)</p> </li> <li> <p>fix: sanitize <code>transformError</code> values prior to embedding in HTML comments (<a href="`0298e97937`"><code>0298e979371bb583855c9810db79a70a551d22b9</code></a>)</p> </li> </ul> <h2>5.53.4</h2> <h3>Patch Changes</h3> <ul> <li> <p>fix: set server context after async transformError (<a href="https://redirect.github.com/sveltejs/svelte/pull/17799">#17799</a>)</p> </li> <li> <p>fix: hydrate if blocks correctly (<a href="https://redirect.github.com/sveltejs/svelte/pull/17784">#17784</a>)</p> </li> <li> <p>fix: handle default parameters scope leaks (<a href="https://redirect.github.com/sveltejs/svelte/pull/17788">#17788</a>)</p> </li> <li> <p>fix: prevent flushed effects from running again (<a href="https://redirect.github.com/sveltejs/svelte/pull/17787">#17787</a>)</p> </li> </ul> <h2>5.53.3</h2> <h3>Patch Changes</h3> <ul> <li> <p>fix: render <code>:catch</code> of <code>#await</code> block with correct key (<a href="https://redirect.github.com/sveltejs/svelte/pull/17769">#17769</a>)</p> </li> <li> <p>chore: pin aria-query@5.3.1 (<a href="https://redirect.github.com/sveltejs/svelte/pull/17772">#17772</a>)</p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="`d4c78292ed`"><code>d4c7829</code></a> Version Packages (<a href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17812">#17812</a>)</li> <li><a href="`361b32c7cd`"><code>361b32c</code></a> fix: SvelteURL search setter uses unnormalized value (<a href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17828">#17828</a>)</li> <li><a href="`1043f79d1e`"><code>1043f79</code></a> perf: optimize compiler analysis phase (<a href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17823">#17823</a>)</li> <li><a href="`b6faa2a905`"><code>b6faa2a</code></a> fix: always case insensitive event handlers during ssr (<a href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17822">#17822</a>)</li> <li><a href="`e3d277b000`"><code>e3d277b</code></a> fix: visit synthetic value node during ssr (<a href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17824">#17824</a>)</li> <li><a href="`18db0cab86`"><code>18db0ca</code></a> fix: SvelteMap incorrectly handles keys with <code>undefined</code> values (<a href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17826">#17826</a>)</li> <li><a href="`3fc4bc6774`"><code>3fc4bc6</code></a> chore: remove unused is_flushing variable (<a href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17820">#17820</a>)</li> <li><a href="`16a13517ef`"><code>16a1351</code></a> fix: skip redundant batch.apply (<a href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17816">#17816</a>)</li> <li><a href="`04ba134d33`"><code>04ba134</code></a> docs: flesh out <code>attribute_invalid_sequence_expression</code> message (<a href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17789">#17789</a>)</li> <li><a href="`fc67c9cfe9`"><code>fc67c9c</code></a> chore(deps-dev): bump rollup from 4.52.5 to 4.59.0 (<a href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17810">#17810</a>)</li> <li>Additional commits viewable in <a href="https://github.com/sveltejs/svelte/commits/svelte@5.53.6/packages/svelte">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=svelte&package-manager=npm_and_yarn&previous-version=5.53.2&new-version=5.53.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/maxdorninger/MediaManager/network/alerts). </details> > Note > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-05-01 16:42:06 +02:00
dependabot[bot]	bbbfb31113	Bump requests from 2.32.5 to 2.33.0 in /metadata_relay in the uv group across 1 directory (#505 ) Bumps the uv group with 1 update in the /metadata_relay directory: [requests](https://github.com/psf/requests). Updates `requests` from 2.32.5 to 2.33.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/psf/requests/releases">requests's releases</a>.</em></p> <blockquote> <h2>v2.33.0</h2> <h2>2.33.0 (2026-03-25)</h2> <p><strong>Announcements</strong></p> <ul> <li>📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at <a href="https://redirect.github.com/psf/requests/issues/7271">#7271</a>. Give it a try, and report any gaps or feedback you may have in the issue. 📣</li> </ul> <p><strong>Security</strong></p> <ul> <li>CVE-2026-25645 <code>requests.utils.extract_zipped_paths</code> now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.</li> </ul> <p><strong>Improvements</strong></p> <ul> <li>Migrated to a PEP 517 build system using setuptools. (<a href="https://redirect.github.com/psf/requests/issues/7012">#7012</a>)</li> </ul> <p><strong>Bugfixes</strong></p> <ul> <li>Fixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+. (<a href="https://redirect.github.com/psf/requests/issues/7205">#7205</a>)</li> </ul> <p><strong>Deprecations</strong></p> <ul> <li>Dropped support for Python 3.9 following its end of support. (<a href="https://redirect.github.com/psf/requests/issues/7196">#7196</a>)</li> </ul> <p><strong>Documentation</strong></p> <ul> <li>Various typo fixes and doc improvements.</li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/M0d3v1"><code>@M0d3v1</code></a> made their first contribution in <a href="https://redirect.github.com/psf/requests/pull/6865">psf/requests#6865</a></li> <li><a href="https://github.com/aminvakil"><code>@aminvakil</code></a> made their first contribution in <a href="https://redirect.github.com/psf/requests/pull/7220">psf/requests#7220</a></li> <li><a href="https://github.com/E8Price"><code>@E8Price</code></a> made their first contribution in <a href="https://redirect.github.com/psf/requests/pull/6960">psf/requests#6960</a></li> <li><a href="https://github.com/mitre88"><code>@mitre88</code></a> made their first contribution in <a href="https://redirect.github.com/psf/requests/pull/7244">psf/requests#7244</a></li> <li><a href="https://github.com/magsen"><code>@magsen</code></a> made their first contribution in <a href="https://redirect.github.com/psf/requests/pull/6553">psf/requests#6553</a></li> <li><a href="https://github.com/Rohan5commit"><code>@Rohan5commit</code></a> made their first contribution in <a href="https://redirect.github.com/psf/requests/pull/7227">psf/requests#7227</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25">https://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/psf/requests/blob/main/HISTORY.md">requests's changelog</a>.</em></p> <blockquote> <h2>2.33.0 (2026-03-25)</h2> <p><strong>Announcements</strong></p> <ul> <li>📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at <a href="https://redirect.github.com/psf/requests/issues/7271">#7271</a>. Give it a try, and report any gaps or feedback you may have in the issue. 📣</li> </ul> <p><strong>Security</strong></p> <ul> <li>CVE-2026-25645 <code>requests.utils.extract_zipped_paths</code> now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.</li> </ul> <p><strong>Improvements</strong></p> <ul> <li>Migrated to a PEP 517 build system using setuptools. (<a href="https://redirect.github.com/psf/requests/issues/7012">#7012</a>)</li> </ul> <p><strong>Bugfixes</strong></p> <ul> <li>Fixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+. (<a href="https://redirect.github.com/psf/requests/issues/7205">#7205</a>)</li> </ul> <p><strong>Deprecations</strong></p> <ul> <li>Dropped support for Python 3.9 following its end of support. (<a href="https://redirect.github.com/psf/requests/issues/7196">#7196</a>)</li> </ul> <p><strong>Documentation</strong></p> <ul> <li>Various typo fixes and doc improvements.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`bc04dfd6da`"><code>bc04dfd</code></a> v2.33.0</li> <li><a href="`66d21cb07b`"><code>66d21cb</code></a> Merge commit from fork</li> <li><a href="`8b9bc8fc0f`"><code>8b9bc8f</code></a> Move badges to top of README (<a href="https://redirect.github.com/psf/requests/issues/7293">#7293</a>)</li> <li><a href="`e331a288f3`"><code>e331a28</code></a> Remove unused extraction call (<a href="https://redirect.github.com/psf/requests/issues/7292">#7292</a>)</li> <li><a href="`753fd08c5e`"><code>753fd08</code></a> docs: fix FAQ grammar in httplib2 example</li> <li><a href="`774a0b837a`"><code>774a0b8</code></a> docs(socks): same block as other sections</li> <li><a href="`9c72a41bec`"><code>9c72a41</code></a> Bump github/codeql-action from 4.33.0 to 4.34.1</li> <li><a href="`ebf7190679`"><code>ebf7190</code></a> Bump github/codeql-action from 4.32.0 to 4.33.0</li> <li><a href="`0e4ae38f0c`"><code>0e4ae38</code></a> docs: exclude Response.is_permanent_redirect from API docs (<a href="https://redirect.github.com/psf/requests/issues/7244">#7244</a>)</li> <li><a href="`d568f47278`"><code>d568f47</code></a> docs: clarify Quickstart POST example (<a href="https://redirect.github.com/psf/requests/issues/6960">#6960</a>)</li> <li>Additional commits viewable in <a href="https://github.com/psf/requests/compare/v2.32.5...v2.33.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=requests&package-manager=uv&previous-version=2.32.5&new-version=2.33.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/maxdorninger/MediaManager/network/alerts). </details> > Note > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-05-01 16:41:32 +02:00
dependabot[bot]	96032c10b4	Update fastapi[standard] requirement from >=0.115.14 to >=0.136.1 in /metadata_relay (#520 ) Updates the requirements on [fastapi[standard]](https://github.com/fastapi/fastapi) to permit the latest version. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/fastapi/fastapi/releases">fastapi[standard]'s releases</a>.</em></p> <blockquote> <h2>0.136.1</h2> <h3>Upgrades</h3> <ul> <li>⬆️ Update Pydantic v2 code to address deprecations. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15101">#15101</a> by <a href="https://github.com/svlandeg"><code>@svlandeg</code></a>.</li> </ul> <h3>Internal</h3> <ul> <li>🔨 Tweak translation script. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15174">#15174</a> by <a href="https://github.com/YuriiMotov"><code>@YuriiMotov</code></a>.</li> <li>⬆ Bump mkdocs-material from 9.7.1 to 9.7.6. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15408">#15408</a> by <a href="https://github.com/apps/dependabot"><code>@dependabot[bot]</code></a>.</li> <li>⬆ Bump inline-snapshot from 0.31.1 to 0.32.6. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15409">#15409</a> by <a href="https://github.com/apps/dependabot"><code>@dependabot[bot]</code></a>.</li> <li>⬆ Bump pytest-codspeed from 4.3.0 to 4.4.0. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15407">#15407</a> by <a href="https://github.com/apps/dependabot"><code>@dependabot[bot]</code></a>.</li> <li>⬆ Bump pytest-cov from 7.0.0 to 7.1.0. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15406">#15406</a> by <a href="https://github.com/apps/dependabot"><code>@dependabot[bot]</code></a>.</li> <li>⬆ Bump cloudflare/wrangler-action from 3.14.1 to 3.15.0. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15405">#15405</a> by <a href="https://github.com/apps/dependabot"><code>@dependabot[bot]</code></a>.</li> <li>⬆ Bump mypy from 1.19.1 to 1.20.1. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15410">#15410</a> by <a href="https://github.com/apps/dependabot"><code>@dependabot[bot]</code></a>.</li> <li>⬆ Bump python-dotenv from 1.2.1 to 1.2.2. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15400">#15400</a> by <a href="https://github.com/apps/dependabot"><code>@dependabot[bot]</code></a>.</li> <li>⬆ Bump starlette from 0.52.1 to 1.0.0. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15397">#15397</a> by <a href="https://github.com/apps/dependabot"><code>@dependabot[bot]</code></a>.</li> <li>⬆ Bump pygithub from 2.8.1 to 2.9.1. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15396">#15396</a> by <a href="https://github.com/apps/dependabot"><code>@dependabot[bot]</code></a>.</li> <li>⬆ Bump pyjwt from 2.12.0 to 2.12.1. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15393">#15393</a> by <a href="https://github.com/apps/dependabot"><code>@dependabot[bot]</code></a>.</li> <li>⬆ Bump zizmor from 1.23.1 to 1.24.1. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15394">#15394</a> by <a href="https://github.com/apps/dependabot"><code>@dependabot[bot]</code></a>.</li> <li>⬆ Bump strawberry-graphql from 0.312.3 to 0.314.3. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15395">#15395</a> by <a href="https://github.com/apps/dependabot"><code>@dependabot[bot]</code></a>.</li> <li>⬆ Bump python-multipart from 0.0.22 to 0.0.26. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15360">#15360</a> by <a href="https://github.com/apps/dependabot"><code>@dependabot[bot]</code></a>.</li> <li>⬆ Bump authlib from 1.6.9 to 1.6.11. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15373">#15373</a> by <a href="https://github.com/apps/dependabot"><code>@dependabot[bot]</code></a>.</li> <li>⬆ Bump aiohttp from 3.13.3 to 3.13.4. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15282">#15282</a> by <a href="https://github.com/apps/dependabot"><code>@dependabot[bot]</code></a>.</li> <li>⬆ Bump pygments from 2.19.2 to 2.20.0. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15263">#15263</a> by <a href="https://github.com/apps/dependabot"><code>@dependabot[bot]</code></a>.</li> <li>⬆ Bump pymdown-extensions from 10.20.1 to 10.21.2. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15391">#15391</a> by <a href="https://github.com/YuriiMotov"><code>@YuriiMotov</code></a>.</li> <li>⬆ Bump pillow from 12.1.1 to 12.2.0. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15333">#15333</a> by <a href="https://github.com/apps/dependabot"><code>@dependabot[bot]</code></a>.</li> <li>⬆ Bump pytest from 9.0.2 to 9.0.3. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15334">#15334</a> by <a href="https://github.com/apps/dependabot"><code>@dependabot[bot]</code></a>.</li> <li>⬆ Bump actions/upload-artifact from 7.0.0 to 7.0.1. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15374">#15374</a> by <a href="https://github.com/apps/dependabot"><code>@dependabot[bot]</code></a>.</li> <li>⬆ Bump actions/cache from 5.0.4 to 5.0.5. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15385">#15385</a> by <a href="https://github.com/apps/dependabot"><code>@dependabot[bot]</code></a>.</li> <li>🔧 Update sponsors: remove Zuplo. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15369">#15369</a> by <a href="https://github.com/tiangolo"><code>@tiangolo</code></a>.</li> <li>🔧 Update sponsors: remove Speakeasy. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15368">#15368</a> by <a href="https://github.com/tiangolo"><code>@tiangolo</code></a>.</li> <li>🔒️ Add zizmor and fix audit findings. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15316">#15316</a> by <a href="https://github.com/YuriiMotov"><code>@YuriiMotov</code></a>.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`e54e5a8980`"><code>e54e5a8</code></a> 🔖 Release version 0.136.1</li> <li><a href="`9a8a5fd999`"><code>9a8a5fd</code></a> 📝 Update release notes</li> <li><a href="`7815a32f2e`"><code>7815a32</code></a> ⬆️ Update Pydantic v2 code to address deprecations (<a href="https://redirect.github.com/fastapi/fastapi/issues/15101">#15101</a>)</li> <li><a href="`ef1c927b05`"><code>ef1c927</code></a> 📝 Update release notes</li> <li><a href="`38039e12a8`"><code>38039e1</code></a> 🔨 Tweak translation script (<a href="https://redirect.github.com/fastapi/fastapi/issues/15174">#15174</a>)</li> <li><a href="`4fa826ce0a`"><code>4fa826c</code></a> 📝 Update release notes</li> <li><a href="`c39415673e`"><code>c394156</code></a> ⬆ Bump mkdocs-material from 9.7.1 to 9.7.6 (<a href="https://redirect.github.com/fastapi/fastapi/issues/15408">#15408</a>)</li> <li><a href="`ae230ad2f9`"><code>ae230ad</code></a> 📝 Update release notes</li> <li><a href="`d9eb39d1a1`"><code>d9eb39d</code></a> ⬆ Bump inline-snapshot from 0.31.1 to 0.32.6 (<a href="https://redirect.github.com/fastapi/fastapi/issues/15409">#15409</a>)</li> <li><a href="`4f8b5d14d3`"><code>4f8b5d1</code></a> 📝 Update release notes</li> <li>Additional commits viewable in <a href="https://github.com/fastapi/fastapi/compare/0.115.14...0.136.1">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-05-01 16:41:22 +02:00
dependabot[bot]	4d9805c909	Bump uvicorn from 0.41.0 to 0.46.0 in /metadata_relay (#521 ) Bumps [uvicorn](https://github.com/Kludex/uvicorn) from 0.41.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/Kludex/uvicorn/releases">uvicorn's releases</a>.</em></p> <blockquote> <h2>Version 0.46.0</h2> <h2>What's Changed</h2> <ul> <li>Support <code>ws_max_size</code> in <code>wsproto</code> implementation by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/uvicorn/pull/2915">Kludex/uvicorn#2915</a></li> <li>Support <code>ws_ping_interval</code> and <code>ws_ping_timeout</code> in <code>wsproto</code> implementation by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/uvicorn/pull/2916">Kludex/uvicorn#2916</a></li> <li>Use <code>bytearray</code> for incoming WebSocket message buffer in websockets-sansio by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/uvicorn/pull/2917">Kludex/uvicorn#2917</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/Kludex/uvicorn/compare/0.45.0...0.46.0">https://github.com/Kludex/uvicorn/compare/0.45.0...0.46.0</a></p> <h2>Version 0.45.0</h2> <h2>What's Changed</h2> <ul> <li>Preserve forwarded client ports in proxy headers middleware by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/uvicorn/pull/2903">Kludex/uvicorn#2903</a></li> <li>Accept <code>os.PathLike</code> for <code>log_config</code> by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/uvicorn/pull/2905">Kludex/uvicorn#2905</a></li> <li>Accept <code>log_level</code> strings case-insensitively by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/uvicorn/pull/2907">Kludex/uvicorn#2907</a></li> <li>Raise helpful <code>ImportError</code> when PyYAML is missing for YAML log config by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/uvicorn/pull/2906">Kludex/uvicorn#2906</a></li> <li>Revert empty context for ASGI runs by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/uvicorn/pull/2911">Kludex/uvicorn#2911</a></li> <li>Add <code>--reset-contextvars</code> flag to isolate ASGI request context by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/uvicorn/pull/2912">Kludex/uvicorn#2912</a></li> <li>Revert "Emit <code>http.disconnect</code> on server shutdown for streaming responses" (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2829">#2829</a>) by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/uvicorn/pull/2913">Kludex/uvicorn#2913</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/Krishnachaitanyakc"><code>@Krishnachaitanyakc</code></a> made their first contribution in <a href="https://redirect.github.com/Kludex/uvicorn/pull/2870">Kludex/uvicorn#2870</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/Kludex/uvicorn/compare/0.44.0...0.45.0">https://github.com/Kludex/uvicorn/compare/0.44.0...0.45.0</a></p> <h2>Version 0.44.0</h2> <h2>What's Changed</h2> <ul> <li>Implement websocket keepalive pings for websockets-sansio by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/uvicorn/pull/2888">Kludex/uvicorn#2888</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/Kludex/uvicorn/compare/0.43.0...0.44.0">https://github.com/Kludex/uvicorn/compare/0.43.0...0.44.0</a></p> <h2>Version 0.43.0</h2> <h2>Changed</h2> <ul> <li>Emit <code>http.disconnect</code> ASGI <code>receive()</code> event on server shutting down for streaming responses (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2829">#2829</a>)</li> <li>Use native <code>context</code> parameter for <code>create_task</code> on Python 3.11+ (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2859">#2859</a>)</li> <li>Drop cast in ASGI types (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2875">#2875</a>)</li> </ul> <hr /> <p><strong>Full Changelog</strong>: <a href="https://github.com/Kludex/uvicorn/compare/0.42.0...0.43.0">https://github.com/Kludex/uvicorn/compare/0.42.0...0.43.0</a></p> <h2>Version 0.42.0</h2> <h2>Changed</h2> <ul> <li>Use <code>bytearray</code> for request body accumulation to avoid O(n^2) allocation on fragmented bodies (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2845">#2845</a>)</li> </ul> <h2>Fixed</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Kludex/uvicorn/blob/main/docs/release-notes.md">uvicorn's changelog</a>.</em></p> <blockquote> <h2>0.46.0 (April 23, 2026)</h2> <h3>Added</h3> <ul> <li>Support <code>ws_max_size</code> in <code>wsproto</code> implementation (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2915">#2915</a>)</li> <li>Support <code>ws_ping_interval</code> and <code>ws_ping_timeout</code> in <code>wsproto</code> implementation (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2916">#2916</a>)</li> </ul> <h3>Changed</h3> <ul> <li>Use <code>bytearray</code> for incoming WebSocket message buffer in <code>websockets-sansio</code> (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2917">#2917</a>)</li> </ul> <h2>0.45.0 (April 21, 2026)</h2> <h3>Added</h3> <ul> <li>Add <code>--reset-contextvars</code> flag to isolate ASGI request context (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2912">#2912</a>)</li> <li>Accept <code>os.PathLike</code> for <code>log_config</code> (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2905">#2905</a>)</li> <li>Accept <code>log_level</code> strings case-insensitively (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2907">#2907</a>)</li> </ul> <h3>Changed</h3> <ul> <li>Revert "Emit <code>http.disconnect</code> on server shutdown for streaming responses" (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2913">#2913</a>)</li> <li>Revert "Explicitly start ASGI run with empty context" (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2911">#2911</a>)</li> </ul> <h3>Fixed</h3> <ul> <li>Preserve forwarded client ports in proxy headers middleware (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2903">#2903</a>)</li> <li>Raise helpful <code>ImportError</code> when PyYAML is missing for YAML log config (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2906">#2906</a>)</li> </ul> <h2>0.44.0 (April 6, 2026)</h2> <h3>Added</h3> <ul> <li>Implement websocket keepalive pings for websockets-sansio (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2888">#2888</a>)</li> </ul> <h2>0.43.0 (April 3, 2026)</h2> <p>You can quit Uvicorn now. We heard you, <a href="https://github.com/pamelafox"><code>@pamelafox</code></a> - all 47 of your Ctrl+C's (thanks for flagging it, and thanks to <a href="https://github.com/tiangolo"><code>@tiangolo</code></a> for the fix 🙏). <a href="https://x.com/pamelafox/status/2039097686155227623">See the tweet</a>.</p> <h3>Changed</h3> <ul> <li>Emit <code>http.disconnect</code> ASGI <code>receive()</code> event on server shutting down for streaming responses (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2829">#2829</a>)</li> <li>Use native <code>context</code> parameter for <code>create_task</code> on Python 3.11+ (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2859">#2859</a>)</li> <li>Drop cast in ASGI types (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2875">#2875</a>)</li> </ul> <h2>0.42.0 (March 16, 2026)</h2> <h3>Changed</h3> <ul> <li>Use <code>bytearray</code> for request body accumulation to avoid O(n^2) allocation on fragmented bodies (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2845">#2845</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="`b224045f59`"><code>b224045</code></a> Version 0.46.0 (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2918">#2918</a>)</li> <li><a href="`7375b5bf66`"><code>7375b5b</code></a> Use <code>bytearray</code> for incoming WebSocket message buffer in websockets-sansio (#...</li> <li><a href="`d438fb16fe`"><code>d438fb1</code></a> Support <code>ws_ping_interval</code> and <code>ws_ping_timeout</code> in <code>wsproto</code> implementation ...</li> <li><a href="`3e6b964466`"><code>3e6b964</code></a> Support <code>ws_max_size</code> in <code>wsproto</code> implementation (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2915">#2915</a>)</li> <li><a href="`2c423bd82b`"><code>2c423bd</code></a> Version 0.45.0 (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2914">#2914</a>)</li> <li><a href="`7f027f8e25`"><code>7f027f8</code></a> Revert "Emit <code>http.disconnect</code> on server shutdown for streaming responses" (#...</li> <li><a href="`73a80c3cc8`"><code>73a80c3</code></a> Add <code>--reset-contextvars</code> flag to isolate ASGI request context (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2912">#2912</a>)</li> <li><a href="`45c0b568d3`"><code>45c0b56</code></a> Revert empty context for ASGI runs (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2911">#2911</a>)</li> <li><a href="`850d92656d`"><code>850d926</code></a> Raise helpful <code>ImportError</code> when PyYAML is missing for YAML log config (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2906">#2906</a>)</li> <li><a href="`fdcacb4b83`"><code>fdcacb4</code></a> Accept <code>log_level</code> strings case-insensitively (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2907">#2907</a>)</li> <li>Additional commits viewable in <a href="https://github.com/Kludex/uvicorn/compare/0.41.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=uvicorn&package-manager=uv&previous-version=0.41.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-05-01 16:41:12 +02:00
Valentin Derksen	d3b55566af	Use openapi schemas directly (#488 ) This PR adjusts the configuration to the `openapi-typescript` generation to export the schema types directly and allow importing them directly in the frontend code: <img width="645" height="73" alt="image" src="https://github.com/user-attachments/assets/75ddb995-ac16-4154-842d-fd85d4bdea46" /> Alternatively without the `--root-types-no-schema-prefix` option, the schemas would all be prefixed with "Schema" like `SchemaMetaDataProviderSearchResult` which could be safer, if there are type collisions. LMK what's preferred. --- Checklist: - [x] run `npm run openapi` to re-generate the `api.d.ts` - [x] run `npm run lint` - [x] run `npm run format` <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * Refactor * Simplified and standardised TypeScript typings across the web app by switching to concise public type aliases for API schemas (e.g. Movie, Show, Episode, User, Notification, etc.), improving code clarity and consistency across components and pages; purely type-level changes with no runtime behaviour impact. <!-- end of auto-generated comment: release notes by coderabbit.ai -->	2026-05-01 16:37:24 +02:00
Marcel Hellwig	c46239db86	replace libtorrent with torf (#506 ) torf is a python library which deals with torrents, magnets and more. It is a python only library and has no C backend. The main reason for replacing it is that libtorrent doesn't have bindings for pyhton 3.14, which is now the default on arch (I use arch btw.) --- Since I don't have a torrent downloader, someone should verify that this still works (: Maybe one should add tests for it as well :D <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * Chores * Replaced the torrent parsing library and updated project dependency accordingly. * Updated container build to remove the now-unused OS package. * Bug Fixes * Improved reliability of torrent info extraction during magnet and fallback handling. <!-- end of auto-generated comment: release notes by coderabbit.ai -->	2026-05-01 16:24:34 +02:00
Maximilian Dorninger	f5253990e0	switch from APScheduler to Taskiq (#461 ) This PR replaces the APScheduler lib with the Taskiq task queuing lib. # why APScheduler doesn't support FastAPI's DI in tasks, this makes them quite cumbersome to read and write since DB, Repositories and Services all need to be instanciated manually. Moreover, Taskiq makes it easier to start background tasks from FastAPI requests. This enables MM to move to a more event-based architecture. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * New Features * App now uses an orchestrated async startup/shutdown and runs background scheduling via a database-backed task queue; startup enqueues pre-load/import/update tasks. * Bug Fixes * Improved torrent client handling with clearer conflict messages and guidance for manual resolution. * Enhanced logging around season, episode and metadata update operations; minor regex/behaviour formatting preserved. * Chores * Updated dependencies to support the new task queue and connection pooling. <!-- end of auto-generated comment: release notes by coderabbit.ai -->	2026-02-26 21:23:24 +01:00
dependabot[bot]	e529e0c0a3	Bump @eslint/compat from 1.4.1 to 2.0.2 in /web (#465 ) Bumps [@eslint/compat](https://github.com/eslint/rewrite/tree/HEAD/packages/compat) from 1.4.1 to 2.0.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/eslint/rewrite/releases"><code>@eslint/compat</code>'s releases</a>.</em></p> <blockquote> <h2>compat: v2.0.2</h2> <h2><a href="https://github.com/eslint/rewrite/compare/compat-v2.0.1...compat-v2.0.2">2.0.2</a> (2026-01-29)</h2> <h3>Bug Fixes</h3> <ul> <li>add eslint 10 as peer dependency (<a href="https://redirect.github.com/eslint/rewrite/issues/361">#361</a>) (<a href="`ecb37dcafc`">ecb37dc</a>)</li> </ul> <h3>Dependencies</h3> <ul> <li>The following workspace dependencies were updated <ul> <li>dependencies <ul> <li><code>@eslint/core</code> bumped from ^1.0.1 to ^1.1.0</li> </ul> </li> </ul> </li> </ul> <h2>migrate-config: v2.0.2</h2> <h2><a href="https://github.com/eslint/rewrite/compare/migrate-config-v2.0.1...migrate-config-v2.0.2">2.0.2</a> (2026-01-29)</h2> <h3>Dependencies</h3> <ul> <li>The following workspace dependencies were updated <ul> <li>dependencies <ul> <li><code>@eslint/compat</code> bumped from ^2.0.1 to ^2.0.2</li> </ul> </li> <li>devDependencies <ul> <li><code>@eslint/core</code> bumped from ^1.0.1 to ^1.1.0</li> </ul> </li> </ul> </li> </ul> <h2>compat: v2.0.1</h2> <h2><a href="https://github.com/eslint/rewrite/compare/compat-v2.0.0...compat-v2.0.1">2.0.1</a> (2026-01-08)</h2> <h3>Dependencies</h3> <ul> <li>The following workspace dependencies were updated <ul> <li>dependencies <ul> <li><code>@eslint/core</code> bumped from ^1.0.0 to ^1.0.1</li> </ul> </li> </ul> </li> </ul> <h2>migrate-config: v2.0.1</h2> <h2><a href="https://github.com/eslint/rewrite/compare/migrate-config-v2.0.0...migrate-config-v2.0.1">2.0.1</a> (2026-01-08)</h2> <h3>Dependencies</h3> <ul> <li>The following workspace dependencies were updated <ul> <li>dependencies <ul> <li><code>@eslint/compat</code> bumped from ^2.0.0 to ^2.0.1</li> </ul> </li> <li>devDependencies <ul> <li><code>@eslint/core</code> bumped from ^1.0.0 to ^1.0.1</li> </ul> </li> </ul> </li> </ul> <h2>compat: v2.0.0</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/eslint/rewrite/blob/main/packages/compat/CHANGELOG.md"><code>@eslint/compat</code>'s changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/eslint/rewrite/compare/compat-v2.0.1...compat-v2.0.2">2.0.2</a> (2026-01-29)</h2> <h3>Bug Fixes</h3> <ul> <li>add eslint 10 as peer dependency (<a href="https://redirect.github.com/eslint/rewrite/issues/361">#361</a>) (<a href="`ecb37dcafc`">ecb37dc</a>)</li> </ul> <h3>Dependencies</h3> <ul> <li>The following workspace dependencies were updated <ul> <li>dependencies <ul> <li><code>@eslint/core</code> bumped from ^1.0.1 to ^1.1.0</li> </ul> </li> </ul> </li> </ul> <h2><a href="https://github.com/eslint/rewrite/compare/compat-v2.0.0...compat-v2.0.1">2.0.1</a> (2026-01-08)</h2> <h3>Dependencies</h3> <ul> <li>The following workspace dependencies were updated <ul> <li>dependencies <ul> <li><code>@eslint/core</code> bumped from ^1.0.0 to ^1.0.1</li> </ul> </li> </ul> </li> </ul> <h2><a href="https://github.com/eslint/rewrite/compare/compat-v1.4.1...compat-v2.0.0">2.0.0</a> (2025-11-14)</h2> <h3>⚠ BREAKING CHANGES</h3> <ul> <li>Require Node.js ^20.19.0 \|\| ^22.13.0 \|\| >=24 (<a href="https://redirect.github.com/eslint/rewrite/issues/297">#297</a>)</li> </ul> <h3>Features</h3> <ul> <li>patch missing context and SourceCode methods for v10 (<a href="https://redirect.github.com/eslint/rewrite/issues/311">#311</a>) (<a href="`a40d8c60af`">a40d8c6</a>)</li> <li>Require Node.js ^20.19.0 \|\| ^22.13.0 \|\| >=24 (<a href="https://redirect.github.com/eslint/rewrite/issues/297">#297</a>) (<a href="`acc623c807`">acc623c</a>)</li> </ul> <h3>Dependencies</h3> <ul> <li>The following workspace dependencies were updated <ul> <li>dependencies <ul> <li><code>@eslint/core</code> bumped from ^0.17.0 to ^1.0.0</li> </ul> </li> </ul> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`7960653fe6`"><code>7960653</code></a> chore: release main (<a href="https://github.com/eslint/rewrite/tree/HEAD/packages/compat/issues/356">#356</a>)</li> <li><a href="`ecb37dcafc`"><code>ecb37dc</code></a> fix: add eslint 10 as peer dependency (<a href="https://github.com/eslint/rewrite/tree/HEAD/packages/compat/issues/361">#361</a>)</li> <li><a href="`074cac2268`"><code>074cac2</code></a> docs: Update README sponsors</li> <li><a href="`a3b0fd5102`"><code>a3b0fd5</code></a> docs: Update README sponsors</li> <li><a href="`7abc05147e`"><code>7abc051</code></a> chore: release main (<a href="https://github.com/eslint/rewrite/tree/HEAD/packages/compat/issues/336">#336</a>)</li> <li><a href="`f0b5b68e6d`"><code>f0b5b68</code></a> docs: Update README sponsors</li> <li><a href="`b65204d085`"><code>b65204d</code></a> docs: Update README sponsors</li> <li><a href="`5f8bc5b872`"><code>5f8bc5b</code></a> ci: run <code>arethetypeswrong</code> on packages with types (<a href="https://github.com/eslint/rewrite/tree/HEAD/packages/compat/issues/338">#338</a>)</li> <li><a href="`d9eb64a30a`"><code>d9eb64a</code></a> docs: Update README sponsors</li> <li><a href="`7444f36783`"><code>7444f36</code></a> docs: Update README sponsors</li> <li>Additional commits viewable in <a href="https://github.com/eslint/rewrite/commits/compat-v2.0.2/packages/compat">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@eslint/compat&package-manager=npm_and_yarn&previous-version=1.4.1&new-version=2.0.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-02-26 21:21:11 +01:00
dependabot[bot]	46a9760376	Bump ruff from 0.14.10 to 0.15.2 (#467 ) Bumps [ruff](https://github.com/astral-sh/ruff) from 0.14.10 to 0.15.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/astral-sh/ruff/releases">ruff's releases</a>.</em></p> <blockquote> <h2>0.15.2</h2> <h2>Release Notes</h2> <p>Released on 2026-02-19.</p> <h3>Preview features</h3> <ul> <li> <p>Expand the default rule set (<a href="https://redirect.github.com/astral-sh/ruff/pull/23385">#23385</a>)</p> <p>In preview, Ruff now enables a significantly expanded default rule set of 412 rules, up from the stable default set of 59 rules. The new rules are mostly a superset of the stable defaults, with the exception of these rules, which are removed from the preview defaults:</p> <ul> <li><a href="https://docs.astral.sh/ruff/rules/multiple-imports-on-one-line"><code>multiple-imports-on-one-line</code></a> (<code>E401</code>)</li> <li><a href="https://docs.astral.sh/ruff/rules/module-import-not-at-top-of-file"><code>module-import-not-at-top-of-file</code></a> (<code>E402</code>)</li> <li><a href="https://docs.astral.sh/ruff/rules/module-import-not-at-top-of-file"><code>module-import-not-at-top-of-file</code></a> (<code>E701</code>)</li> <li><a href="https://docs.astral.sh/ruff/rules/multiple-statements-on-one-line-semicolon"><code>multiple-statements-on-one-line-semicolon</code></a> (<code>E702</code>)</li> <li><a href="https://docs.astral.sh/ruff/rules/useless-semicolon"><code>useless-semicolon</code></a> (<code>E703</code>)</li> <li><a href="https://docs.astral.sh/ruff/rules/none-comparison"><code>none-comparison</code></a> (<code>E711</code>)</li> <li><a href="https://docs.astral.sh/ruff/rules/true-false-comparison"><code>true-false-comparison</code></a> (<code>E712</code>)</li> <li><a href="https://docs.astral.sh/ruff/rules/not-in-test"><code>not-in-test</code></a> (<code>E713</code>)</li> <li><a href="https://docs.astral.sh/ruff/rules/not-is-test"><code>not-is-test</code></a> (<code>E714</code>)</li> <li><a href="https://docs.astral.sh/ruff/rules/type-comparison"><code>type-comparison</code></a> (<code>E721</code>)</li> <li><a href="https://docs.astral.sh/ruff/rules/lambda-assignment"><code>lambda-assignment</code></a> (<code>E731</code>)</li> <li><a href="https://docs.astral.sh/ruff/rules/ambiguous-variable-name"><code>ambiguous-variable-name</code></a> (<code>E741</code>)</li> <li><a href="https://docs.astral.sh/ruff/rules/ambiguous-class-name"><code>ambiguous-class-name</code></a> (<code>E742</code>)</li> <li><a href="https://docs.astral.sh/ruff/rules/ambiguous-function-name"><code>ambiguous-function-name</code></a> (<code>E743</code>)</li> <li><a href="https://docs.astral.sh/ruff/rules/undefined-local-with-import-star"><code>undefined-local-with-import-star</code></a> (<code>F403</code>)</li> <li><a href="https://docs.astral.sh/ruff/rules/undefined-local-with-import-star-usage"><code>undefined-local-with-import-star-usage</code></a> (<code>F405</code>)</li> <li><a href="https://docs.astral.sh/ruff/rules/undefined-local-with-nested-import-star-usage"><code>undefined-local-with-nested-import-star-usage</code></a> (<code>F406</code>)</li> <li><a href="https://docs.astral.sh/ruff/rules/forward-annotation-syntax-error"><code>forward-annotation-syntax-error</code></a> (<code>F722</code>)</li> </ul> <p>If you use preview and prefer the old defaults, you can restore them with configuration like:</p> <pre lang="toml"><code> # ruff.toml <p>[lint] select = ["E4", "E7", "E9", "F"]</p> <h1>pyproject.toml</h1> <p>[tool.ruff.lint] select = ["E4", "E7", "E9", "F"] </code></pre></p> <p>If you do give them a try, feel free to share your feedback in the <a href="https://github.com/astral-sh/ruff/discussions/23203">GitHub discussion</a>!</p> </li> <li> <p>[<code>flake8-pyi</code>] Also check string annotations (<code>PYI041</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/19023">#19023</a>)</p> </li> </ul> <h3>Bug fixes</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md">ruff's changelog</a>.</em></p> <blockquote> <h2>0.15.2</h2> <p>Released on 2026-02-19.</p> <h3>Preview features</h3> <ul> <li> <p>Expand the default rule set (<a href="https://redirect.github.com/astral-sh/ruff/pull/23385">#23385</a>)</p> <p>In preview, Ruff now enables a significantly expanded default rule set of 412 rules, up from the stable default set of 59 rules. The new rules are mostly a superset of the stable defaults, with the exception of these rules, which are removed from the preview defaults:</p> <ul> <li><a href="https://docs.astral.sh/ruff/rules/multiple-imports-on-one-line"><code>multiple-imports-on-one-line</code></a> (<code>E401</code>)</li> <li><a href="https://docs.astral.sh/ruff/rules/module-import-not-at-top-of-file"><code>module-import-not-at-top-of-file</code></a> (<code>E402</code>)</li> <li><a href="https://docs.astral.sh/ruff/rules/module-import-not-at-top-of-file"><code>module-import-not-at-top-of-file</code></a> (<code>E701</code>)</li> <li><a href="https://docs.astral.sh/ruff/rules/multiple-statements-on-one-line-semicolon"><code>multiple-statements-on-one-line-semicolon</code></a> (<code>E702</code>)</li> <li><a href="https://docs.astral.sh/ruff/rules/useless-semicolon"><code>useless-semicolon</code></a> (<code>E703</code>)</li> <li><a href="https://docs.astral.sh/ruff/rules/none-comparison"><code>none-comparison</code></a> (<code>E711</code>)</li> <li><a href="https://docs.astral.sh/ruff/rules/true-false-comparison"><code>true-false-comparison</code></a> (<code>E712</code>)</li> <li><a href="https://docs.astral.sh/ruff/rules/not-in-test"><code>not-in-test</code></a> (<code>E713</code>)</li> <li><a href="https://docs.astral.sh/ruff/rules/not-is-test"><code>not-is-test</code></a> (<code>E714</code>)</li> <li><a href="https://docs.astral.sh/ruff/rules/type-comparison"><code>type-comparison</code></a> (<code>E721</code>)</li> <li><a href="https://docs.astral.sh/ruff/rules/lambda-assignment"><code>lambda-assignment</code></a> (<code>E731</code>)</li> <li><a href="https://docs.astral.sh/ruff/rules/ambiguous-variable-name"><code>ambiguous-variable-name</code></a> (<code>E741</code>)</li> <li><a href="https://docs.astral.sh/ruff/rules/ambiguous-class-name"><code>ambiguous-class-name</code></a> (<code>E742</code>)</li> <li><a href="https://docs.astral.sh/ruff/rules/ambiguous-function-name"><code>ambiguous-function-name</code></a> (<code>E743</code>)</li> <li><a href="https://docs.astral.sh/ruff/rules/undefined-local-with-import-star"><code>undefined-local-with-import-star</code></a> (<code>F403</code>)</li> <li><a href="https://docs.astral.sh/ruff/rules/undefined-local-with-import-star-usage"><code>undefined-local-with-import-star-usage</code></a> (<code>F405</code>)</li> <li><a href="https://docs.astral.sh/ruff/rules/undefined-local-with-nested-import-star-usage"><code>undefined-local-with-nested-import-star-usage</code></a> (<code>F406</code>)</li> <li><a href="https://docs.astral.sh/ruff/rules/forward-annotation-syntax-error"><code>forward-annotation-syntax-error</code></a> (<code>F722</code>)</li> </ul> <p>If you use preview and prefer the old defaults, you can restore them with configuration like:</p> <pre lang="toml"><code> # ruff.toml <p>[lint] select = ["E4", "E7", "E9", "F"]</p> <h1>pyproject.toml</h1> <p>[tool.ruff.lint] select = ["E4", "E7", "E9", "F"] </code></pre></p> <p>If you do give them a try, feel free to share your feedback in the <a href="https://github.com/astral-sh/ruff/discussions/23203">GitHub discussion</a>!</p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="`9d18ee9115`"><code>9d18ee9</code></a> Hard code workflow name and <code>cancel-in-progress</code> only for PRs (<a href="https://redirect.github.com/astral-sh/ruff/issues/23431">#23431</a>)</li> <li><a href="`7cc15f024b`"><code>7cc15f0</code></a> Bump 0.15.2 (<a href="https://redirect.github.com/astral-sh/ruff/issues/23430">#23430</a>)</li> <li><a href="`d1b544393a`"><code>d1b5443</code></a> Add extension mapping to configuration file options (<a href="https://redirect.github.com/astral-sh/ruff/issues/23384">#23384</a>)</li> <li><a href="`222574af90`"><code>222574a</code></a> Expand the default rule set (<a href="https://redirect.github.com/astral-sh/ruff/issues/23385">#23385</a>)</li> <li><a href="`1465b5de38`"><code>1465b5d</code></a> [<code>flake8-async</code>] Fix <code>in_async_context</code> logic (<a href="https://redirect.github.com/astral-sh/ruff/issues/23426">#23426</a>)</li> <li><a href="`410902fa40`"><code>410902f</code></a> [<code>pyupgrade</code>] Fix handling of <code>typing.{io,re}</code> (<code>UP035</code>) (<a href="https://redirect.github.com/astral-sh/ruff/issues/23131">#23131</a>)</li> <li><a href="`729610acd9`"><code>729610a</code></a> [ty] Fall back to ambiguous for large control flow graphs (<a href="https://redirect.github.com/astral-sh/ruff/issues/23399">#23399</a>)</li> <li><a href="`1425c185b0`"><code>1425c18</code></a> [ty] Add code folding support</li> <li><a href="`97acaaea5f`"><code>97acaae</code></a> [ty] Fix stack overflow for self-referential <code>TypeOf</code> in annotations (<a href="https://redirect.github.com/astral-sh/ruff/issues/23407">#23407</a>)</li> <li><a href="`1f380c8258`"><code>1f380c8</code></a> [ty] Update tests <code>reveal_type</code> and <code>Never</code> (<a href="https://redirect.github.com/astral-sh/ruff/issues/23418">#23418</a>)</li> <li>Additional commits viewable in <a href="https://github.com/astral-sh/ruff/compare/0.14.10...0.15.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ruff&package-manager=uv&previous-version=0.14.10&new-version=0.15.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-02-26 21:20:43 +01:00
dependabot[bot]	8270d1d3ff	Bump sqlalchemy from 2.0.45 to 2.0.47 (#471 ) Bumps [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) from 2.0.45 to 2.0.47. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sqlalchemy/sqlalchemy/releases">sqlalchemy's releases</a>.</em></p> <blockquote> <h1>2.0.47</h1> <p>Released: February 24, 2026</p> <h2>orm</h2> <ul> <li> <p><strong>[orm] [bug]</strong> Fixed issue when using ORM mappings with Python 3.14's <a href="https://peps.python.org/pep-0649">PEP 649</a> feature that no longer requires "future annotations", where the ORM's introspection of the <code>__init__</code> method of mapped classes would fail if non-present identifiers in annotations were present. The vendored <code>getfullargspec()</code> method has been amended to use <code>Format.FORWARDREF</code> under Python 3.14 to prevent resolution of names that aren't present.</p> <p>References: <a href="https://www.sqlalchemy.org/trac/ticket/13104">#13104</a></p> </li> </ul> <h2>engine</h2> <ul> <li> <p><strong>[engine] [usecase]</strong> The connection object returned by <code>_engine.Engine.raw_connection()</code> now supports the context manager protocol, automatically returning the connection to the pool when exiting the context.</p> <p>References: <a href="https://www.sqlalchemy.org/trac/ticket/13116">#13116</a></p> </li> </ul> <h2>postgresql</h2> <ul> <li> <p><strong>[postgresql] [bug]</strong> Fixed an issue in the PostgreSQL dialect where foreign key constraint reflection would incorrectly swap or fail to capture <code>onupdate</code> and <code>ondelete</code> values when these clauses appeared in a different order than expected in the constraint definition. This issue primarily affected PostgreSQL-compatible databases such as CockroachDB, which may return <code>ON DELETE</code> before <code>ON UPDATE</code> in the constraint definition string. The reflection logic now correctly parses both clauses regardless of their ordering.</p> <p>References: <a href="https://www.sqlalchemy.org/trac/ticket/13105">#13105</a></p> </li> <li> <p><strong>[postgresql] [bug]</strong> Fixed issue in the <code>engine_insertmanyvalues</code> feature where using PostgreSQL's <code>ON CONFLICT</code> clause with <code>_dml.Insert.returning.sort_by_parameter_order</code> enabled would generate invalid SQL when the insert used an implicit sentinel (server-side autoincrement primary key). The generated SQL would incorrectly declare a sentinel counter column in the <code>imp_sen</code> table alias without providing corresponding values in the <code>VALUES</code> clause, leading to a <code>ProgrammingError</code> indicating column count mismatch. The fix allows batch execution mode when <code>embed_values_counter</code> is active, as the embedded counter provides the ordering capability needed even with upsert behaviors, rather than unnecessarily downgrading to row-at-a-time execution.</p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/sqlalchemy/sqlalchemy/commits">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sqlalchemy&package-manager=uv&previous-version=2.0.45&new-version=2.0.47)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-02-26 21:20:32 +01:00
dependabot[bot]	6ef200c558	Bump ty from 0.0.9 to 0.0.18 (#470 ) Bumps [ty](https://github.com/astral-sh/ty) from 0.0.9 to 0.0.18. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/astral-sh/ty/releases">ty's releases</a>.</em></p> <blockquote> <h2>0.0.18</h2> <h2>Release Notes</h2> <p>Released on 2026-02-20.</p> <h3>Bug fixes</h3> <ul> <li>Support classes dynamically created via <code>type(...)</code> with cyclic bases (<a href="https://redirect.github.com/astral-sh/ruff/pull/22792">#22792</a>)</li> <li>Fix incorrect types inferred when unpacking mixed tuples (<a href="https://redirect.github.com/astral-sh/ruff/pull/23437">#23437</a>)</li> <li>Fix stack overflow for self-referential <code>TypeOf</code> in annotations (<a href="https://redirect.github.com/astral-sh/ruff/pull/23407">#23407</a>)</li> <li>Fix several server panics that could occur when computing semantic tokens for the current file (<a href="https://redirect.github.com/astral-sh/ruff/pull/23403">#23403</a>), <a href="https://redirect.github.com/astral-sh/ruff/pull/23398">#23398</a>, <a href="https://redirect.github.com/astral-sh/ruff/pull/23401">#23401</a>)</li> </ul> <h3>LSP server</h3> <ul> <li>Add code folding support (<a href="https://redirect.github.com/astral-sh/ruff/pull/23393">#23393</a>)</li> <li>Add warning message when running <code>ty server</code> interactively (<a href="https://redirect.github.com/astral-sh/ruff/pull/23416">#23416</a>)</li> <li>Exclude test-related symbols from non-first-party packages in auto-import completions (<a href="https://redirect.github.com/astral-sh/ruff/pull/23252">#23252</a>)</li> <li>Fix bug where diagnostics could disappear after opening an external file (<a href="https://redirect.github.com/astral-sh/ruff/pull/23447">#23447</a>)</li> <li>Remove spurious destination for Go-To Definition on variables defined in a loop (<a href="https://redirect.github.com/astral-sh/ruff/pull/23391">#23391</a>)</li> <li>Use the fully qualified name when "baking" an inlay hint into the source code if the scope already contains a variable with the same name as the unqualified name (<a href="https://redirect.github.com/astral-sh/ruff/pull/23265">#23265</a>)</li> <li>Resolve TypeVars in <code>call_signature_details</code> parameter types (<a href="https://redirect.github.com/astral-sh/ruff/pull/23149">#23149</a>)</li> </ul> <h3>CLI</h3> <ul> <li>Add <code>--output-format</code> to <code>ty version</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/23387">#23387</a>)</li> </ul> <h3>Configuration</h3> <ul> <li>Add <code>replace-imports-with-any</code> option (<a href="https://redirect.github.com/astral-sh/ruff/pull/23122">#23122</a>)</li> <li>Support shellexpand for configuration paths (<a href="https://redirect.github.com/astral-sh/ruff/pull/23274">#23274</a>)</li> </ul> <h3>Type checking</h3> <ul> <li>Add a new diagnostic to detect invalid class patterns in <code>match</code> statements (<a href="https://redirect.github.com/astral-sh/ruff/pull/22939">#22939</a>)</li> <li>Allow <code>Self</code> in <code>ClassVar</code> type annotations (<a href="https://redirect.github.com/astral-sh/ruff/pull/23362">#23362</a>)</li> <li>Consider synthesized methods and <code>ClassVar</code>-qualified declarations when determining whether an abstract method has been overridden in a subclass (<a href="https://redirect.github.com/astral-sh/ruff/pull/23381">#23381</a>)</li> <li>Add a diagnostic when combining <code>Final</code> and <code>ClassVar</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/23365">#23365</a>)</li> <li>Fix return type of <code>assert_never</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/23389">#23389</a>)</li> <li>Fix <code>assert_type</code> diagnostic messages (<a href="https://redirect.github.com/astral-sh/ruff/pull/23342">#23342</a>)</li> <li>Ban PEP-613 type alias values from containing type-qualifier special forms (<a href="https://redirect.github.com/astral-sh/ruff/pull/23444">#23444</a>)</li> <li>Infer <code>LiteralString</code> for <code>f"{literal_str_a} {literal_str_b}"</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/23346">#23346</a>)</li> <li>Infer precise types for bit-shift operations on integer literals (<a href="https://redirect.github.com/astral-sh/ruff/pull/23301">#23301</a>)</li> <li>Make <code>[abstract-method-in-final-class]</code> diagnostics less verbose for classes with many abstract methods (<a href="https://redirect.github.com/astral-sh/ruff/pull/23379">#23379</a>)</li> <li>Improve diagnostics for abstract <code>@final</code> classes (<a href="https://redirect.github.com/astral-sh/ruff/pull/23376">#23376</a>)</li> <li>Only perform literal promotion for implicitly inferred literals (<a href="https://redirect.github.com/astral-sh/ruff/pull/23107">#23107</a>)</li> <li>Parenthesize callable types when they appear in the return annotation of other callable types (<a href="https://redirect.github.com/astral-sh/ruff/pull/23327">#23327</a>)</li> <li>Consider a call to a generic function returning <code>Never</code> to terminate control flow (<a href="https://redirect.github.com/astral-sh/ruff/pull/23419">#23419</a>)</li> <li>Support calls to intersection types (<a href="https://redirect.github.com/astral-sh/ruff/pull/22469">#22469</a>)</li> <li>Validate annotated assignments to attributes on self (<a href="https://redirect.github.com/astral-sh/ruff/pull/23388">#23388</a>)</li> <li>Treat a bytes-literal type as a subtype of <code>Sequence[<constituent integers in the bytestring>]</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/23329">#23329</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/astral-sh/ty/blob/main/CHANGELOG.md">ty's changelog</a>.</em></p> <blockquote> <h2>0.0.18</h2> <p>Released on 2026-02-20.</p> <h3>Bug fixes</h3> <ul> <li>Support classes dynamically created via <code>type(...)</code> with cyclic bases (<a href="https://redirect.github.com/astral-sh/ruff/pull/22792">#22792</a>)</li> <li>Fix incorrect types inferred when unpacking mixed tuples (<a href="https://redirect.github.com/astral-sh/ruff/pull/23437">#23437</a>)</li> <li>Fix stack overflow for self-referential <code>TypeOf</code> in annotations (<a href="https://redirect.github.com/astral-sh/ruff/pull/23407">#23407</a>)</li> <li>Fix several server panics that could occur when computing semantic tokens for the current file (<a href="https://redirect.github.com/astral-sh/ruff/pull/23403">#23403</a>), <a href="https://redirect.github.com/astral-sh/ruff/pull/23398">#23398</a>, <a href="https://redirect.github.com/astral-sh/ruff/pull/23401">#23401</a>)</li> </ul> <h3>LSP server</h3> <ul> <li>Add code folding support (<a href="https://redirect.github.com/astral-sh/ruff/pull/23393">#23393</a>)</li> <li>Add warning message when running <code>ty server</code> interactively (<a href="https://redirect.github.com/astral-sh/ruff/pull/23416">#23416</a>)</li> <li>Exclude test-related symbols from non-first-party packages in auto-import completions (<a href="https://redirect.github.com/astral-sh/ruff/pull/23252">#23252</a>)</li> <li>Fix bug where diagnostics could disappear after opening an external file (<a href="https://redirect.github.com/astral-sh/ruff/pull/23447">#23447</a>)</li> <li>Remove spurious destination for Go-To Definition on variables defined in a loop (<a href="https://redirect.github.com/astral-sh/ruff/pull/23391">#23391</a>)</li> <li>Use the fully qualified name when "baking" an inlay hint into the source code if the scope already contains a variable with the same name as the unqualified name (<a href="https://redirect.github.com/astral-sh/ruff/pull/23265">#23265</a>)</li> <li>Resolve TypeVars in <code>call_signature_details</code> parameter types (<a href="https://redirect.github.com/astral-sh/ruff/pull/23149">#23149</a>)</li> </ul> <h3>CLI</h3> <ul> <li>Add <code>--output-format</code> to <code>ty version</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/23387">#23387</a>)</li> </ul> <h3>Configuration</h3> <ul> <li>Add <code>replace-imports-with-any</code> option (<a href="https://redirect.github.com/astral-sh/ruff/pull/23122">#23122</a>)</li> <li>Support shellexpand for configuration paths (<a href="https://redirect.github.com/astral-sh/ruff/pull/23274">#23274</a>)</li> </ul> <h3>Type checking</h3> <ul> <li>Add a new diagnostic to detect invalid class patterns in <code>match</code> statements (<a href="https://redirect.github.com/astral-sh/ruff/pull/22939">#22939</a>)</li> <li>Allow <code>Self</code> in <code>ClassVar</code> type annotations (<a href="https://redirect.github.com/astral-sh/ruff/pull/23362">#23362</a>)</li> <li>Consider synthesized methods and <code>ClassVar</code>-qualified declarations when determining whether an abstract method has been overridden in a subclass (<a href="https://redirect.github.com/astral-sh/ruff/pull/23381">#23381</a>)</li> <li>Add a diagnostic when combining <code>Final</code> and <code>ClassVar</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/23365">#23365</a>)</li> <li>Fix return type of <code>assert_never</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/23389">#23389</a>)</li> <li>Fix <code>assert_type</code> diagnostic messages (<a href="https://redirect.github.com/astral-sh/ruff/pull/23342">#23342</a>)</li> <li>Ban PEP-613 type alias values from containing type-qualifier special forms (<a href="https://redirect.github.com/astral-sh/ruff/pull/23444">#23444</a>)</li> <li>Infer <code>LiteralString</code> for <code>f"{literal_str_a} {literal_str_b}"</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/23346">#23346</a>)</li> <li>Infer precise types for bit-shift operations on integer literals (<a href="https://redirect.github.com/astral-sh/ruff/pull/23301">#23301</a>)</li> <li>Make <code>[abstract-method-in-final-class]</code> diagnostics less verbose for classes with many abstract methods (<a href="https://redirect.github.com/astral-sh/ruff/pull/23379">#23379</a>)</li> <li>Improve diagnostics for abstract <code>@final</code> classes (<a href="https://redirect.github.com/astral-sh/ruff/pull/23376">#23376</a>)</li> <li>Only perform literal promotion for implicitly inferred literals (<a href="https://redirect.github.com/astral-sh/ruff/pull/23107">#23107</a>)</li> <li>Parenthesize callable types when they appear in the return annotation of other callable types (<a href="https://redirect.github.com/astral-sh/ruff/pull/23327">#23327</a>)</li> <li>Consider a call to a generic function returning <code>Never</code> to terminate control flow (<a href="https://redirect.github.com/astral-sh/ruff/pull/23419">#23419</a>)</li> <li>Support calls to intersection types (<a href="https://redirect.github.com/astral-sh/ruff/pull/22469">#22469</a>)</li> <li>Validate annotated assignments to attributes on self (<a href="https://redirect.github.com/astral-sh/ruff/pull/23388">#23388</a>)</li> <li>Treat a bytes-literal type as a subtype of <code>Sequence[<constituent integers in the bytestring>]</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/23329">#23329</a>)</li> <li>Allow a string-literal argument to match against an <code>Iterable</code> parameter in type variable inference. (<a href="https://redirect.github.com/astral-sh/ruff/pull/23326">#23326</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="`751672710c`"><code>7516727</code></a> Bump version to 0.0.18 (<a href="https://redirect.github.com/astral-sh/ty/issues/2869">#2869</a>)</li> <li><a href="`8e86a5684f`"><code>8e86a56</code></a> Mention code folding on language server feature page</li> <li><a href="`ca49bf9199`"><code>ca49bf9</code></a> Add shellcheck to pre-commit configuration (<a href="https://redirect.github.com/astral-sh/ty/issues/2845">#2845</a>)</li> <li><a href="`532e761e8f`"><code>532e761</code></a> Update PyO3/maturin-action action to v1.50.0 (<a href="https://redirect.github.com/astral-sh/ty/issues/2823">#2823</a>)</li> <li><a href="`0211006eb6`"><code>0211006</code></a> Update prek dependencies (<a href="https://redirect.github.com/astral-sh/ty/issues/2822">#2822</a>)</li> <li><a href="`60ebbfe853`"><code>60ebbfe</code></a> docs: Add beta status notice to README (<a href="https://redirect.github.com/astral-sh/ty/issues/2556">#2556</a>)</li> <li><a href="`31b126a590`"><code>31b126a</code></a> docs: add link for the call hierarchy tracking issue (<a href="https://redirect.github.com/astral-sh/ty/issues/2816">#2816</a>)</li> <li><a href="`8cec857182`"><code>8cec857</code></a> [ty] Bump version to 0.0.17 (<a href="https://redirect.github.com/astral-sh/ty/issues/2806">#2806</a>)</li> <li><a href="`3650f58ffd`"><code>3650f58</code></a> docs: Clarify that nvim-lspconfig is the recommended way of using ty in all v...</li> <li><a href="`55b8ff2055`"><code>55b8ff2</code></a> Add note about fallback behavior to <code>python</code> in <code>PATH</code> (<a href="https://redirect.github.com/astral-sh/ty/issues/2787">#2787</a>)</li> <li>Additional commits viewable in <a href="https://github.com/astral-sh/ty/compare/0.0.9...0.0.18">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ty&package-manager=uv&previous-version=0.0.9&new-version=0.0.18)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-02-26 21:20:22 +01:00
dependabot[bot]	47d35d4bd7	Bump tailwindcss from 4.2.0 to 4.2.1 in /web (#469 ) Bumps [tailwindcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss) from 4.2.0 to 4.2.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tailwindlabs/tailwindcss/releases">tailwindcss's releases</a>.</em></p> <blockquote> <h2>v4.2.1</h2> <h3>Fixed</h3> <ul> <li>Allow trailing dash in functional utility names for backwards compatibility (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19696">#19696</a>)</li> <li>Properly detect classes containing <code>.</code> characters within curly braces in MDX files (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19711">#19711</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md">tailwindcss's changelog</a>.</em></p> <blockquote> <h2>[4.2.1] - 2026-02-23</h2> <h3>Fixed</h3> <ul> <li>Allow trailing dash in functional utility names for backwards compatibility (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19696">#19696</a>)</li> <li>Properly detect classes containing <code>.</code> characters within curly braces in MDX files (<a href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/19711">#19711</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`1dce64ee7e`"><code>1dce64e</code></a> 4.2.1 (<a href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/19714">#19714</a>)</li> <li><a href="`d15d92ca60`"><code>d15d92c</code></a> Allow trailing dash in functional utility names (<a href="https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss/issues/19696">#19696</a>)</li> <li>See full diff in <a href="https://github.com/tailwindlabs/tailwindcss/commits/v4.2.1/packages/tailwindcss">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tailwindcss&package-manager=npm_and_yarn&previous-version=4.2.0&new-version=4.2.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-02-26 21:20:08 +01:00
Juan David Bermudez Celedon	cbd70bd6f3	Fix scoring rules keyword matching (#473 ) Fixs for #460 <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit ## Release Notes * Improvements * Refined keyword matching in indexer queries with case-insensitive, word-boundary-aware search for more accurate results. * Bug Fixes * Corrected torrent URL redirect resolution logic. <!-- end of auto-generated comment: release notes by coderabbit.ai -->	2026-02-26 16:37:29 +01:00
Juan David Bermudez Celedon	d8405fd903	Extend AVOID_CAM scoring rule (#458 ) The base title scoring rule avoid_cam can be extended with more keyword related to low quality videos similar to CAM. \| Type \| Acronyms \| Meaning \| \|-----------\|-------------------------------------------------------------------------\|------------------------------------------------------------------------------------------------------------------------------------------------------------------------\| \| CAM \| CAM<br>CAMRIP<br>HDCAM \| A recording made with a handheld camera in a movie theater. \| \| Screener \| BDSCR<br>DDC<br>DVDSCR<br>DVDSCREENER<br>SCR<br>SCREENER<br>WEBSCREENER \| Screeners are early DVD or BD releases of the theatrical version of a film, typically sent to movie reviewers, academy members and executives for review purposes. \| \| Telecine \| HDTC<br>TC<br>TELECINE \| A digital scan of the film print. \| \| Telesync \| HDTS<br>TELESYNC<br>TS \| Similar to CAM, but the camera is typically placed closer to the projector or on a tripod in the projection booth. Audio is captured directly from the sound system. \| \| TV \| TVRIP \| <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit ## Release Notes * Chores * Improved detection of additional camera-related content format variants through updated filtering rules. <!-- end of auto-generated comment: release notes by coderabbit.ai -->	2026-02-23 23:21:48 +01:00
Maximilian Dorninger	7824891557	Fix qbittorrent category error (#456 ) This PR fixes an error caused by MM trying to set the category save path to None if the string is empty.	2026-02-22 19:51:10 +01:00
Maximilian Dorninger	a643c9426d	remove everything related to requests (#455 ) This PR removes the requests feature. The functionality will be replaced either by Seerr or by reimplementing it in a better way.	2026-02-22 19:46:47 +01:00
GokuPlay609	c2645000e5	fix: improve quality detection regex to match 2160p, UHD, FullHD and other keywords (#450 ) ## What Two-line fix to the quality detection regex in `media_manager/indexer/schemas.py`. UHD pattern: `\b(4k)\b` → `\b(4k\|2160p\|uhd)\b` FullHD pattern: `\b(1080p)\b` → `\b(1080p\|fullhd\|full\s*hd)\b` ## Why The UHD regex only matched the literal keyword `4k`. Torrent titles containing `2160p` or `UHD` (but not `4k`) were classified as `Quality.unknown` (value 5) instead of `Quality.uhd` (value 1). Since sorting uses quality as the primary key, these 4K releases ended up at the bottom of search results. ### Example \| Title \| Before \| After \| \|---\|---\|---\| \| `Movie.2013.4K.HDR.2160p.x265` \| ✅ `Quality.uhd` \| ✅ `Quality.uhd` \| \| `Movie.2013.UHD.BluRay.2160p.HDR10.x265` \| ❌ `Quality.unknown` \| ✅ `Quality.uhd` \| \| `Movie.2013.2160p.WEBRip.DDP5.1.x264` \| ❌ `Quality.unknown` \| ✅ `Quality.uhd` \| All patterns already use `re.IGNORECASE`, so case variants are handled. Fixes #449 --------- Co-authored-by: GokuPlay609 <GokuPlay609@users.noreply.github.com> Co-authored-by: Amp <amp@ampcode.com> Co-authored-by: maxid <97409287+maxdorninger@users.noreply.github.com>	2026-02-22 16:25:36 +01:00
Maximilian Dorninger	b16f2dce92	migrate season files to episode files and drop legacy table (#454 ) This pull request introduces a migration script to transition from storing file information at the season level to the episode level in the database.	2026-02-22 16:25:12 +01:00
natarelli22	d8a0ec66c3	Support for handling Single Episode Torrents (#331 ) Description As explained on #322, MediaManager currently only matches torrents that represent full seasons or season packs. As a result, valid episode-based releases — commonly returned by indexers such as EZTV — are filtered out during scoring and never considered for download. Initial changes to the season parsing logic allow these torrents to be discovered. However, additional changes are required beyond season parsing to properly support single-episode imports. This PR is intended as a work-in-progress / RFC to discuss the required changes and align on the correct approach before completing the implementation. Things planned to do [X] Update Web UI to better display episode-level details [ ] Update TV show import logic to handle single episode files, instead of assuming full season files (to avoid integrity errors when episodes are missing) [ ] Create episode file tables to store episode-level data, similar to season files [ ] Implement fetching and downloading logic for single-episode torrents Notes / current limitations At the moment, the database and import logic assume one file per season per quality, which works for season packs but not for episode-based releases. These changes are intentionally not completed yet and are part of the discussion this PR aims to start. Request for feedback This represents a significant change in how TV content is handled in MediaManager. Before proceeding further, feedback from @maxdorninger on the overall direction and next steps would be greatly appreciated. Once aligned, the remaining tasks can be implemented incrementally. --------- Co-authored-by: Maximilian Dorninger <97409287+maxdorninger@users.noreply.github.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>	2026-02-22 15:21:19 +01:00
Maximilian Dorninger	094d0e4eb7	update logo forgot to update this file	2026-02-21 21:48:37 +01:00
Maximilian Dorninger	4d7f596ffd	Rebrand to new MediaManager logo (#452 ) I made two new logos because the old one wasn't very recognizable at a glance. ![1](https://github.com/user-attachments/assets/cb37a709-e80b-4c97-a4d8-cf9ba0dc1613) ![3](https://github.com/user-attachments/assets/c56ded5c-fe15-4c02-bc20-fe2bff06caf9)	2026-02-21 20:29:16 +01:00
dependabot[bot]	300df14c8c	Bump svelte from 5.51.0 to 5.53.0 in /web in the npm_and_yarn group across 1 directory (#445 ) Bumps the npm_and_yarn group with 1 update in the /web directory: [svelte](https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte). Updates `svelte` from 5.51.0 to 5.53.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sveltejs/svelte/releases">svelte's releases</a>.</em></p> <blockquote> <h2>svelte@5.53.0</h2> <h3>Minor Changes</h3> <ul> <li> <p>feat: allow comments in tags (<a href="https://redirect.github.com/sveltejs/svelte/pull/17671">#17671</a>)</p> </li> <li> <p>feat: allow error boundaries to work on the server (<a href="https://redirect.github.com/sveltejs/svelte/pull/17672">#17672</a>)</p> </li> </ul> <h3>Patch Changes</h3> <ul> <li> <p>fix: use TrustedHTML to test for customizable <!-- raw HTML omitted --> support, where necessary (<a href="https://redirect.github.com/sveltejs/svelte/pull/17743">#17743</a>)</p> </li> <li> <p>fix: ensure head effects are kept in the effect tree (<a href="https://redirect.github.com/sveltejs/svelte/pull/17746">#17746</a>)</p> </li> <li> <p>chore: deactivate current_batch by default in unset_context (<a href="https://redirect.github.com/sveltejs/svelte/pull/17738">#17738</a>)</p> </li> </ul> <h2>svelte@5.52.0</h2> <h3>Minor Changes</h3> <ul> <li>feat: support TrustedHTML in <code>{@html}</code> expressions (<a href="https://redirect.github.com/sveltejs/svelte/pull/17701">#17701</a>)</li> </ul> <h3>Patch Changes</h3> <ul> <li> <p>fix: repair dynamic component truthy/falsy hydration mismatches (<a href="https://redirect.github.com/sveltejs/svelte/pull/17737">#17737</a>)</p> </li> <li> <p>fix: re-run non-render-bound deriveds on the server (<a href="https://redirect.github.com/sveltejs/svelte/pull/17674">#17674</a>)</p> </li> </ul> <h2>svelte@5.51.5</h2> <h3>Patch Changes</h3> <ul> <li> <p>fix: check to make sure <code>svelte:element</code> tags are valid during SSR (<a href="`73098bb26c`"><code>73098bb26c6f06e7fd1b0746d817d2c5ee90755f</code></a>)</p> </li> <li> <p>fix: misc option escaping and backwards compatibility (<a href="https://redirect.github.com/sveltejs/svelte/pull/17741">#17741</a>)</p> </li> <li> <p>fix: strip event handlers during SSR (<a href="`a0c7f28915`"><code>a0c7f289156e9fafaeaf5ca14af6c06fe9b9eae5</code></a>)</p> </li> <li> <p>fix: replace usage of <code>for in</code> with <code>for of Object.keys</code> (<a href="`f89c7ddd7e`"><code>f89c7ddd7eebaa1ef3cc540400bec2c9140b330c</code></a>)</p> </li> <li> <p>fix: always escape option body in SSR (<a href="`f7c80da18c`"><code>f7c80da18c215e3727c2a611b0b8744cc6e504c5</code></a>)</p> </li> <li> <p>chore: upgrade <code>devalue</code> (<a href="https://redirect.github.com/sveltejs/svelte/pull/17739">#17739</a>)</p> </li> </ul> <h2>svelte@5.51.4</h2> <h3>Patch Changes</h3> <ul> <li> <p>chore: proactively defer effects in pending boundary (<a href="https://redirect.github.com/sveltejs/svelte/pull/17734">#17734</a>)</p> </li> <li> <p>fix: detect and error on non-idempotent each block keys in dev mode (<a href="https://redirect.github.com/sveltejs/svelte/pull/17732">#17732</a>)</p> </li> </ul> <h2>svelte@5.51.3</h2> <h3>Patch Changes</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/sveltejs/svelte/blob/main/packages/svelte/CHANGELOG.md">svelte's changelog</a>.</em></p> <blockquote> <h2>5.53.0</h2> <h3>Minor Changes</h3> <ul> <li> <p>feat: allow comments in tags (<a href="https://redirect.github.com/sveltejs/svelte/pull/17671">#17671</a>)</p> </li> <li> <p>feat: allow error boundaries to work on the server (<a href="https://redirect.github.com/sveltejs/svelte/pull/17672">#17672</a>)</p> </li> </ul> <h3>Patch Changes</h3> <ul> <li> <p>fix: use TrustedHTML to test for customizable <code><select></code> support, where necessary (<a href="https://redirect.github.com/sveltejs/svelte/pull/17743">#17743</a>)</p> </li> <li> <p>fix: ensure head effects are kept in the effect tree (<a href="https://redirect.github.com/sveltejs/svelte/pull/17746">#17746</a>)</p> </li> <li> <p>chore: deactivate current_batch by default in unset_context (<a href="https://redirect.github.com/sveltejs/svelte/pull/17738">#17738</a>)</p> </li> </ul> <h2>5.52.0</h2> <h3>Minor Changes</h3> <ul> <li>feat: support TrustedHTML in <code>{@html}</code> expressions (<a href="https://redirect.github.com/sveltejs/svelte/pull/17701">#17701</a>)</li> </ul> <h3>Patch Changes</h3> <ul> <li> <p>fix: repair dynamic component truthy/falsy hydration mismatches (<a href="https://redirect.github.com/sveltejs/svelte/pull/17737">#17737</a>)</p> </li> <li> <p>fix: re-run non-render-bound deriveds on the server (<a href="https://redirect.github.com/sveltejs/svelte/pull/17674">#17674</a>)</p> </li> </ul> <h2>5.51.5</h2> <h3>Patch Changes</h3> <ul> <li> <p>fix: check to make sure <code>svelte:element</code> tags are valid during SSR (<a href="`73098bb26c`"><code>73098bb26c6f06e7fd1b0746d817d2c5ee90755f</code></a>)</p> </li> <li> <p>fix: misc option escaping and backwards compatibility (<a href="https://redirect.github.com/sveltejs/svelte/pull/17741">#17741</a>)</p> </li> <li> <p>fix: strip event handlers during SSR (<a href="`a0c7f28915`"><code>a0c7f289156e9fafaeaf5ca14af6c06fe9b9eae5</code></a>)</p> </li> <li> <p>fix: replace usage of <code>for in</code> with <code>for of Object.keys</code> (<a href="`f89c7ddd7e`"><code>f89c7ddd7eebaa1ef3cc540400bec2c9140b330c</code></a>)</p> </li> <li> <p>fix: always escape option body in SSR (<a href="`f7c80da18c`"><code>f7c80da18c215e3727c2a611b0b8744cc6e504c5</code></a>)</p> </li> <li> <p>chore: upgrade <code>devalue</code> (<a href="https://redirect.github.com/sveltejs/svelte/pull/17739">#17739</a>)</p> </li> </ul> <h2>5.51.4</h2> <h3>Patch Changes</h3> <ul> <li>chore: proactively defer effects in pending boundary (<a href="https://redirect.github.com/sveltejs/svelte/pull/17734">#17734</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="`c2fc95a467`"><code>c2fc95a</code></a> Version Packages (<a href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17747">#17747</a>)</li> <li><a href="`92e2fc1209`"><code>92e2fc1</code></a> feat: allow comments in tags (<a href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17671">#17671</a>)</li> <li><a href="`2661513cd3`"><code>2661513</code></a> feat: allow error boundaries to work on the server (<a href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17672">#17672</a>)</li> <li><a href="`582e4443dc`"><code>582e444</code></a> fix: ensure head effects are kept in the effect tree (<a href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17746">#17746</a>)</li> <li><a href="`f8bf9bb461`"><code>f8bf9bb</code></a> chore: deactivate current_batch by default in unset_context (<a href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17738">#17738</a>)</li> <li><a href="`696d97ff3e`"><code>696d97f</code></a> fix: use TrustedHTML to test for customizable <select> support, where necessa...</li> <li><a href="`cbf4e246fc`"><code>cbf4e24</code></a> Version Packages (<a href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17742">#17742</a>)</li> <li><a href="`09c4cb5084`"><code>09c4cb5</code></a> fix: re-run non-render-bound deriveds on the server (<a href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17674">#17674</a>)</li> <li><a href="`be24b0dca7`"><code>be24b0d</code></a> feat: support TrustedHTML in {<a href="https://github.com/html"><code>@html</code></a>} expressions (<a href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17701">#17701</a>)</li> <li><a href="`9f48e7620f`"><code>9f48e76</code></a> fix: repair dynamic component truthy/falsy hydration mismatches (<a href="https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17737">#17737</a>)</li> <li>Additional commits viewable in <a href="https://github.com/sveltejs/svelte/commits/svelte@5.53.0/packages/svelte">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=svelte&package-manager=npm_and_yarn&previous-version=5.51.0&new-version=5.53.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/maxdorninger/MediaManager/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-02-20 18:08:06 +01:00
dependabot[bot]	2f102d6c5d	Bump the uv group across 1 directory with 2 updates (#446 ) Bumps the uv group with 2 updates in the /metadata_relay directory: [python-multipart](https://github.com/Kludex/python-multipart) and [urllib3](https://github.com/urllib3/urllib3). Updates `python-multipart` from 0.0.21 to 0.0.22 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/Kludex/python-multipart/releases">python-multipart's releases</a>.</em></p> <blockquote> <h2>Version 0.0.22</h2> <h2>What's Changed</h2> <ul> <li>Drop directory path from filename in <code>File</code> <a href="`9433f4bbc9`">9433f4b</a>.</li> </ul> <hr /> <p><strong>Full Changelog</strong>: <a href="https://github.com/Kludex/python-multipart/compare/0.0.21...0.0.22">https://github.com/Kludex/python-multipart/compare/0.0.21...0.0.22</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Kludex/python-multipart/blob/master/CHANGELOG.md">python-multipart's changelog</a>.</em></p> <blockquote> <h2>0.0.22 (2026-01-25)</h2> <ul> <li>Drop directory path from filename in <code>File</code> <a href="`9433f4bbc9`">9433f4b</a>.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`bea7bbb290`"><code>bea7bbb</code></a> Version 0.0.22 (<a href="https://redirect.github.com/Kludex/python-multipart/issues/222">#222</a>)</li> <li><a href="`0fb59a9df0`"><code>0fb59a9</code></a> chore: add return type on test (<a href="https://redirect.github.com/Kludex/python-multipart/issues/221">#221</a>)</li> <li><a href="`9433f4bbc9`"><code>9433f4b</code></a> Merge commit from fork</li> <li><a href="`d5c91ecb0a`"><code>d5c91ec</code></a> Bump the github-actions group with 2 updates (<a href="https://redirect.github.com/Kludex/python-multipart/issues/219">#219</a>)</li> <li><a href="`5a90631b48`"><code>5a90631</code></a> bump uv (<a href="https://redirect.github.com/Kludex/python-multipart/issues/218">#218</a>)</li> <li>See full diff in <a href="https://github.com/Kludex/python-multipart/compare/0.0.21...0.0.22">compare view</a></li> </ul> </details> <br /> Updates `urllib3` from 2.6.2 to 2.6.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/releases">urllib3's releases</a>.</em></p> <blockquote> <h2>2.6.3</h2> <h2>🚀 urllib3 is fundraising for HTTP/2 support</h2> <p><a href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3 is raising ~$40,000 USD</a> to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects <a href="https://opencollective.com/urllib3">please consider contributing financially</a> to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.</p> <p>Thank you for your support.</p> <h2>Changes</h2> <ul> <li>Fixed a security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were followed. (CVE-2026-21441 reported by <a href="https://github.com/D47A"><code>@D47A</code></a>, 8.9 High, GHSA-38jv-5279-wg99)</li> <li>Started treating <code>Retry-After</code> times greater than 6 hours as 6 hours by default. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3743">urllib3/urllib3#3743</a>)</li> <li>Fixed <code>urllib3.connection.VerifiedHTTPSConnection</code> on Emscripten. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3752">urllib3/urllib3#3752</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's changelog</a>.</em></p> <blockquote> <h1>2.6.3 (2026-01-07)</h1> <ul> <li>Fixed a high-severity security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were followed. (<code>GHSA-38jv-5279-wg99 <https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99></code>__)</li> <li>Started treating <code>Retry-After</code> times greater than 6 hours as 6 hours by default. (<code>[#3743](https://github.com/urllib3/urllib3/issues/3743) <https://github.com/urllib3/urllib3/issues/3743></code>__)</li> <li>Fixed <code>urllib3.connection.VerifiedHTTPSConnection</code> on Emscripten. (<code>[#3752](https://github.com/urllib3/urllib3/issues/3752) <https://github.com/urllib3/urllib3/issues/3752></code>__)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`0248277dd7`"><code>0248277</code></a> Release 2.6.3</li> <li><a href="`8864ac407b`"><code>8864ac4</code></a> Merge commit from fork</li> <li><a href="`70cecb27ca`"><code>70cecb2</code></a> Fix Scorecard issues related to vulnerable dev dependencies (<a href="https://redirect.github.com/urllib3/urllib3/issues/3755">#3755</a>)</li> <li><a href="`41f249abe1`"><code>41f249a</code></a> Move "v2.0 Migration Guide" to the end of the table of contents (<a href="https://redirect.github.com/urllib3/urllib3/issues/3747">#3747</a>)</li> <li><a href="`fd4dffd2fc`"><code>fd4dffd</code></a> Patch <code>VerifiedHTTPSConnection</code> for Emscripten (<a href="https://redirect.github.com/urllib3/urllib3/issues/3752">#3752</a>)</li> <li><a href="`13f0bfd55e`"><code>13f0bfd</code></a> Handle massive values in Retry-After when calculating time to sleep for (<a href="https://redirect.github.com/urllib3/urllib3/issues/3743">#3743</a>)</li> <li><a href="`8c480bf87b`"><code>8c480bf</code></a> Bump actions/upload-artifact from 5.0.0 to 6.0.0 (<a href="https://redirect.github.com/urllib3/urllib3/issues/3748">#3748</a>)</li> <li><a href="`4b40616e95`"><code>4b40616</code></a> Bump actions/cache from 4.3.0 to 5.0.1 (<a href="https://redirect.github.com/urllib3/urllib3/issues/3750">#3750</a>)</li> <li><a href="`82b8479663`"><code>82b8479</code></a> Bump actions/download-artifact from 6.0.0 to 7.0.0 (<a href="https://redirect.github.com/urllib3/urllib3/issues/3749">#3749</a>)</li> <li><a href="`34284cb017`"><code>34284cb</code></a> Mention experimental features in the security policy (<a href="https://redirect.github.com/urllib3/urllib3/issues/3746">#3746</a>)</li> <li>Additional commits viewable in <a href="https://github.com/urllib3/urllib3/compare/2.6.2...2.6.3">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/maxdorninger/MediaManager/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-02-20 18:07:53 +01:00
dependabot[bot]	3e696c463c	Bump the uv group across 1 directory with 3 updates (#448 ) Bumps the uv group with 3 updates in the / directory: [cryptography](https://github.com/pyca/cryptography), [python-multipart](https://github.com/Kludex/python-multipart) and [urllib3](https://github.com/urllib3/urllib3). Updates `cryptography` from 46.0.3 to 46.0.5 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst">cryptography's changelog</a>.</em></p> <blockquote> <p>46.0.5 - 2026-02-10</p> <pre><code> * An attacker could create a malicious public key that reveals portions of your private key when using certain uncommon elliptic curves (binary curves). This version now includes additional security checks to prevent this attack. This issue only affects binary elliptic curves, which are rarely used in real-world applications. Credit to XlabAI Team of Tencent Xuanwu Lab and Atuin Automated Vulnerability Discovery Engine for reporting the issue. CVE-2026-26007 * Support for ``SECT*`` binary elliptic curves is deprecated and will be removed in the next release. <p>.. v46-0-4:</p> <p>46.0.4 - 2026-01-27<br /> </code></pre></p> <ul> <li><code>Dropped support for win_arm64 wheels</code>_.</li> <li>Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.5.</li> </ul> <p>.. _v46-0-3:</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`06e120e682`"><code>06e120e</code></a> bump version for 46.0.5 release (<a href="https://redirect.github.com/pyca/cryptography/issues/14289">#14289</a>)</li> <li><a href="`0eebb9dbb6`"><code>0eebb9d</code></a> EC check key on cofactor > 1 (<a href="https://redirect.github.com/pyca/cryptography/issues/14287">#14287</a>)</li> <li><a href="`bedf6e186b`"><code>bedf6e1</code></a> fix openssl version on 46 branch (<a href="https://redirect.github.com/pyca/cryptography/issues/14220">#14220</a>)</li> <li><a href="`e6f44fc8e6`"><code>e6f44fc</code></a> bump for 46.0.4 and drop win arm64 due to CI issues (<a href="https://redirect.github.com/pyca/cryptography/issues/14217">#14217</a>)</li> <li>See full diff in <a href="https://github.com/pyca/cryptography/compare/46.0.3...46.0.5">compare view</a></li> </ul> </details> <br /> Updates `python-multipart` from 0.0.21 to 0.0.22 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/Kludex/python-multipart/releases">python-multipart's releases</a>.</em></p> <blockquote> <h2>Version 0.0.22</h2> <h2>What's Changed</h2> <ul> <li>Drop directory path from filename in <code>File</code> <a href="`9433f4bbc9`">9433f4b</a>.</li> </ul> <hr /> <p><strong>Full Changelog</strong>: <a href="https://github.com/Kludex/python-multipart/compare/0.0.21...0.0.22">https://github.com/Kludex/python-multipart/compare/0.0.21...0.0.22</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Kludex/python-multipart/blob/master/CHANGELOG.md">python-multipart's changelog</a>.</em></p> <blockquote> <h2>0.0.22 (2026-01-25)</h2> <ul> <li>Drop directory path from filename in <code>File</code> <a href="`9433f4bbc9`">9433f4b</a>.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`bea7bbb290`"><code>bea7bbb</code></a> Version 0.0.22 (<a href="https://redirect.github.com/Kludex/python-multipart/issues/222">#222</a>)</li> <li><a href="`0fb59a9df0`"><code>0fb59a9</code></a> chore: add return type on test (<a href="https://redirect.github.com/Kludex/python-multipart/issues/221">#221</a>)</li> <li><a href="`9433f4bbc9`"><code>9433f4b</code></a> Merge commit from fork</li> <li><a href="`d5c91ecb0a`"><code>d5c91ec</code></a> Bump the github-actions group with 2 updates (<a href="https://redirect.github.com/Kludex/python-multipart/issues/219">#219</a>)</li> <li><a href="`5a90631b48`"><code>5a90631</code></a> bump uv (<a href="https://redirect.github.com/Kludex/python-multipart/issues/218">#218</a>)</li> <li>See full diff in <a href="https://github.com/Kludex/python-multipart/compare/0.0.21...0.0.22">compare view</a></li> </ul> </details> <br /> Updates `urllib3` from 2.6.2 to 2.6.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/releases">urllib3's releases</a>.</em></p> <blockquote> <h2>2.6.3</h2> <h2>🚀 urllib3 is fundraising for HTTP/2 support</h2> <p><a href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3 is raising ~$40,000 USD</a> to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects <a href="https://opencollective.com/urllib3">please consider contributing financially</a> to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.</p> <p>Thank you for your support.</p> <h2>Changes</h2> <ul> <li>Fixed a security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were followed. (CVE-2026-21441 reported by <a href="https://github.com/D47A"><code>@D47A</code></a>, 8.9 High, GHSA-38jv-5279-wg99)</li> <li>Started treating <code>Retry-After</code> times greater than 6 hours as 6 hours by default. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3743">urllib3/urllib3#3743</a>)</li> <li>Fixed <code>urllib3.connection.VerifiedHTTPSConnection</code> on Emscripten. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3752">urllib3/urllib3#3752</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's changelog</a>.</em></p> <blockquote> <h1>2.6.3 (2026-01-07)</h1> <ul> <li>Fixed a high-severity security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were followed. (<code>GHSA-38jv-5279-wg99 <https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99></code>__)</li> <li>Started treating <code>Retry-After</code> times greater than 6 hours as 6 hours by default. (<code>[#3743](https://github.com/urllib3/urllib3/issues/3743) <https://github.com/urllib3/urllib3/issues/3743></code>__)</li> <li>Fixed <code>urllib3.connection.VerifiedHTTPSConnection</code> on Emscripten. (<code>[#3752](https://github.com/urllib3/urllib3/issues/3752) <https://github.com/urllib3/urllib3/issues/3752></code>__)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`0248277dd7`"><code>0248277</code></a> Release 2.6.3</li> <li><a href="`8864ac407b`"><code>8864ac4</code></a> Merge commit from fork</li> <li><a href="`70cecb27ca`"><code>70cecb2</code></a> Fix Scorecard issues related to vulnerable dev dependencies (<a href="https://redirect.github.com/urllib3/urllib3/issues/3755">#3755</a>)</li> <li><a href="`41f249abe1`"><code>41f249a</code></a> Move "v2.0 Migration Guide" to the end of the table of contents (<a href="https://redirect.github.com/urllib3/urllib3/issues/3747">#3747</a>)</li> <li><a href="`fd4dffd2fc`"><code>fd4dffd</code></a> Patch <code>VerifiedHTTPSConnection</code> for Emscripten (<a href="https://redirect.github.com/urllib3/urllib3/issues/3752">#3752</a>)</li> <li><a href="`13f0bfd55e`"><code>13f0bfd</code></a> Handle massive values in Retry-After when calculating time to sleep for (<a href="https://redirect.github.com/urllib3/urllib3/issues/3743">#3743</a>)</li> <li><a href="`8c480bf87b`"><code>8c480bf</code></a> Bump actions/upload-artifact from 5.0.0 to 6.0.0 (<a href="https://redirect.github.com/urllib3/urllib3/issues/3748">#3748</a>)</li> <li><a href="`4b40616e95`"><code>4b40616</code></a> Bump actions/cache from 4.3.0 to 5.0.1 (<a href="https://redirect.github.com/urllib3/urllib3/issues/3750">#3750</a>)</li> <li><a href="`82b8479663`"><code>82b8479</code></a> Bump actions/download-artifact from 6.0.0 to 7.0.0 (<a href="https://redirect.github.com/urllib3/urllib3/issues/3749">#3749</a>)</li> <li><a href="`34284cb017`"><code>34284cb</code></a> Mention experimental features in the security policy (<a href="https://redirect.github.com/urllib3/urllib3/issues/3746">#3746</a>)</li> <li>Additional commits viewable in <a href="https://github.com/urllib3/urllib3/compare/2.6.2...2.6.3">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/maxdorninger/MediaManager/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-02-20 18:07:39 +01:00
dependabot[bot]	5adb88f9e0	Bump pillow from 12.1.0 to 12.1.1 (#443 ) Bumps [pillow](https://github.com/python-pillow/Pillow) from 12.1.0 to 12.1.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/python-pillow/Pillow/releases">pillow's releases</a>.</em></p> <blockquote> <h2>12.1.1</h2> <p><a href="https://pillow.readthedocs.io/en/stable/releasenotes/12.1.1.html">https://pillow.readthedocs.io/en/stable/releasenotes/12.1.1.html</a></p> <h2>Dependencies</h2> <ul> <li>Patch libavif for svt-av1 4.0 compatibility <a href="https://redirect.github.com/python-pillow/Pillow/issues/9413">#9413</a> [<a href="https://github.com/hugovk"><code>@hugovk</code></a>]</li> </ul> <h2>Other changes</h2> <ul> <li>Fix OOB Write with invalid tile extents <a href="https://redirect.github.com/python-pillow/Pillow/issues/9427">#9427</a> [<a href="https://github.com/radarhere"><code>@radarhere</code></a>]</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`5158d98c80`"><code>5158d98</code></a> 12.1.1 version bump</li> <li><a href="`9000313cc5`"><code>9000313</code></a> Fix OOB Write with invalid tile extents (<a href="https://redirect.github.com/python-pillow/Pillow/issues/9427">#9427</a>)</li> <li><a href="`cd0111849f`"><code>cd01118</code></a> Patch libavif for svt-av1 4.0 compatibility</li> <li>See full diff in <a href="https://github.com/python-pillow/Pillow/compare/12.1.0...12.1.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pillow&package-manager=uv&previous-version=12.1.0&new-version=12.1.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-02-20 17:35:11 +01:00
dependabot[bot]	eb277dddac	Bump sveltekit-superforms from 2.28.1 to 2.29.1 in /web (#442 ) Bumps [sveltekit-superforms](https://github.com/ciscoheat/sveltekit-superforms) from 2.28.1 to 2.29.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/ciscoheat/sveltekit-superforms/releases">sveltekit-superforms's releases</a>.</em></p> <blockquote> <h2>v2.29.1</h2> <h3>Fixed</h3> <ul> <li>Fixed TypeScript type inference for discriminated unions in <code>ValidationErrors</code>. <a href="https://redirect.github.com/ciscoheat/sveltekit-superforms/issues/653">#653</a></li> <li>Fixed FormData parsing for discriminated unions, so they work properly without requiring <code>dataType: 'json'</code>. <a href="https://redirect.github.com/ciscoheat/sveltekit-superforms/issues/655">#655</a></li> <li><code>reset()</code> function didn't preserve tainted state for fields that are not being reset when using partial data. <a href="https://redirect.github.com/ciscoheat/sveltekit-superforms/issues/656">#656</a></li> <li>Fixed FormData parsing incorrectly coercing empty strings to literal values (e.g., <code>z.literal("bar")</code>). Empty strings now properly fail validation instead of being replaced with the literal value. <a href="https://redirect.github.com/ciscoheat/sveltekit-superforms/issues/664">#664</a></li> <li>Fixed <code>ReferenceError</code> when using <code>customValidity</code> with <code>validateForm({ update: true })</code>. <a href="https://redirect.github.com/ciscoheat/sveltekit-superforms/issues/669">#669</a></li> </ul> <h3>Changed</h3> <ul> <li>Replaced deprecated <code>@finom/zod-to-json-schema</code> with <code>zod-v3-to-json-schema</code>. <a href="https://redirect.github.com/ciscoheat/sveltekit-superforms/pull/660">#660</a></li> <li>Migrated Valibot adapter to use the official <code>@valibot/to-json-schema</code> package. <a href="https://redirect.github.com/ciscoheat/sveltekit-superforms/pull/668">#668</a></li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/ciscoheat/sveltekit-superforms/blob/main/CHANGELOG.md">sveltekit-superforms's changelog</a>.</em></p> <blockquote> <h2>[2.29.1] - 2025-12-16</h2> <h3>Fixed</h3> <ul> <li>Fixed TypeScript type inference for discriminated unions in <code>ValidationErrors</code>. <a href="https://redirect.github.com/ciscoheat/sveltekit-superforms/issues/653">#653</a></li> <li>Fixed FormData parsing for discriminated unions, so they work properly without requiring <code>dataType: 'json'</code>. <a href="https://redirect.github.com/ciscoheat/sveltekit-superforms/issues/655">#655</a></li> <li><code>reset()</code> function didn't preserve tainted state for fields that are not being reset when using partial data. <a href="https://redirect.github.com/ciscoheat/sveltekit-superforms/issues/656">#656</a></li> <li>Fixed FormData parsing incorrectly coercing empty strings to literal values (e.g., <code>z.literal("bar")</code>). Empty strings now properly fail validation instead of being replaced with the literal value. <a href="https://redirect.github.com/ciscoheat/sveltekit-superforms/issues/664">#664</a></li> <li>Fixed <code>ReferenceError</code> when using <code>customValidity</code> with <code>validateForm({ update: true })</code>. <a href="https://redirect.github.com/ciscoheat/sveltekit-superforms/issues/669">#669</a></li> </ul> <h3>Changed</h3> <ul> <li>Replaced deprecated <code>@finom/zod-to-json-schema</code> with <code>zod-v3-to-json-schema</code>. <a href="https://redirect.github.com/ciscoheat/sveltekit-superforms/pull/660">#660</a></li> <li>Migrated Valibot adapter to use the official <code>@valibot/to-json-schema</code> package. <a href="https://redirect.github.com/ciscoheat/sveltekit-superforms/pull/668">#668</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`22319df44e`"><code>22319df</code></a> 2.29.1 changelog</li> <li><a href="`c1b44308a8`"><code>c1b4430</code></a> 2.29.1</li> <li><a href="`9408124dc9`"><code>9408124</code></a> Incorrect dependency fix</li> <li><a href="`887aeb6238`"><code>887aeb6</code></a> 2.29.0</li> <li><a href="`ce701fb6fc`"><code>ce701fb</code></a> 2.29.0 changelog</li> <li><a href="`58b41b1e84`"><code>58b41b1</code></a> Linter</li> <li><a href="`fbbdb90ae7`"><code>fbbdb90</code></a> Fixed build warning</li> <li><a href="`44a40c6b13`"><code>44a40c6</code></a> Fixed SvelteKit reference warnings</li> <li><a href="`12bb4d5c32`"><code>12bb4d5</code></a> Using pnpm 10 for build</li> <li><a href="`f7c87d8898`"><code>f7c87d8</code></a> Package updates</li> <li>Additional commits viewable in <a href="https://github.com/ciscoheat/sveltekit-superforms/compare/v2.28.1...v2.29.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sveltekit-superforms&package-manager=npm_and_yarn&previous-version=2.28.1&new-version=2.29.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-02-20 17:35:00 +01:00
dependabot[bot]	516d562bd8	Bump uvicorn from 0.40.0 to 0.41.0 (#441 ) Bumps [uvicorn](https://github.com/Kludex/uvicorn) from 0.40.0 to 0.41.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/Kludex/uvicorn/releases">uvicorn's releases</a>.</em></p> <blockquote> <h2>Version 0.41.0</h2> <h2>Added</h2> <ul> <li>Add <code>--limit-max-requests-jitter</code> to stagger worker restarts (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2707">#2707</a>)</li> <li>Add socket path to <code>scope["server"]</code> (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2561">#2561</a>)</li> </ul> <h2>Changed</h2> <ul> <li>Rename <code>LifespanOn.error_occured</code> to <code>error_occurred</code> (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2776">#2776</a>)</li> </ul> <h2>Fixed</h2> <ul> <li>Ignore permission denied errors in watchfiles reloader (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2817">#2817</a>)</li> <li>Ensure lifespan shutdown runs when <code>should_exit</code> is set during startup (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2812">#2812</a>)</li> <li>Reduce the log level of 'request limit exceeded' messages (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2788">#2788</a>)</li> </ul> <hr /> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/t-kawasumi"><code>@t-kawasumi</code></a> made their first contribution in <a href="https://redirect.github.com/Kludex/uvicorn/pull/2776">Kludex/uvicorn#2776</a></li> <li><a href="https://github.com/fardyn"><code>@fardyn</code></a> made their first contribution in <a href="https://redirect.github.com/Kludex/uvicorn/pull/2800">Kludex/uvicorn#2800</a></li> <li><a href="https://github.com/ewie"><code>@ewie</code></a> made their first contribution in <a href="https://redirect.github.com/Kludex/uvicorn/pull/2807">Kludex/uvicorn#2807</a></li> <li><a href="https://github.com/shevron"><code>@shevron</code></a> made their first contribution in <a href="https://redirect.github.com/Kludex/uvicorn/pull/2788">Kludex/uvicorn#2788</a></li> <li><a href="https://github.com/jonashaag"><code>@jonashaag</code></a> made their first contribution in <a href="https://redirect.github.com/Kludex/uvicorn/pull/2707">Kludex/uvicorn#2707</a></li> </ul> <hr /> <p><strong>Full Changelog</strong>: <a href="https://github.com/Kludex/uvicorn/compare/0.40.0...0.41.0">https://github.com/Kludex/uvicorn/compare/0.40.0...0.41.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Kludex/uvicorn/blob/main/docs/release-notes.md">uvicorn's changelog</a>.</em></p> <blockquote> <h2>0.41.0 (February 16, 2026)</h2> <h3>Added</h3> <ul> <li>Add <code>--limit-max-requests-jitter</code> to stagger worker restarts (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2707">#2707</a>)</li> <li>Add socket path to <code>scope["server"]</code> (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2561">#2561</a>)</li> </ul> <h3>Changed</h3> <ul> <li>Rename <code>LifespanOn.error_occured</code> to <code>error_occurred</code> (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2776">#2776</a>)</li> </ul> <h3>Fixed</h3> <ul> <li>Ignore permission denied errors in watchfiles reloader (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2817">#2817</a>)</li> <li>Ensure lifespan shutdown runs when <code>should_exit</code> is set during startup (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2812">#2812</a>)</li> <li>Reduce the log level of 'request limit exceeded' messages (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2788">#2788</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`9283c0f15c`"><code>9283c0f</code></a> Version 0.41.0 (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2821">#2821</a>)</li> <li><a href="`a01a33eb8f`"><code>a01a33e</code></a> Add <code>--limit-max-requests-jitter</code> to stagger worker restarts (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2707">#2707</a>)</li> <li><a href="`2ce65bde15`"><code>2ce65bd</code></a> Ignore permission denied errors in watchfiles reloader (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2817">#2817</a>)</li> <li><a href="`654f2ed7d7`"><code>654f2ed</code></a> Ensure lifespan shutdown runs when <code>should_exit</code> is set during startup (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2812">#2812</a>)</li> <li><a href="`a03d9f6f0e`"><code>a03d9f6</code></a> Reduce the log level of 'request limit exceeded' messages (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2788">#2788</a>)</li> <li><a href="`e377de40d0`"><code>e377de4</code></a> Add socket path to scope["server"] (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2561">#2561</a>)</li> <li><a href="`0779f7f8a4`"><code>0779f7f</code></a> Poll for readiness in <code>test_multiprocess_health_check</code> and <code>run_server</code> (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2816">#2816</a>)</li> <li><a href="`7e9ce2c974`"><code>7e9ce2c</code></a> Poll for PID changes in <code>test_multiprocess_sighup</code> instead of fixed sleep (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2">#2</a>...</li> <li><a href="`99f0d8734d`"><code>99f0d87</code></a> Fix grep warning in scripts/sync-version (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2807">#2807</a>)</li> <li><a href="`7ae2e6375a`"><code>7ae2e63</code></a> chore(deps): bump the python-packages group with 18 updates (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2801">#2801</a>)</li> <li>Additional commits viewable in <a href="https://github.com/Kludex/uvicorn/compare/0.40.0...0.41.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=uvicorn&package-manager=uv&previous-version=0.40.0&new-version=0.41.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-02-20 17:34:48 +01:00
dependabot[bot]	dea75841b2	Bump lucide-svelte from 0.564.0 to 0.574.0 in /web (#439 ) Bumps [lucide-svelte](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-svelte) from 0.564.0 to 0.574.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/lucide-icons/lucide/releases">lucide-svelte's releases</a>.</em></p> <blockquote> <h2>Version 0.574.0</h2> <h2>What's Changed</h2> <ul> <li>fix(icons): changed <code>rocking-chair</code> icon by <a href="https://github.com/jamiemlaw"><code>@jamiemlaw</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/3445">lucide-icons/lucide#3445</a></li> <li>fix(icons): flipped <code>coins</code> icon by <a href="https://github.com/jguddas"><code>@jguddas</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/3158">lucide-icons/lucide#3158</a></li> <li>feat(icons): added <code>x-line-top</code> icon by <a href="https://github.com/jguddas"><code>@jguddas</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/2838">lucide-icons/lucide#2838</a></li> <li>feat(icons): added <code>mouse-left</code> icon by <a href="https://github.com/marvfash"><code>@marvfash</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/2788">lucide-icons/lucide#2788</a></li> <li>feat(icons): added <code>mouse-right</code> icon by <a href="https://github.com/marvfash"><code>@marvfash</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/2787">lucide-icons/lucide#2787</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/marvfash"><code>@marvfash</code></a> made their first contribution in <a href="https://redirect.github.com/lucide-icons/lucide/pull/2788">lucide-icons/lucide#2788</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/lucide-icons/lucide/compare/0.572.0...0.574.0">https://github.com/lucide-icons/lucide/compare/0.572.0...0.574.0</a></p> <h2>Version 0.573.0</h2> <h2>What's Changed</h2> <ul> <li>fix(icons): changed <code>rocking-chair</code> icon by <a href="https://github.com/jamiemlaw"><code>@jamiemlaw</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/3445">lucide-icons/lucide#3445</a></li> <li>fix(icons): flipped <code>coins</code> icon by <a href="https://github.com/jguddas"><code>@jguddas</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/3158">lucide-icons/lucide#3158</a></li> <li>feat(icons): added <code>x-line-top</code> icon by <a href="https://github.com/jguddas"><code>@jguddas</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/2838">lucide-icons/lucide#2838</a></li> <li>feat(icons): added <code>mouse-left</code> icon by <a href="https://github.com/marvfash"><code>@marvfash</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/2788">lucide-icons/lucide#2788</a></li> <li>feat(icons): added <code>mouse-right</code> icon by <a href="https://github.com/marvfash"><code>@marvfash</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/2787">lucide-icons/lucide#2787</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/marvfash"><code>@marvfash</code></a> made their first contribution in <a href="https://redirect.github.com/lucide-icons/lucide/pull/2788">lucide-icons/lucide#2788</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/lucide-icons/lucide/compare/0.572.0...0.573.0">https://github.com/lucide-icons/lucide/compare/0.572.0...0.573.0</a></p> <h2>Version 0.572.0</h2> <h2>What's Changed</h2> <ul> <li>feat(icons): added <code>message-circle-check</code> icon by <a href="https://github.com/Shrinks99"><code>@Shrinks99</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/3770">lucide-icons/lucide#3770</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/Shrinks99"><code>@Shrinks99</code></a> made their first contribution in <a href="https://redirect.github.com/lucide-icons/lucide/pull/3770">lucide-icons/lucide#3770</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/lucide-icons/lucide/compare/0.571.0...0.572.0">https://github.com/lucide-icons/lucide/compare/0.571.0...0.572.0</a></p> <h2>Version 0.571.0</h2> <h2>What's Changed</h2> <ul> <li>fix(icons): rearange <code>circle</code>-icons path and circle order by <a href="https://github.com/adamlindqvist"><code>@adamlindqvist</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/3746">lucide-icons/lucide#3746</a></li> <li>feat(icons): added <code>shelving-unit</code> icon by <a href="https://github.com/karsa-mistmere"><code>@karsa-mistmere</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/3041">lucide-icons/lucide#3041</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/adamlindqvist"><code>@adamlindqvist</code></a> made their first contribution in <a href="https://redirect.github.com/lucide-icons/lucide/pull/3746">lucide-icons/lucide#3746</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/lucide-icons/lucide/compare/0.570.0...0.571.0">https://github.com/lucide-icons/lucide/compare/0.570.0...0.571.0</a></p> <h2>Version 0.570.0</h2> <h2>What's Changed</h2> <ul> <li>feat(icons): added <code>towel-rack</code> icon by <a href="https://github.com/jguddas"><code>@jguddas</code></a> in <a href="https://redirect.github.com/lucide-icons/lucide/pull/3350">lucide-icons/lucide#3350</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/lucide-icons/lucide/commits/0.574.0/packages/lucide-svelte">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=lucide-svelte&package-manager=npm_and_yarn&previous-version=0.564.0&new-version=0.574.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-02-20 17:34:38 +01:00
dependabot[bot]	20e0dbf936	Bump uvicorn from 0.40.0 to 0.41.0 in /metadata_relay (#440 ) Bumps [uvicorn](https://github.com/Kludex/uvicorn) from 0.40.0 to 0.41.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/Kludex/uvicorn/releases">uvicorn's releases</a>.</em></p> <blockquote> <h2>Version 0.41.0</h2> <h2>Added</h2> <ul> <li>Add <code>--limit-max-requests-jitter</code> to stagger worker restarts (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2707">#2707</a>)</li> <li>Add socket path to <code>scope["server"]</code> (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2561">#2561</a>)</li> </ul> <h2>Changed</h2> <ul> <li>Rename <code>LifespanOn.error_occured</code> to <code>error_occurred</code> (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2776">#2776</a>)</li> </ul> <h2>Fixed</h2> <ul> <li>Ignore permission denied errors in watchfiles reloader (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2817">#2817</a>)</li> <li>Ensure lifespan shutdown runs when <code>should_exit</code> is set during startup (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2812">#2812</a>)</li> <li>Reduce the log level of 'request limit exceeded' messages (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2788">#2788</a>)</li> </ul> <hr /> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/t-kawasumi"><code>@t-kawasumi</code></a> made their first contribution in <a href="https://redirect.github.com/Kludex/uvicorn/pull/2776">Kludex/uvicorn#2776</a></li> <li><a href="https://github.com/fardyn"><code>@fardyn</code></a> made their first contribution in <a href="https://redirect.github.com/Kludex/uvicorn/pull/2800">Kludex/uvicorn#2800</a></li> <li><a href="https://github.com/ewie"><code>@ewie</code></a> made their first contribution in <a href="https://redirect.github.com/Kludex/uvicorn/pull/2807">Kludex/uvicorn#2807</a></li> <li><a href="https://github.com/shevron"><code>@shevron</code></a> made their first contribution in <a href="https://redirect.github.com/Kludex/uvicorn/pull/2788">Kludex/uvicorn#2788</a></li> <li><a href="https://github.com/jonashaag"><code>@jonashaag</code></a> made their first contribution in <a href="https://redirect.github.com/Kludex/uvicorn/pull/2707">Kludex/uvicorn#2707</a></li> </ul> <hr /> <p><strong>Full Changelog</strong>: <a href="https://github.com/Kludex/uvicorn/compare/0.40.0...0.41.0">https://github.com/Kludex/uvicorn/compare/0.40.0...0.41.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Kludex/uvicorn/blob/main/docs/release-notes.md">uvicorn's changelog</a>.</em></p> <blockquote> <h2>0.41.0 (February 16, 2026)</h2> <h3>Added</h3> <ul> <li>Add <code>--limit-max-requests-jitter</code> to stagger worker restarts (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2707">#2707</a>)</li> <li>Add socket path to <code>scope["server"]</code> (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2561">#2561</a>)</li> </ul> <h3>Changed</h3> <ul> <li>Rename <code>LifespanOn.error_occured</code> to <code>error_occurred</code> (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2776">#2776</a>)</li> </ul> <h3>Fixed</h3> <ul> <li>Ignore permission denied errors in watchfiles reloader (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2817">#2817</a>)</li> <li>Ensure lifespan shutdown runs when <code>should_exit</code> is set during startup (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2812">#2812</a>)</li> <li>Reduce the log level of 'request limit exceeded' messages (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2788">#2788</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`9283c0f15c`"><code>9283c0f</code></a> Version 0.41.0 (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2821">#2821</a>)</li> <li><a href="`a01a33eb8f`"><code>a01a33e</code></a> Add <code>--limit-max-requests-jitter</code> to stagger worker restarts (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2707">#2707</a>)</li> <li><a href="`2ce65bde15`"><code>2ce65bd</code></a> Ignore permission denied errors in watchfiles reloader (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2817">#2817</a>)</li> <li><a href="`654f2ed7d7`"><code>654f2ed</code></a> Ensure lifespan shutdown runs when <code>should_exit</code> is set during startup (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2812">#2812</a>)</li> <li><a href="`a03d9f6f0e`"><code>a03d9f6</code></a> Reduce the log level of 'request limit exceeded' messages (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2788">#2788</a>)</li> <li><a href="`e377de40d0`"><code>e377de4</code></a> Add socket path to scope["server"] (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2561">#2561</a>)</li> <li><a href="`0779f7f8a4`"><code>0779f7f</code></a> Poll for readiness in <code>test_multiprocess_health_check</code> and <code>run_server</code> (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2816">#2816</a>)</li> <li><a href="`7e9ce2c974`"><code>7e9ce2c</code></a> Poll for PID changes in <code>test_multiprocess_sighup</code> instead of fixed sleep (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2">#2</a>...</li> <li><a href="`99f0d8734d`"><code>99f0d87</code></a> Fix grep warning in scripts/sync-version (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2807">#2807</a>)</li> <li><a href="`7ae2e6375a`"><code>7ae2e63</code></a> chore(deps): bump the python-packages group with 18 updates (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2801">#2801</a>)</li> <li>Additional commits viewable in <a href="https://github.com/Kludex/uvicorn/compare/0.40.0...0.41.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=uvicorn&package-manager=uv&previous-version=0.40.0&new-version=0.41.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-02-20 17:34:27 +01:00
dependabot[bot]	c8f2a4316e	Bump alembic from 1.17.2 to 1.18.4 (#438 ) Bumps [alembic](https://github.com/sqlalchemy/alembic) from 1.17.2 to 1.18.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sqlalchemy/alembic/releases">alembic's releases</a>.</em></p> <blockquote> <h1>1.18.4</h1> <p>Released: February 10, 2026</p> <h2>bug</h2> <ul> <li> <p><strong>[bug] [operations]</strong> Reverted the behavior of <code>Operations.add_column()</code> that would automatically render the "PRIMARY KEY" keyword inline when a <code>Column</code> with <code>primary_key=True</code> is added. The automatic behavior, added in version 1.18.2, is now opt-in via the new <code>Operations.add_column.inline_primary_key</code> parameter. This change restores the ability to render a PostgreSQL SERIAL column, which is required to be <code>primary_key=True</code>, while not impacting the ability to render a separate primary key constraint. This also provides consistency with the <code>Operations.add_column.inline_references</code> parameter and gives users explicit control over SQL generation.</p> <p>To render PRIMARY KEY inline, use the <code>Operations.add_column.inline_primary_key</code> parameter set to <code>True</code>:</p> <p>op.add_column( "my_table", Column("id", Integer, primary_key=True), inline_primary_key=True )References: <a href="https://redirect.github.com/sqlalchemy/alembic/issues/1232">#1232</a></p> </li> </ul> <h1>1.18.3</h1> <p>Released: January 29, 2026</p> <h2>bug</h2> <ul> <li> <p><strong>[bug] [autogenerate]</strong> Fixed regression in version 1.18.0 due to <a href="https://redirect.github.com/sqlalchemy/alembic/issues/1771">#1771</a> where autogenerate would raise <code>NoReferencedTableError</code> when a foreign key constraint referenced a table that was not part of the initial table load, including tables filtered out by the <code>EnvironmentContext.configure.include_name</code> callable or tables in remote schemas that were not included in the initial reflection run.</p> <p>The change in <a href="https://redirect.github.com/sqlalchemy/alembic/issues/1771">#1771</a> was a performance optimization that eliminated additional reflection queries for tables that were only referenced by foreign keys but not explicitly included in the main reflection run. However, this optimization inadvertently removed the creation of <code>Table</code> objects for these referenced tables, causing autogenerate to fail when processing foreign key constraints that pointed to them.</p> <p>The fix creates placeholder <code>Table</code> objects for foreign key targets</p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/sqlalchemy/alembic/commits">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=alembic&package-manager=uv&previous-version=1.17.2&new-version=1.18.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-02-20 17:34:15 +01:00
dependabot[bot]	4836e3e188	Bump prettier-plugin-svelte from 3.4.0 to 3.4.1 in /web (#437 ) Bumps [prettier-plugin-svelte](https://github.com/sveltejs/prettier-plugin-svelte) from 3.4.0 to 3.4.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/sveltejs/prettier-plugin-svelte/blob/v3.4.1/CHANGELOG.md">prettier-plugin-svelte's changelog</a>.</em></p> <blockquote> <h2>3.4.1</h2> <ul> <li>(fix) externalize all prettier imports</li> <li>(fix) don't remove parantheses of <code>bind:</code>ings with <code>as</code> type casts</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/sveltejs/prettier-plugin-svelte/commits/v3.4.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=prettier-plugin-svelte&package-manager=npm_and_yarn&previous-version=3.4.0&new-version=3.4.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-02-20 17:33:54 +01:00
dependabot[bot]	7a6466ea9d	Bump @sinclair/typebox from 0.34.41 to 0.34.48 in /web (#436 ) Bumps [@sinclair/typebox](https://github.com/sinclairzx81/typebox-legacy) from 0.34.41 to 0.34.48. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/sinclairzx81/typebox-legacy/commits/0.34.48">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by [GitHub Actions](<a href="https://www.npmjs.com/~GitHub">https://www.npmjs.com/~GitHub</a> Actions), a new releaser for <code>@sinclair/typebox</code> since your current version.</p> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@sinclair/typebox&package-manager=npm_and_yarn&previous-version=0.34.41&new-version=0.34.48)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-02-20 17:33:33 +01:00
Maximilian Dorninger	b427aa5723	Merge pull request #433 from maxdorninger/dependabot/npm_and_yarn/web/npm_and_yarn-e0ba90b5b1 Bump @sveltejs/kit from 2.49.2 to 2.51.0 in /web in the npm_and_yarn group across 1 directory	2026-02-13 19:39:57 +01:00
dependabot[bot]	82aa01a650	Bump @sveltejs/kit in /web in the npm_and_yarn group across 1 directory Bumps the npm_and_yarn group with 1 update in the /web directory: [@sveltejs/kit](https://github.com/sveltejs/kit/tree/HEAD/packages/kit). Updates `@sveltejs/kit` from 2.49.2 to 2.51.0 - [Release notes](https://github.com/sveltejs/kit/releases) - [Changelog](https://github.com/sveltejs/kit/blob/main/packages/kit/CHANGELOG.md) - [Commits](https://github.com/sveltejs/kit/commits/@sveltejs/kit@2.51.0/packages/kit) --- updated-dependencies: - dependency-name: "@sveltejs/kit" dependency-version: 2.51.0 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>	2026-02-13 18:25:01 +00:00
Maximilian Dorninger	bc3895ab40	Merge pull request #427 from maxdorninger/dependabot/npm_and_yarn/web/typeschema/class-validator-0.3.0 Bump @typeschema/class-validator from 0.2.0 to 0.3.0 in /web	2026-02-13 19:24:38 +01:00
Maximilian Dorninger	b7ed529f77	Merge pull request #428 from maxdorninger/dependabot/uv/starlette-0.52.1 Bump starlette from 0.50.0 to 0.52.1	2026-02-13 19:24:26 +01:00
Maximilian Dorninger	370df4efa0	Merge pull request #429 from maxdorninger/dependabot/npm_and_yarn/web/vite-7.3.1 Bump vite from 7.2.7 to 7.3.1 in /web	2026-02-13 19:24:12 +01:00
Maximilian Dorninger	a3e85d6338	Merge pull request #431 from maxdorninger/dependabot/npm_and_yarn/web/svelte-5.51.0 Bump svelte from 5.45.8 to 5.51.0 in /web	2026-02-13 19:24:01 +01:00
Maximilian Dorninger	a2816f2dfb	Merge pull request #432 from maxdorninger/dependabot/npm_and_yarn/web/lucide-svelte-0.564.0 Bump lucide-svelte from 0.544.0 to 0.564.0 in /web	2026-02-13 19:23:48 +01:00

1 2 3 4 5 ...

1185 Commits