Bump the python group across 1 directory with 27 updates #30

dependabot · 2025-12-04T08:25:47Z

Bumps the python group with 27 updates in the / directory:

Package	From	To
rcssmin	`1.1.2`	`1.2.2`
whitenoise	`6.9.0`	`6.11.0`
hiredis	`3.2.1`	`3.3.0`
celery	`5.5.2`	`5.6.0`
uvicorn[standard]	`0.34.2`	`0.38.0`
uvicorn-worker	`0.3.0`	`0.4.0`
django-allauth[mfa]	`65.8.1`	`65.13.1`
django-crispy-forms	`2.4`	`2.5`
crispy-bootstrap5	`2025.4`	`2025.6`
django-compressor	`4.5.1`	`4.6.0`
djangorestframework	`3.16.0`	`3.16.1`
django-cors-headers	`4.7.0`	`4.9.0`
drf-spectacular	`0.28.0`	`0.29.0`
psycopg[c]	`3.2.9`	`3.3.1`
sentry-sdk	`2.29.1`	`2.47.0`
django-anymail	`13.0`	`13.1`
werkzeug[watchdog]	`3.1.3`	`3.1.4`
watchfiles	`1.0.5`	`1.1.1`
mypy	`1.15.0`	`1.19.0`
django-stubs[compatible-mypy]	`5.2.0`	`5.2.8`
pytest-sugar	`1.0.0`	`1.1.1`
djangorestframework-stubs	`3.16.0`	`3.16.6`
ruff	`0.11.11`	`0.14.7`
coverage	`7.8.2`	`7.12.0`
pre-commit	`4.2.0`	`4.5.0`
factory-boy	`3.3.2`	`3.3.3`
django-coverage-plugin	`3.1.0`	`3.2.0`

Updates rcssmin from 1.1.2 to 1.2.2

Changelog

Sourced from rcssmin's changelog.

Changes with version 1.2.2

*) Update benchmarks

*) Add support for Python 3.14

*) Update project boilerplate

Changes with version 1.2.1

*) Change doc theme to "furo"

*) Remove build dependency pinning (resolves #18)

*) Update project boilerplate

Changes with version 1.2.0

*) Add support for nesting selector (&)

*) Update project boilerplate

Changes with version 1.1.3

*) Add support for Python 3.13

*) Update project boilerplate

Changes with version 1.1.2

*) Add support for Python 3.12

*) Add musllinux wheels

*) Update project boilerplate

Changes with version 1.1.1

*) Add support for Python 3.11

*) Update project boilerplate

Changes with version 1.1.0

... (truncated)

Commits

b4cac4d Bump version to 1.2.2
db3f06e Update benchmarks
77816d3 Add Python 3.14 support
ecac774 Project boilerplate
5bac716 Bump version to 1.2.1
8d4312f Hello 2025
41d1e1f Update dependencies, change sphinx theme
5396f5e Bump version to 1.2.0
81da219 Update benchmarks
1f9ff6d Add support for nesting selector (&)
Additional commits viewable in compare view

Updates whitenoise from 6.9.0 to 6.11.0

Changelog

Sourced from whitenoise's changelog.

6.11.0 (2025-09-18)

Support Django 6.0.

6.10.0 (2025-09-09)

Support Python 3.14.

Commits

c9c06e9 Version 6.11.0
051c4e9 Support Django 6.0 (#665)
c903cc1 Version 6.10.0
a81bcb0 docs(django): use the stable version in URLs (#626)
67b4f32 Support Python 3.14 (#664)
da8d333 [pre-commit.ci] pre-commit autoupdate (#663)
8000724 Bump the github-actions group with 2 updates (#662)
8fb339f Upgrade dependencies (#661)
adf64dd Use uvx to run tox on GitHub Actions (#660)
ad6eb20 [pre-commit.ci] pre-commit autoupdate (#659)
Additional commits viewable in compare view

Updates hiredis from 3.2.1 to 3.3.0

Release notes

Sourced from hiredis's releases.

3.3.0

Changes

Add Python 3.14 to CI and wheels (#213 by @zweizeichen)

Contributors

We'd like to thank all the contributors who worked on this release!

Commits

187d0f3 Version 3.3.0
3efcf03 Add Python 3.14 to CI and wheels (#213) (#215)
966cede Fix assertion in reader.c (#212)
78def30 Bump version to 3.3.0-dev
See full diff in compare view

Updates celery from 5.5.2 to 5.6.0

Release notes

Sourced from celery's releases.

v5.6.0

Celery v5.6.0 is now available.

Key Highlights

See What's new in Celery 5.6 for a complete overview or read the main highlights below.

Python 3.9 Minimum Version

Celery 5.6.0 drops support for Python 3.8 (EOL). The minimum required Python version is now 3.9. Users still on Python 3.8 must upgrade their Python version before upgrading to Celery 5.6.0.

Additionally, this release includes initial support for Python 3.14.

SQS: Reverted to pycurl from urllib3

The switch from pycurl to urllib3 for the SQS transport (introduced in Celery 5.5.0 via Kombu) has been reverted due to critical issues affecting SQS users.

Contributed by @auvipy in celery/celery#9620.

Security Fix: Broker Credential Leak Prevention

Fixed a security issue where broker URLs containing passwords were being logged in plaintext by the delayed delivery mechanism. Broker credentials are now properly sanitized in all log output.

Contributed by @giancarloromeo in celery/celery#9997.

Memory Leak Fixes

Two significant memory leaks have been fixed in this release:

Exception Handling Memory Leak: Fixed a critical memory leak in task exception handling that was particularly severe on Python 3.11+ due to enhanced traceback data. The fix properly breaks reference cycles in tracebacks to allow garbage collection.

Contributed by @jaiganeshs21 in celery/celery#9799.

Pending Result Memory Leak: Fixed a memory leak where AsyncResult subscriptions were not being cleaned up when results were forgotten.

Contributed by @tsoos99dev in celery/celery#9806.

ETA Task Memory Limit

New configuration option worker_eta_task_limit to prevent out-of-memory crashes when workers fetch large numbers of ETA or countdown tasks. Previously, workers could exhaust available memory when the broker contained many scheduled tasks.

Example usage:
app.conf.worker_eta_task_limit = 1000
Contributed by @sashu2310 in celery/celery#9853.

Queue Type Selection for Auto-created Queues

... (truncated)

Changelog

Sourced from celery's changelog.

5.6.0

:release-date: 2025-11-30 :release-by: Tomer Nosrati

Celery v5.6.0 is now available.

Key Highlights

See :ref:`whatsnew-5.6` for a complete overview or read the main highlights below. Python 3.9 Minimum Version Celery 5.6.0 drops support for Python 3.8 (EOL). The minimum required Python version is now 3.9. Users still on Python 3.8 must upgrade their Python version before upgrading to Celery 5.6.0. Additionally, this release includes initial support for Python 3.14. SQS: Reverted to pycurl from urllib3 The switch from pycurl to urllib3 for the SQS transport (introduced in Celery 5.5.0 via Kombu) has been reverted due to critical issues affecting SQS users: Processing throughput dropped from ~100 tasks/sec to ~3/sec in some environments UnknownOperationException errors causing container crash loops Silent message processing failures with no error logs Users of the SQS transport must ensure pycurl is installed. If you removed pycurl after upgrading to Celery 5.5.0, you will need to reinstall it. Contributed by @auvipy <https://github.com/auvipy>_ in [#9620](https://github.com/celery/celery/issues/9620) <https://github.com/celery/celery/pull/9620>_. Security Fix: Broker Credential Leak Prevention Fixed a security issue where broker URLs containing passwords were being logged in plaintext by the delayed delivery mechanism. Broker credentials are now properly sanitized in all log output. Contributed by @giancarloromeo <https://github.com/giancarloromeo>_ in [#9997](https://github.com/celery/celery/issues/9997) <https://github.com/celery/celery/pull/9997>_.

Memory Leak Fixes </tr></table>

... (truncated)

Commits

cca1116 Prepare for release: v5.6.0 (#10010)
1133f22 Bump mypy from 1.14.1 to 1.19.0 (#10008)
0932d2c [pre-commit.ci] pre-commit autoupdate (#10007)
b446910 Prepare for (pre) release: v5.6.0rc2 (#10005)
3f0f0fe asynpool: Don't return from inside a finally block (#10000)
95d0552 Bump actions/checkout from 5 to 6 (#10003)
f32b92f Add Py39-314t to CI (#9999)
63c1910 Don't fail task on timeout during cold shutdown (#9678)
30649db Fix log leaking broker credentials (#9997)
929412e Remove Python 4.0 version condition for pytest dependencies (#9993)
Additional commits viewable in compare view

Updates uvicorn[standard] from 0.34.2 to 0.38.0

Release notes

Sourced from uvicorn[standard]'s releases.

Version 0.38.0

What's Changed

Support Python 3.14 by @Kludex in Kludex/uvicorn#2723

New Contributors

@NGANAMODEIJunior made their first contribution in Kludex/uvicorn#2713

Full Changelog: Kludex/uvicorn@0.37.0...0.38.0

Version 0.37.0

What's Changed

Add --timeout-worker-healthcheck setting by @Kludex in Kludex/uvicorn#2711

Add os.PathLike[str] type to ssl_ca_certs by @rnv812 in Kludex/uvicorn#2676

New Contributors

@LincolnPuzey made their first contribution in Kludex/uvicorn#2669

@rnv812 made their first contribution in Kludex/uvicorn#2676

Full Changelog: Kludex/uvicorn@0.36.1...0.37.0

Version 0.36.1

What's Changed

Raise an exception when calling removed Config.setup_event_loop() by @Kludex in Kludex/uvicorn#2709

Full Changelog: Kludex/uvicorn@0.36.0...0.36.1

Version 0.36.0

Added

Support custom IOLOOPs by @gnir-work in Kludex/uvicorn#2435

Allow to provide importable string in --http, --ws and --loop by @Kludex in Kludex/uvicorn#2658

New Contributors

@gnir-work made their first contribution in Kludex/uvicorn#2435

@musicinmybrain made their first contribution in Kludex/uvicorn#2659

@secrett2633 made their first contribution in Kludex/uvicorn#2684

Full Changelog: Kludex/uvicorn@0.35.0...0.36.0

Version 0.35.0

Added

Add WebSocketsSansIOProtocol by @Kludex in encode/uvicorn#2540

... (truncated)

Changelog

Sourced from uvicorn[standard]'s changelog.

0.38.0 (October 18, 2025)

Added

Support Python 3.14 (#2723)

0.37.0 (September 23, 2025)

Added

Add --timeout-worker-healthcheck option (#2711)

Add os.PathLike[str] type to ssl_ca_certs (#2676)

0.36.1 (September 23, 2025)

Fixed

Raise an exception when calling removed Config.setup_event_loop() (#2709)

0.36.0 (September 20, 2025)

Added

Support custom IOLOOPs (#2435)

Allow to provide importable string in --http, --ws and --loop (#2658)

0.35.0 (June 28, 2025)

Added

Add WebSocketsSansIOProtocol (#2540)

Changed

Refine help message for option --proxy-headers (#2653)

0.34.3 (June 1, 2025)

Fixed

Don't include cwd() when non-empty --reload-dirs is passed (#2598)

Apply get_client_addr formatting to WebSocket logging (#2636)

Commits

3850ad6 Version 0.38.0 (#2733)
9b3f17a Support Python 3.14 (#2723)
ce79f95 Revert "Add Marcelo Trylesinski to the license (#2699)" (#2730)
dbf8797 docs: add social icons (#2728)
58f28be Add section about event loop (#2725)
93d9510 Bump docs dependencies (#2724)
9b1c6c4 Move Marcelo Trylesinski to maintainers in pyproject.toml (#2719)
57a61d8 Add discord to README (#2718)
7ef5f9f chore(deps): bump astral-sh/setup-uv from 6.7.0 to 6.8.0 (#2717)
6d26d88 Update pyproject.toml for PEP639 compliance (#2713)
Additional commits viewable in compare view

Updates uvicorn-worker from 0.3.0 to 0.4.0

Release notes

Sourced from uvicorn-worker's releases.

Version 0.4.0

What's Changed

Add official support for Python 3.13 by @Kludex in Kludex/uvicorn-worker#36

Support uvicorn >= 0.36.0 by @Kludex in Kludex/uvicorn-worker#37

Version 0.4.0 by @Kludex in Kludex/uvicorn-worker#38

Full Changelog: Kludex/uvicorn-worker@0.3.0...0.4.0

Commits

cd29cc6 Version 0.4.0 (#38)
c6019eb Support uvicorn >= 0.36.0 (#37)
b96ea28 Bump the python-packages group across 1 directory with 9 updates (#33)
0b796fd Add official support for Python 3.13 (#36)
See full diff in compare view

Updates django-allauth[mfa] from 65.8.1 to 65.13.1

Commits

See full diff in compare view

Updates django-crispy-forms from 2.4 to 2.5

Release notes

Sourced from django-crispy-forms's releases.

2.5

Confirmed support for Python 3.14.

Confirmed support for Django 6.0.

Dropped support for Python 3.8.

Changelog

Sourced from django-crispy-forms's changelog.

2.5 (2025-11-06)

Confirmed support for Python 3.14.

Confirmed support for Django 6.0.

Dropped support for Python 3.8.

Commits

65fa8ae 2.5 Release. (#1424)
ca4ca14 PEP 639 licenses (#1413)
aaabe68 Updated pre-commit hook versions.
125dd16 Pyupgrade 3.9+
1f9c8ec Confirmed support for Python 3.14, Django. Drop support for Python 3.8.
93cb8c8 Correct names in special thanks section (#1421)
e327548 Added security policy. (#1419)
6481342 Enabled GitHub code of conduct (#1416)
dabd719 Add Project Logo. (#1415)
See full diff in compare view

Updates crispy-bootstrap5 from 2025.4 to 2025.6

Release notes

Sourced from crispy-bootstrap5's releases.

2025.6

<legend> elements now have fs-6 class so they are the same font size as <labels>.

Changelog

Sourced from crispy-bootstrap5's changelog.

2025.6 (2025-06-08)

<legend> elements now have fs-6 class so they are the same font size as <labels>.

Commits

c9578e9 2025.6 Release. (#210)
a6346ec Make legend font-size the same as label font-size (#208)
See full diff in compare view

Updates django-compressor from 4.5.1 to 4.6.0

Changelog

Sourced from django-compressor's changelog.

Changelog

v4.6 (2025-11-10)

Full list of changes from v4.5.1 <https://github.com/django-compressor/django-compressor/compare/4.5.1...4.6>_

Fixed compatibility with latest BS4.

Removed top pin for rcssmin and rjsmin dependencies.

Avoid compressing the same node concurrently in offline compression.

Avoid use of deprecated ast.Constant.s

Officially support Django 6.0

Officially support Django 5.2

Drop support for EOL Django 5.0

Add support for Python 3.14.

Add support for Python 3.13.

Drop support for EOL Python 3.9.

Drop support for EOL Python 3.8.

Commits

3ada994 Prepare 4.6.0.
1baa82a Remove CI testing for EOL Django 5.0.
8706a52 Add CI testing for Python 3.14 and Django 6.0.
7be9ce2 Bump brotli, lxml, and coverage test dependencies.
d6fd813 Remove test version pinning for rcssmin and rjsmin.
2b46e7d Bump actions/setup-python from 5 to 6 (#1307)
b97bb05 Disable bs4's multi valued attributes (#1296)
4e54330 Migrate packaging to pyproject.toml (#1313)
872f8d5 Remove version pinning for rcssmin and rjsmin (#1312)
cc38666 Drop support for Python 3.9 (#1311)
Additional commits viewable in compare view

Updates djangorestframework from 3.16.0 to 3.16.1

Release notes

Sourced from djangorestframework's releases.

v3.16.1

This release fixes a few bugs, clean-up some old code paths for unsupported Python versions and improve translations.

Minor changes

Cleanup optional backports.zoneinfo dependency and conditions on unsupported Python 3.8 and lower in #9681. Python versions prior to 3.9 were already unsupported so this isn't considered as a breaking change.

Bug fixes

Fix regression in unique_together validation with SerializerMethodField in #9712

Fix UniqueTogetherValidator to handle fields with source attribute in #9688

Drop HTML line breaks on long headers in browsable API in #9438

Translations

Add Kazakh locale support in #9713

Update translations for Korean translations in #9571

Update German translations in #9676

Update Chinese translations in #9675

Update Arabic translations-sal in #9595

Update Persian translations in #9576

Update Spanish translations in #9701

Update Turkish Translations in #9749

Fix some typos in Brazilian Portuguese translations in #9673

Documentation

Removed reference to GitHub Issues and Discussions in #9660

Add drf-restwind and update outdated images in browsable-api.md in #9680

Updated funding page to represent current scope in #9686

Fix broken Heroku JSON Schema link in #9693

Update Django documentation links to use stable version in #9698

Expand docs on unique constraints cause 'required=True' in #9725

Revert extension back from djangorestframework-guardian2 to djangorestframework-guardian in #9734

Add note to tutorial about required request in serializer context when using HyperlinkedModelSerializer in #9732

Internal changes

Update GitHub Actions to use Ubuntu 24.04 for testing in #9677

Update test matrix to use Django 5.2 stable version in #9679

Add pyupgrade to pre-commit hooks in #9682

Fix test with Django 5 when pytz is available in #9715

New Contributors

@araggohnxd made their first contribution in #9673

@mbeijen made their first contribution in #9660

@stefan6419846 made their first contribution in #9676

@ren000thomas made their first contribution in #9675

@ulgens made their first contribution in #9682

... (truncated)

Commits

de018df Prepare 3.16.1 release (#9752)
a7d050f Turkish Translation updates (#9749)
853969c Fix test with Django 5 when pytz is available (#9715)
2ae8c11 Add note to tutorial about required request in serializer context when using ...
70e54f4 Revert docs back to djangorestframework-guardian (#9734)
3038494 Document that unique constraints cause required=True in ModelSerializer (#9...
4bb46c2 Add Kazakh(kk) locale support (#9713)
e454758 Fix regression in unique_together validation with SerializerMethodField (#9712)
33d59fe Update Spanish translations (#9701)
c0202a0 Update Django documentation links to use stable version (#9698)
Additional commits viewable in compare view

Updates django-cors-headers from 4.7.0 to 4.9.0

Changelog

Sourced from django-cors-headers's changelog.

4.9.0 (2025-09-18)

Support Django 6.0.

4.8.0 (2025-09-08)

Support Python 3.14.

Commits

a3a3ad2 Version 4.9.0
2f5a94b Correct testing of Django 6.0 (#1015)
4356514 Support Django 6.0 (#1014)
eeaa041 Version 4.8.0
b760e4d Support Python 3.14 (#1013)
bf6abfb [pre-commit.ci] pre-commit autoupdate (#1012)
5d0c651 Upgrade dependencies (#1011)
873fd5f Use uvx to run tox on GitHub Actions (#1010)
f8aa330 [pre-commit.ci] pre-commit autoupdate (#1009)
b04460f [pre-commit.ci] pre-commit autoupdate (#1008)
Additional commits viewable in compare view

Updates drf-spectacular from 0.28.0 to 0.29.0

Release notes

Sourced from drf-spectacular's releases.

0.29.0

Thank you for all the patience with the release!

Important notes

Finally fixed the memory leak thanks to @artKucher.

Another performance improvement is the usage of the C versions of yaml, if available.

Apart from that, there are a lot of small improvements and bugfixes.

PRs

Link to SerializerMethod docs by @johnthagen in tfranzel/drf-spectacular#1377

Document Django 5.1 support in README by @johnthagen in tfranzel/drf-spectacular#1376

Bump django from 4.2.11 to 4.2.18 in /requirements by @dependabot[bot] in tfranzel/drf-spectacular#1366

Document how to lazily annotate a recursive SerializerMethod by @johnthagen in tfranzel/drf-spectacular#1384

Fix docs compile issue and update some old code by @mikemanger in tfranzel/drf-spectacular#1389

Add allauth's DRF token auth #1401 by @tfranzel in tfranzel/drf-spectacular#1404

Bump django from 4.2.18 to 4.2.20 in /requirements by @dependabot[bot] in tfranzel/drf-spectacular#1403

Allow setting callable for ENUM_NAME_OVERRIDES by @q0w in tfranzel/drf-spectacular#1406

fix: correct port mapping for the container in README by @mbienkowsk in tfranzel/drf-spectacular#1408

Fix python 3.11 slice index by @yegorLitvinov in tfranzel/drf-spectacular#1411

Add Django REST framework 3.16 support by @pauloxnet in tfranzel/drf-spectacular#1420

fixes prefix estimation on windows by @originell in tfranzel/drf-spectacular#1440

Bump django from 4.2.20 to 4.2.24 in /requirements by @dependabot[bot] in tfranzel/drf-spectacular#1451

fix: sort list to produce same hash by @florianvazelle in tfranzel/drf-spectacular#1433

Add typing.Generic to default lib_doc_excludes by @maxhowald in tfranzel/drf-spectacular#1429

Fix DecimalField with decimal_places and max_digits equal. by @keter2002 in tfranzel/drf-spectacular#1457

Fix default for array types by @TheSuperiorStanislav in tfranzel/drf-spectacular#1437

Bump django from 4.2.24 to 4.2.25 in /requirements by @dependabot[bot] in tfranzel/drf-spectacular#1458

Fix OpenApiViewExtension not providing view instance under self.target by @astro-stan in tfranzel/drf-spectacular#1405

Enhance bug report template with instructions for better clarity. by @Antoliny0919 in tfranzel/drf-spectacular#1357

Add option to overwrite serializer description #1463 by @tfranzel in tfranzel/drf-spectacular#1464

Improve to_filter_name support for django_filter by @matwey in tfranzel/drf-spectacular#1446

fix: camelize tuples/fixed length array by @CharString in tfranzel/drf-spectacular#1432

Fix memory leak by @artKucher in tfranzel/drf-spectacular#1416

fix: add check condition, that serializer meta has model attribute by @kritohanzo in tfranzel/drf-spectacular#1397

[django-filter] Add null_label if set in ChoiceFilter by @epou in tfranzel/drf-spectacular#1450

Add l18n handling for Decimal field #1466 by @tfranzel in tfranzel/drf-spectacular#1467

New Contributors

@mikemanger made their first contribution in tfranzel/drf-spectacular#1389

@mbienkowsk made their first contribution in tfranzel/drf-spectacular#1408

@yegorLitvinov made their first contribution in tfranzel/drf-spectacular#1411

@pauloxnet made their first contribution in tfranzel/drf-spectacular#1420

@originell made their first contribution in tfranzel/drf-spectacular#1440

@florianvazelle made their first contribution in tfranzel/drf-spectacular#1433

@maxhowald made their first contribution in tfranzel/drf-spectacular#1429

@keter2002 made their first contribution in tfranzel/drf-spectacular#1457

@TheSuperiorStanislav made their first contribution in tfranzel/drf-spectacular#1437

@astro-stan made their first contribution in tfranzel/drf-spectacular#1405

... (truncated)

Changelog

Sourced from drf-spectacular's changelog.

0.29.0 (2025-11-01)

Add l18n handling for Decimal field [#1466](https://github.com/tfranzel/drf-spectacular/issues/1466) <https://github.com/tfranzel/drf-spectacular/issues/1466>_

Fix LogoutSerializer for JWT/dj_rest_auth [#1392](https://github.com/tfranzel/drf-spectacular/issues/1392) <https://github.com/tfranzel/drf-spectacular/issues/1392>_

fix: support token blacklist feature in rest_auth [Bart van Andel]

[django-filter] Add null_label if set in ChoiceFilter ([#1450](https://github.com/tfranzel/drf-spectacular/issues/1450) <https://github.com/tfranzel/drf-spectacular/issues/1450>_) [Enric Pou]

fix: camelize tuples/fixed length array ([#1432](https://github.com/tfranzel/drf-spectacular/issues/1432) <https://github.com/tfranzel/drf-spectacular/issues/1432>_) [Chris Wesseling]

Fix items:False case in enum hook [#1432](https://github.com/tfranzel/drf-spectacular/issues/1432) <https://github.com/tfranzel/drf-spectacular/issues/1432>_

Add option to overwrite serializer description [#1463](https://github.com/tfranzel/drf-spectacular/issues/1463) <https://github.com/tfranzel/drf-spectacular/issues/1463>_

Fix OpenApiViewExtension not providing view instance under self.target ([#1405](https://github.com/tfranzel/drf-spectacular/issues/1405) <https://github.com/tfranzel/drf-spectacular/issues/1405>_) [astro-stan]

Move list default fix to source of the problem [#1436](https://github.com/tfranzel/drf-spectacular/issues/1436) <https://github.com/tfranzel/drf-spectacular/issues/1436>_

Improve confusing doc [#1461](https://github.com/tfranzel/drf-spectacular/issues/1461) <https://github.com/tfranzel/drf-spectacular/issues/1461>_

Add assert to pagination test [#1459](https://github.com/tfranzel/drf-spectacular/issues/1459) <https://github.com/tfranzel/drf-spectacular/issues/1459>_

fix SafeString handling for picky CDumper ([#1435](https://github.com/tfranzel/drf-spectacular/issues/1435) <https://github.com/tfranzel/drf-spectacular/issues/1435>_)

Remove EOL 3.7 from suite; pydantic not updated for <=3.8

Fix DecimalField with decimal_places and max_digits equal. [keter2002]

fix test for i18n changes on DRF ([#1444](https://github.com/tfranzel/drf-spectacular/issues/1444) <https://github.com/tfranzel/drf-spectacular/issues/1444>_)

Improve to_filter_name support for django_filter [Matwey V. Kornilov]

fixes prefix estimation on windows [Luis Nell]

Fix default for array types [Stanislav Khlud]

fix: use CSafeDumper for render yaml if available [florian]

fix: sort list to produce same hash [florian]

Add typing.Generic to default lib_doc_excludes [Max Howald]

Add get_doc test for class that inherits from Generic [Max Howald]

Add Django REST framework 3.16 support [Paolo Melchiorre]

Fix memory leak [artemkucher]

Fix python 3.11 slice index [Egor Litvinov]

fix: correct port mapping for the container in README [Maksym Bieńkowski]

Update docs [q0w]

Allow setting callable for ENUM_NAME_OVERRIDES [q0w]

Add allauth's DRF token auth [#1401](https://github.com/tfranzel/drf-spectacular/issues/1401) <https://github.com/tfranzel/drf-spectacular/issues/1401>_

update away from retired GH worker image

add condition to check, that serializer Meta has model attribute [aliev_vt]

Fix docs compile issue and update some old code ([#1389](https://github.com/tfranzel/drf-spectacular/issues/1389) <https://github.com/tfranzel/drf-spectacular/issues/1389>_) [Mike Manger]

Fix location of @extend_schema_field [johnthagen]

Remove reference to non-exposed lazy_serializer [johnthagen]

Document how to lazily define a recursive SerializerMethod [johnthagen]

Link to SerializerMethod docs [johnthagen]

Document Django 5.1 support in README [johnthagen]

Bump django from 4.2.11 to 4.2.18 in /requirements [dependabot[bot]]

Enhance bug report template with instructions for better clarity [antoliny0919]

add pydantic computed field to tests [#1354](https://github.com/tfranzel/drf-spectacular/issues/1354) <https://github.com/tfranzel/drf-spectacular/issues/1354>_

Breaking changes / important additions:

Finally fixed the memory leak thanks to @artKucher.

Another performance improvement is the usage of the C versions of yaml, if available.

Apart from that, there are a lot of small improvements and bugfixes.

Commits

7a7a1f2 disable py3.8 target due to pyproject.toml issues
ff7a62b fix docs
e58143b version bump
e40b287 Renovate project setup #1162
62fc98b Merge pull request #1467 from tfranzel/decimal_l18n
d7247a5 Add l18n handling for Decimal field #1466
5221afd M...
Description has been truncated

Bumps the python group with 27 updates in the / directory: | Package | From | To | | --- | --- | --- | | [rcssmin](https://github.com/ndparker/rcssmin) | `1.1.2` | `1.2.2` | | [whitenoise](https://github.com/evansd/whitenoise) | `6.9.0` | `6.11.0` | | [hiredis](https://github.com/redis/hiredis-py) | `3.2.1` | `3.3.0` | | [celery](https://github.com/celery/celery) | `5.5.2` | `5.6.0` | | [uvicorn[standard]](https://github.com/Kludex/uvicorn) | `0.34.2` | `0.38.0` | | [uvicorn-worker](https://github.com/Kludex/uvicorn-worker) | `0.3.0` | `0.4.0` | | [django-allauth[mfa]](https://github.com/sponsors/pennersr) | `65.8.1` | `65.13.1` | | [django-crispy-forms](https://github.com/django-crispy-forms/django-crispy-forms) | `2.4` | `2.5` | | [crispy-bootstrap5](https://github.com/django-crispy-forms/crispy-bootstrap5) | `2025.4` | `2025.6` | | [django-compressor](https://github.com/django-compressor/django-compressor) | `4.5.1` | `4.6.0` | | [djangorestframework](https://github.com/encode/django-rest-framework) | `3.16.0` | `3.16.1` | | [django-cors-headers](https://github.com/adamchainz/django-cors-headers) | `4.7.0` | `4.9.0` | | [drf-spectacular](https://github.com/tfranzel/drf-spectacular) | `0.28.0` | `0.29.0` | | [psycopg[c]](https://github.com/psycopg/psycopg) | `3.2.9` | `3.3.1` | | [sentry-sdk](https://github.com/getsentry/sentry-python) | `2.29.1` | `2.47.0` | | [django-anymail](https://github.com/anymail/django-anymail) | `13.0` | `13.1` | | [werkzeug[watchdog]](https://github.com/pallets/werkzeug) | `3.1.3` | `3.1.4` | | [watchfiles](https://github.com/samuelcolvin/watchfiles) | `1.0.5` | `1.1.1` | | [mypy](https://github.com/python/mypy) | `1.15.0` | `1.19.0` | | [django-stubs[compatible-mypy]](https://github.com/sponsors/typeddjango) | `5.2.0` | `5.2.8` | | [pytest-sugar](https://github.com/Teemu/pytest-sugar) | `1.0.0` | `1.1.1` | | [djangorestframework-stubs](https://github.com/sponsors/typeddjango) | `3.16.0` | `3.16.6` | | [ruff](https://github.com/astral-sh/ruff) | `0.11.11` | `0.14.7` | | [coverage](https://github.com/coveragepy/coveragepy) | `7.8.2` | `7.12.0` | | [pre-commit](https://github.com/pre-commit/pre-commit) | `4.2.0` | `4.5.0` | | [factory-boy](https://github.com/FactoryBoy/factory_boy) | `3.3.2` | `3.3.3` | | [django-coverage-plugin](https://github.com/nedbat/django_coverage_plugin) | `3.1.0` | `3.2.0` | Updates `rcssmin` from 1.1.2 to 1.2.2 - [Changelog](https://github.com/ndparker/rcssmin/blob/master/CHANGES) - [Commits](ndparker/rcssmin@1.1.2...1.2.2) Updates `whitenoise` from 6.9.0 to 6.11.0 - [Changelog](https://github.com/evansd/whitenoise/blob/main/docs/changelog.rst) - [Commits](evansd/whitenoise@6.9.0...6.11.0) Updates `hiredis` from 3.2.1 to 3.3.0 - [Release notes](https://github.com/redis/hiredis-py/releases) - [Changelog](https://github.com/redis/hiredis-py/blob/master/CHANGELOG.md) - [Commits](redis/hiredis-py@v3.2.1...v3.3.0) Updates `celery` from 5.5.2 to 5.6.0 - [Release notes](https://github.com/celery/celery/releases) - [Changelog](https://github.com/celery/celery/blob/main/Changelog.rst) - [Commits](celery/celery@v5.5.2...v5.6.0) Updates `uvicorn[standard]` from 0.34.2 to 0.38.0 - [Release notes](https://github.com/Kludex/uvicorn/releases) - [Changelog](https://github.com/Kludex/uvicorn/blob/main/docs/release-notes.md) - [Commits](Kludex/uvicorn@0.34.2...0.38.0) Updates `uvicorn-worker` from 0.3.0 to 0.4.0 - [Release notes](https://github.com/Kludex/uvicorn-worker/releases) - [Commits](Kludex/uvicorn-worker@0.3.0...0.4.0) Updates `django-allauth[mfa]` from 65.8.1 to 65.13.1 - [Commits](https://github.com/sponsors/pennersr/commits) Updates `django-crispy-forms` from 2.4 to 2.5 - [Release notes](https://github.com/django-crispy-forms/django-crispy-forms/releases) - [Changelog](https://github.com/django-crispy-forms/django-crispy-forms/blob/main/CHANGELOG.md) - [Commits](django-crispy-forms/django-crispy-forms@2.4...2.5) Updates `crispy-bootstrap5` from 2025.4 to 2025.6 - [Release notes](https://github.com/django-crispy-forms/crispy-bootstrap5/releases) - [Changelog](https://github.com/django-crispy-forms/crispy-bootstrap5/blob/main/CHANGELOG.md) - [Commits](django-crispy-forms/crispy-bootstrap5@2025.4...2025.6) Updates `django-compressor` from 4.5.1 to 4.6.0 - [Changelog](https://github.com/django-compressor/django-compressor/blob/develop/docs/changelog.txt) - [Commits](django-compressor/django-compressor@4.5.1...4.6) Updates `djangorestframework` from 3.16.0 to 3.16.1 - [Release notes](https://github.com/encode/django-rest-framework/releases) - [Commits](encode/django-rest-framework@3.16.0...3.16.1) Updates `django-cors-headers` from 4.7.0 to 4.9.0 - [Changelog](https://github.com/adamchainz/django-cors-headers/blob/main/CHANGELOG.rst) - [Commits](adamchainz/django-cors-headers@4.7.0...4.9.0) Updates `drf-spectacular` from 0.28.0 to 0.29.0 - [Release notes](https://github.com/tfranzel/drf-spectacular/releases) - [Changelog](https://github.com/tfranzel/drf-spectacular/blob/master/CHANGELOG.rst) - [Commits](tfranzel/drf-spectacular@0.28.0...0.29.0) Updates `psycopg[c]` from 3.2.9 to 3.3.1 - [Changelog](https://github.com/psycopg/psycopg/blob/master/docs/news.rst) - [Commits](psycopg/psycopg@3.2.9...3.3.1) Updates `sentry-sdk` from 2.29.1 to 2.47.0 - [Release notes](https://github.com/getsentry/sentry-python/releases) - [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md) - [Commits](getsentry/sentry-python@2.29.1...2.47.0) Updates `django-anymail` from 13.0 to 13.1 - [Release notes](https://github.com/anymail/django-anymail/releases) - [Changelog](https://github.com/anymail/django-anymail/blob/main/CHANGELOG.rst) - [Commits](anymail/django-anymail@v13.0...v13.1) Updates `werkzeug[watchdog]` from 3.1.3 to 3.1.4 - [Release notes](https://github.com/pallets/werkzeug/releases) - [Changelog](https://github.com/pallets/werkzeug/blob/main/CHANGES.rst) - [Commits](pallets/werkzeug@3.1.3...3.1.4) Updates `watchfiles` from 1.0.5 to 1.1.1 - [Release notes](https://github.com/samuelcolvin/watchfiles/releases) - [Commits](samuelcolvin/watchfiles@v1.0.5...v1.1.1) Updates `mypy` from 1.15.0 to 1.19.0 - [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md) - [Commits](python/mypy@v1.15.0...v1.19.0) Updates `django-stubs[compatible-mypy]` from 5.2.0 to 5.2.8 - [Commits](https://github.com/sponsors/typeddjango/commits) Updates `pytest-sugar` from 1.0.0 to 1.1.1 - [Release notes](https://github.com/Teemu/pytest-sugar/releases) - [Changelog](https://github.com/Teemu/pytest-sugar/blob/main/CHANGES.rst) - [Commits](Teemu/pytest-sugar@v1.0.0...v1.1.1) Updates `djangorestframework-stubs` from 3.16.0 to 3.16.6 - [Commits](https://github.com/sponsors/typeddjango/commits) Updates `ruff` from 0.11.11 to 0.14.7 - [Release notes](https://github.com/astral-sh/ruff/releases) - [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md) - [Commits](astral-sh/ruff@0.11.11...0.14.7) Updates `coverage` from 7.8.2 to 7.12.0 - [Release notes](https://github.com/coveragepy/coveragepy/releases) - [Changelog](https://github.com/coveragepy/coveragepy/blob/main/CHANGES.rst) - [Commits](coveragepy/coveragepy@7.8.2...7.12.0) Updates `pre-commit` from 4.2.0 to 4.5.0 - [Release notes](https://github.com/pre-commit/pre-commit/releases) - [Changelog](https://github.com/pre-commit/pre-commit/blob/main/CHANGELOG.md) - [Commits](pre-commit/pre-commit@v4.2.0...v4.5.0) Updates `factory-boy` from 3.3.2 to 3.3.3 - [Changelog](https://github.com/FactoryBoy/factory_boy/blob/master/docs/changelog.rst) - [Commits](FactoryBoy/factory_boy@3.3.2...3.3.3) Updates `django-coverage-plugin` from 3.1.0 to 3.2.0 - [Release notes](https://github.com/nedbat/django_coverage_plugin/releases) - [Commits](coveragepy/django_coverage_plugin@v3.1.0...v3.2.0) --- updated-dependencies: - dependency-name: rcssmin dependency-version: 1.2.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python - dependency-name: whitenoise dependency-version: 6.11.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python - dependency-name: hiredis dependency-version: 3.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python - dependency-name: celery dependency-version: 5.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python - dependency-name: uvicorn[standard] dependency-version: 0.38.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python - dependency-name: uvicorn-worker dependency-version: 0.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python - dependency-name: django-allauth[mfa] dependency-version: 65.13.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python - dependency-name: django-crispy-forms dependency-version: '2.5' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python - dependency-name: crispy-bootstrap5 dependency-version: '2025.6' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python - dependency-name: django-compressor dependency-version: 4.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python - dependency-name: djangorestframework dependency-version: 3.16.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python - dependency-name: django-cors-headers dependency-version: 4.9.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python - dependency-name: drf-spectacular dependency-version: 0.29.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python - dependency-name: psycopg[c] dependency-version: 3.3.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python - dependency-name: sentry-sdk dependency-version: 2.47.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python - dependency-name: django-anymail dependency-version: '13.1' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python - dependency-name: werkzeug[watchdog] dependency-version: 3.1.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python - dependency-name: watchfiles dependency-version: 1.1.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python - dependency-name: mypy dependency-version: 1.19.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python - dependency-name: django-stubs[compatible-mypy] dependency-version: 5.2.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python - dependency-name: pytest-sugar dependency-version: 1.1.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python - dependency-name: djangorestframework-stubs dependency-version: 3.16.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python - dependency-name: ruff dependency-version: 0.14.7 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python - dependency-name: coverage dependency-version: 7.12.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python - dependency-name: pre-commit dependency-version: 4.5.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python - dependency-name: factory-boy dependency-version: 3.3.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python - dependency-name: django-coverage-plugin dependency-version: 3.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Dec 4, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump the python group across 1 directory with 27 updates #30

Bump the python group across 1 directory with 27 updates #30

Uh oh!

dependabot bot commented on behalf of github Dec 4, 2025 •

edited

Loading

Python 3.9 Minimum Version

SQS: Reverted to `pycurl` from `urllib3`

Security Fix: Broker Credential Leak Prevention

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Bump the python group across 1 directory with 27 updates #30

Are you sure you want to change the base?

Bump the python group across 1 directory with 27 updates #30

Uh oh!

Conversation

dependabot bot commented on behalf of github Dec 4, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

6.11.0 (2025-09-18)

6.10.0 (2025-09-09)

3.3.0

Changes

Contributors

v5.6.0

Key Highlights

Python 3.9 Minimum Version

SQS: Reverted to pycurl from urllib3

Security Fix: Broker Credential Leak Prevention

Memory Leak Fixes

ETA Task Memory Limit

Queue Type Selection for Auto-created Queues

5.6.0

Python 3.9 Minimum Version

SQS: Reverted to pycurl from urllib3

Security Fix: Broker Credential Leak Prevention

Version 0.38.0

What's Changed

New Contributors

Version 0.37.0

What's Changed

New Contributors

Version 0.36.1

What's Changed

Version 0.36.0

Added

New Contributors

Version 0.35.0

Added

0.38.0 (October 18, 2025)

Added

0.37.0 (September 23, 2025)

Added

0.36.1 (September 23, 2025)

Fixed

0.36.0 (September 20, 2025)

Added

0.35.0 (June 28, 2025)

Added

Changed

0.34.3 (June 1, 2025)

Fixed

Version 0.4.0

What's Changed

2.5

2.5 (2025-11-06)

2025.6

2025.6 (2025-06-08)

Changelog

v4.6 (2025-11-10)

v3.16.1

Minor changes

Bug fixes

Translations

Documentation

Internal changes

New Contributors

4.9.0 (2025-09-18)

4.8.0 (2025-09-08)

0.29.0

Important notes

PRs

New Contributors

0.29.0 (2025-11-01)

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

dependabot bot commented on behalf of github Dec 4, 2025 •

edited

Loading

SQS: Reverted to `pycurl` from `urllib3`

SQS: Reverted to `pycurl` from `urllib3`