Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

⬆️ Bump the pip group with 13 updates #29

Closed
wants to merge 1 commit into from
Closed

⬆️ Bump the pip group with 13 updates #29

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Jun 17, 2024

Bumps the pip group with 13 updates:

Package From To
mlflow 2.10.2 2.13.2
pillow 9.5.0 10.3.0
fonttools 4.42.1 4.43.0
gitpython 3.1.32 3.1.41
gunicorn 21.2.0 22.0.0
idna 3.4 3.7
jinja2 3.1.2 3.1.4
pyarrow 12.0.1 14.0.1
requests 2.31.0 2.32.2
sqlparse 0.4.4 0.5.0
tornado 6.4 6.4.1
urllib3 2.0.4 2.2.2
werkzeug 2.3.7 3.0.3

Updates mlflow from 2.10.2 to 2.13.2

Release notes

Sourced from mlflow's releases.

v2.13.2

MLflow 2.13.2 is a patch release that includes several bug fixes and integration improvements to existing features.

Features:

Bug fixes:

Small bug fixes and documentation updates:

#12268, #12210, @​B-Step62; #12214, @​harupy; #12223, #12226, @​annzhang-db; #12260, #12237, @​prithvikannan; #12261, @​BenWilson2; #12231, @​serena-ruan; #12238, @​sunishsheth2009

v2.13.1

MLflow 2.13.1 is a patch release that includes several bug fixes and integration improvements to existing features. New features that are introduced in this patch release are intended to provide a foundation to further major features that will be released in the next release.

Features:

  • [MLflow] Add mlflow[langchain] extra that installs recommended versions of langchain with MLflow (#12182, @​sunishsheth2009)
  • [Tracking] Adding the ability to override the model_config in langchain flavor if loaded as pyfunc (#12085, @​sunishsheth2009)
  • [Model Registry] Automatically detect if Presigned URLs are required for Unity Catalog (#12177, @​artjen)

Bug fixes:

  • [Tracking] Use getUserLocalTempDir and getUserNFSTempDir to replace getReplLocalTempDir and getReplNFSTempDir in databricks runtime (#12105, @​WeichenXu123)
  • [Model] Updating chat model to take default input_example and predict to accept json during inference (#12115, @​sunishsheth2009)
  • [Tracking] Automatically call load_context when inferring signature in pyfunc (#12099, @​sunishsheth2009)

v2.13.0

MLflow 2.13.0 includes several major features and improvements

With this release, we're happy to introduce several features that enhance the usability of MLflow broadly across a range of use cases.

Major Features and Improvements:

  • Streamable Python Models: The newly introduced predict_stream API for Python Models allows for custom model implementations that support the return of a generator object, permitting full customization for GenAI applications.

  • Enhanced Code Dependency Inference: A new feature for automatically inferrring code dependencies based on detected dependencies within a model's implementation. As a supplement to the code_paths parameter, the introduced infer_model_code_paths option when logging a model will determine which additional code modules are needed in order to ensure that your models can be loaded in isolation, deployed, and reliably stored.

  • Standardization of MLflow Deployment Server: Outputs from the Deployment Server's endpoints now conform to OpenAI's interfaces to provide a simpler integration with commonly used services.

Features:

  • [Deployments] Update the MLflow Deployment Server interfaces to be OpenAI compatible (#12003, @​harupy)
  • [Deployments] Add Togetherai as a supported provider for the MLflow Deployments Server (#11557, @​FotiosBistas)
  • [Models] Add predict_stream API support for Python Models (#11791, @​WeichenXu123)

... (truncated)

Changelog

Sourced from mlflow's changelog.

2.13.2 (2024-06-06)

MLflow 2.13.2 is a patch release that includes several bug fixes and integration improvements to existing features.

Features:

Bug fixes:

Small bug fixes and documentation updates:

#12268, #12210, @​B-Step62; #12214, @​harupy; #12223, #12226, @​annzhang-db; #12260, #12237, @​prithvikannan; #12261, @​BenWilson2; #12231, @​serena-ruan; #12238, @​sunishsheth2009

2.13.1 (2024-05-30)

MLflow 2.13.1 is a patch release that includes several bug fixes and integration improvements to existing features. New features that are introduced in this patch release are intended to provide a foundation to further major features that will be released in the next release.

Features:

  • [MLflow] Add mlflow[langchain] extra that installs recommended versions of langchain with MLflow (#12182, @​sunishsheth2009)
  • [Tracking] Adding the ability to override the model_config in langchain flavor if loaded as pyfunc (#12085, @​sunishsheth2009)
  • [Model Registry] Automatically detect if Presigned URLs are required for Unity Catalog (#12177, @​artjen)

Bug fixes:

  • [Tracking] Use getUserLocalTempDir and getUserNFSTempDir to replace getReplLocalTempDir and getReplNFSTempDir in databricks runtime (#12105, @​WeichenXu123)
  • [Model] Updating chat model to take default input_example and predict to accept json during inference (#12115, @​sunishsheth2009)
  • [Tracking] Automatically call load_context when inferring signature in pyfunc (#12099, @​sunishsheth2009)

Small bug fixes and documentation updates:

#12180, #12152, #12128, #12126, #12100, #12086, #12084, #12079, #12071, #12067, #12062, @​serena-ruan; #12175, #12167, #12137, #12134, #12127, #12123, #12111, #12109, #12078, #12080, #12064, @​B-Step62; #12142, @​2maz; #12171, #12168, #12159, #12153, #12144, #12104, #12095, #12083, @​harupy; #12160, @​aravind-segu; #11990, @​kriscon-db; #12178, #12176, #12090, #12036, @​sunishsheth2009; #12162, #12110, #12088, #11937, #12075, @​daniellok-db; #12133, #12131, @​prithvikannan; #12132, #12035, @​annzhang-db; #12121, #12120, @​liangz1; #12122, #12094, @​dbczumar; #12098, #12055, @​mparkhe

2.13.0 (2024-05-20)

MLflow 2.13.0 includes several major features and improvements

With this release, we're happy to introduce several features that enhance the usability of MLflow broadly across a range of use cases.

Major Features and Improvements:

  • Streamable Python Models: The newly introduced predict_stream API for Python Models allows for custom model implementations that support the return of a generator object, permitting full customization for GenAI applications.

  • Enhanced Code Dependency Inference: A new feature for automatically inferrring code dependencies based on detected dependencies within a model's implementation. As a supplement to the code_paths parameter, the introduced infer_model_code_paths option when logging a model will determine which additional code modules are needed in order to ensure that your models can be loaded in isolation, deployed, and reliably stored.

... (truncated)

Commits
  • de95337 Run python3 dev/update_mlflow_versions.py pre-release ... (#12270)
  • e14c7cf Suppress trace display while loading model-as-code langchain model that inclu...
  • 96e51a7 Avoid importing mlflow.gateway at the top level of mlflow.deployment modu...
  • 80c0b6e Silence traces when logging langchain models (#12210)
  • 231740f Call _flatten_nested_params only when model_config is truthy (#12214)
  • 0e4c4f5 Use unique temp dir for model code (#12223)
  • f097aff Rename environment variables to not include "DATABRICKS" (#12260)
  • b79c425 Add alternative package names for RAG to requirements exclusion validation (#...
  • 68db950 Mock dbutils when loading model code path (#12226)
  • fd8fb05 Ignore databricks_rag_studio in package mismatch (#12231)
  • Additional commits viewable in compare view

Updates pillow from 9.5.0 to 10.3.0

Release notes

Sourced from pillow's releases.

10.3.0

https://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.html

Changes

... (truncated)

Changelog

Sourced from pillow's changelog.

10.3.0 (2024-04-01)

  • CVE-2024-28219: Use strncpy to avoid buffer overflow #7928 [radarhere, hugovk]

  • Deprecate eval(), replacing it with lambda_eval() and unsafe_eval() #7927 [radarhere, hugovk]

  • Raise ValueError if seeking to greater than offset-sized integer in TIFF #7883 [radarhere]

  • Add --report argument to __main__.py to omit supported formats #7818 [nulano, radarhere, hugovk]

  • Added RGB to I;16, I;16L, I;16B and I;16N conversion #7918, #7920 [radarhere]

  • Fix editable installation with custom build backend and configuration options #7658 [nulano, radarhere]

  • Fix putdata() for I;16N on big-endian #7209 [Yay295, hugovk, radarhere]

  • Determine MPO size from markers, not EXIF data #7884 [radarhere]

  • Improved conversion from RGB to RGBa, LA and La #7888 [radarhere]

  • Support FITS images with GZIP_1 compression #7894 [radarhere]

  • Use I;16 mode for 9-bit JPEG 2000 images #7900 [scaramallion, radarhere]

  • Raise ValueError if kmeans is negative #7891 [radarhere]

  • Remove TIFF tag OSUBFILETYPE when saving using libtiff #7893 [radarhere]

  • Raise ValueError for negative values when loading P1-P3 PPM images #7882 [radarhere]

  • Added reading of JPEG2000 palettes #7870 [radarhere]

  • Added alpha_quality argument when saving WebP images #7872 [radarhere]

... (truncated)

Commits
  • 5c89d88 10.3.0 version bump
  • 63cbfcf Update CHANGES.rst [ci skip]
  • 2776126 Merge pull request #7928 from python-pillow/lcms
  • aeb51cb Merge branch 'main' into lcms
  • 5beb0b6 Update CHANGES.rst [ci skip]
  • cac6ffa Merge pull request #7927 from python-pillow/imagemath
  • f5eeeac Name as 'options' in lambda_eval and unsafe_eval, but '_dict' in deprecated eval
  • facf3af Added release notes
  • 2a93aba Use strncpy to avoid buffer overflow
  • a670597 Update CHANGES.rst [ci skip]
  • Additional commits viewable in compare view

Updates fonttools from 4.42.1 to 4.43.0

Release notes

Sourced from fonttools's releases.

4.43.0

  • [subset] Set up lxml XMLParser(resolve_entities=False) when parsing OT-SVG documents to prevent XML External Entity (XXE) attacks (9f61271dc): https://codeql.github.com/codeql-query-help/python/py-xxe/
  • [varLib.iup] Added workaround for a Cython bug in iup_delta_optimize that was leading to IUP tolerance being incorrectly initialised, resulting in sub-optimal deltas (60126435d, cython/cython#5732).
  • [varLib] Added new command-line entry point fonttools varLib.avar to add an avar table to an existing VF from axes mappings in a .designspace file (0a3360e52).
  • [instancer] Fixed bug whereby no longer used variation regions were not correctly pruned after VarData optimization (#3268).
  • Added support for Python 3.12 (#3283).
Changelog

Sourced from fonttools's changelog.

4.43.0 (released 2023-09-29)

  • [subset] Set up lxml XMLParser(resolve_entities=False) when parsing OT-SVG documents to prevent XML External Entity (XXE) attacks (9f61271dc): https://codeql.github.com/codeql-query-help/python/py-xxe/
  • [varLib.iup] Added workaround for a Cython bug in iup_delta_optimize that was leading to IUP tolerance being incorrectly initialised, resulting in sub-optimal deltas (60126435d, cython/cython#5732).
  • [varLib] Added new command-line entry point fonttools varLib.avar to add an avar table to an existing VF from axes mappings in a .designspace file (0a3360e52).
  • [instancer] Fixed bug whereby no longer used variation regions were not correctly pruned after VarData optimization (#3268).
  • Added support for Python 3.12 (#3283).
Commits
  • 145460e Release 4.43.0
  • 64f3fd8 Update changelog [skip ci]
  • 7aea49e Merge pull request #3283 from hugovk/main
  • 4470c44 Bump requirements.txt to support Python 3.12
  • 0c87cba Bump scipy for Python 3.12 support
  • eda6fa5 Add support for Python 3.12
  • 0e033b0 Bump reportlab from 3.6.12 to 3.6.13 in /Doc
  • 6012643 [iup] Work around cython bug
  • b14268a [iup] Remove copy/pasta
  • 0a3360e [varLib.avar] New module to compile avar from .designspace file
  • Additional commits viewable in compare view

Updates gitpython from 3.1.32 to 3.1.41

Release notes

Sourced from gitpython's releases.

3.1.41 - fix Windows security issue

The details about the Windows security issue can be found in this advisory.

Special thanks go to @​EliahKagan who reported the issue and fixed it in a single stroke, while being responsible for an incredible amount of improvements that he contributed over the last couple of months ❤️.

What's Changed

... (truncated)

Commits
  • f288738 bump patch level
  • ef3192c Merge pull request #1792 from EliahKagan/popen
  • 1f3caa3 Further clarify comment in test_hook_uses_shell_not_from_cwd
  • 3eb7c2a Move safer_popen from git.util to git.cmd
  • c551e91 Extract shared logic for using Popen safely on Windows
  • 15ebb25 Clarify comment in test_hook_uses_shell_not_from_cwd
  • f44524a Avoid spurious "location may have moved" on Windows
  • a42ea0a Cover absent/no-distro bash.exe in hooks "not from cwd" test
  • 7751436 Extract venv management from test_installation
  • 66ff4c1 Omit CWD in search for bash.exe to run hooks on Windows
  • Additional commits viewable in compare view

Updates gunicorn from 21.2.0 to 22.0.0

Release notes

Sourced from gunicorn's releases.

Gunicorn 22.0 has been released

Gunicorn 22.0.0 has been released. This version fix the numerous security vulnerabilities. You're invited to upgrade asap your own installation.

Changes:

22.0.0 - 2024-04-17
===================

    

  • use utime to notify workers liveness
    • 

  • migrate setup to pyproject.toml
    • 

  • fix numerous security vulnerabilities in HTTP parser (closing some request smuggling vectors)
    • 

  • parsing additional requests is no longer attempted past unsupported request framing
    • 

  • on HTTP versions < 1.1 support for chunked transfer is refused (only used in exploits)
    • 

  • requests conflicting configured or passed SCRIPT_NAME now produce a verbose error
    • 

  • Trailer fields are no longer inspected for headers indicating secure scheme
    • 

  • support Python 3.12
    • 



** Breaking changes **


    

  • minimum version is Python 3.7
    • 

  • the limitations on valid characters in the HTTP method have been bounded to Internet Standards
    • 

  • requests specifying unsupported transfer coding (order) are refused by default (rare)
    • 

  • HTTP methods are no longer casefolded by default (IANA method registry contains none affected)
    • 

  • HTTP methods containing the number sign (#) are no longer accepted by default (rare)
    • 

  • HTTP versions < 1.0 or >= 2.0 are no longer accepted by default (rare, only HTTP/1.1 is supported)
    • 

  • HTTP versions consisting of multiple digits or containing a prefix/suffix are no longer accepted
    • 

  • HTTP header field names Gunicorn cannot safely map to variables are silently dropped, as in other software
    • 

  • HTTP headers with empty field name are refused by default (no legitimate use cases, used in exploits)
    • 

  • requests with both Transfer-Encoding and Content-Length are refused by default (such a message might indicate an attempt to perform request smuggling)
    • 

  • empty transfer codings are no longer permitted (reportedly seen with really old & broken proxies)
    • 



** SECURITY **


    

  • fix CVE-2024-1135
  1. Documentation is available there: https://docs.gunicorn.org/en/stable/news.html
  2. Packages: https://pypi.org/project/gunicorn/
Commits
  • f63d59e bump to 22.0
  • 4ac81e0 Merge pull request #3175 from e-kwsm/typo
  • 401cecf Merge pull request #3179 from dhdaines/exclude-eventlet-0360
  • 0243ec3 fix(deps): exclude eventlet 0.36.0
  • 628a0bc chore: fix typos
  • 88fc4a4 Merge pull request #3131 from pajod/patch-py12-rebased
  • deae2fc CI: back off the agressive timeout
  • f470382 docs: promise 3.12 compat
  • 5e30bfa add changelog to project.urls (updated for PEP621)
  • 481c3f9 remove setup.cfg - overridden by pyproject.toml
  • Additional commits viewable in compare view

Updates idna from 3.4 to 3.7

Release notes

Sourced from idna's releases.

v3.7

What's Changed

  • Fix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]

Thanks to Guido Vranken for reporting the issue.

Full Changelog: kjd/idna@v3.6...v3.7

Changelog

Sourced from idna's changelog.

3.7 (2024-04-11) ++++++++++++++++

  • Fix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]

Thanks to Guido Vranken for reporting the issue.

3.6 (2023-11-25) ++++++++++++++++

  • Fix regression to include tests in source distribution.

3.5 (2023-11-24) ++++++++++++++++

  • Update to Unicode 15.1.0
  • String codec name is now "idna2008" as overriding the system codec "idna" was not working.
  • Fix typing error for codec encoding
  • "setup.cfg" has been added for this release due to some downstream lack of adherence to PEP 517. Should be removed in a future release so please prepare accordingly.
  • Removed reliance on a symlink for the "idna-data" tool to comport with PEP 517 and the Python Packaging User Guide for sdist archives.
  • Added security reporting protocol for project

Thanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for contributions to this release.

Commits
  • 1d365e1 Release v3.7
  • c1b3154 Merge pull request #172 from kjd/optimize-contextj
  • 0394ec7 Merge branch 'master' into optimize-contextj
  • cd58a23 Merge pull request #152 from elliotwutingfeng/dev
  • 5beb28b More efficient resolution of joiner contexts
  • 1b12148 Update ossf/scorecard-action to v2.3.1
  • d516b87 Update Github actions/checkout to v4
  • c095c75 Merge branch 'master' into dev
  • 60a0a4c Fix typo in GitHub Actions workflow key
  • 5918a0e Merge branch 'master' into dev
  • Additional commits viewable in compare view

Updates jinja2 from 3.1.2 to 3.1.4

Release notes

Sourced from jinja2's releases.

3.1.4

This is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.

PyPI: https://pypi.org/project/Jinja2/3.1.4/ Changes: https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4

  • The xmlattr filter does not allow keys with / solidus, > greater-than sign, or = equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj

3.1.3

This is a fix release for the 3.1.x feature branch.

Changelog

Sourced from jinja2's changelog.

Version 3.1.4

Released 2024-05-05

  • The xmlattr filter does not allow keys with / solidus, > gre...

    Description has been truncated

@dependabot
⬆️ Bump the pip group with 13 updates
b1de1cc 
Bumps the pip group with 13 updates:

| Package | From | To |
| --- | --- | --- |
| [mlflow](https://github.com/mlflow/mlflow) | `2.10.2` | `2.13.2` |
| [pillow](https://github.com/python-pillow/Pillow) | `9.5.0` | `10.3.0` |
| [fonttools](https://github.com/fonttools/fonttools) | `4.42.1` | `4.43.0` |
| [gitpython](https://github.com/gitpython-developers/GitPython) | `3.1.32` | `3.1.41` |
| [gunicorn](https://github.com/benoitc/gunicorn) | `21.2.0` | `22.0.0` |
| [idna](https://github.com/kjd/idna) | `3.4` | `3.7` |
| [jinja2](https://github.com/pallets/jinja) | `3.1.2` | `3.1.4` |
| [pyarrow](https://github.com/apache/arrow) | `12.0.1` | `14.0.1` |
| [requests](https://github.com/psf/requests) | `2.31.0` | `2.32.2` |
| [sqlparse](https://github.com/andialbrecht/sqlparse) | `0.4.4` | `0.5.0` |
| [tornado](https://github.com/tornadoweb/tornado) | `6.4` | `6.4.1` |
| [urllib3](https://github.com/urllib3/urllib3) | `2.0.4` | `2.2.2` |
| [werkzeug](https://github.com/pallets/werkzeug) | `2.3.7` | `3.0.3` |


Updates `mlflow` from 2.10.2 to 2.13.2
- [Release notes](https://github.com/mlflow/mlflow/releases)
- [Changelog](https://github.com/mlflow/mlflow/blob/master/CHANGELOG.md)
- [Commits](mlflow/mlflow@v2.10.2...v2.13.2)

Updates `pillow` from 9.5.0 to 10.3.0
- [Release notes](https://github.com/python-pillow/Pillow/releases)
- [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst)
- [Commits](python-pillow/Pillow@9.5.0...10.3.0)

Updates `fonttools` from 4.42.1 to 4.43.0
- [Release notes](https://github.com/fonttools/fonttools/releases)
- [Changelog](https://github.com/fonttools/fonttools/blob/main/NEWS.rst)
- [Commits](fonttools/fonttools@4.42.1...4.43.0)

Updates `gitpython` from 3.1.32 to 3.1.41
- [Release notes](https://github.com/gitpython-developers/GitPython/releases)
- [Changelog](https://github.com/gitpython-developers/GitPython/blob/main/CHANGES)
- [Commits](gitpython-developers/GitPython@3.1.32...3.1.41)

Updates `gunicorn` from 21.2.0 to 22.0.0
- [Release notes](https://github.com/benoitc/gunicorn/releases)
- [Commits](benoitc/gunicorn@21.2.0...22.0.0)

Updates `idna` from 3.4 to 3.7
- [Release notes](https://github.com/kjd/idna/releases)
- [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst)
- [Commits](kjd/idna@v3.4...v3.7)

Updates `jinja2` from 3.1.2 to 3.1.4
- [Release notes](https://github.com/pallets/jinja/releases)
- [Changelog](https://github.com/pallets/jinja/blob/main/CHANGES.rst)
- [Commits](pallets/jinja@3.1.2...3.1.4)

Updates `pyarrow` from 12.0.1 to 14.0.1
- [Commits](apache/arrow@r-12.0.1...go/v14.0.1)

Updates `requests` from 2.31.0 to 2.32.2
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](psf/requests@v2.31.0...v2.32.2)

Updates `sqlparse` from 0.4.4 to 0.5.0
- [Changelog](https://github.com/andialbrecht/sqlparse/blob/master/CHANGELOG)
- [Commits](andialbrecht/sqlparse@0.4.4...0.5.0)

Updates `tornado` from 6.4 to 6.4.1
- [Changelog](https://github.com/tornadoweb/tornado/blob/master/docs/releases.rst)
- [Commits](tornadoweb/tornado@v6.4.0...v6.4.1)

Updates `urllib3` from 2.0.4 to 2.2.2
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst)
- [Commits](urllib3/urllib3@2.0.4...2.2.2)

Updates `werkzeug` from 2.3.7 to 3.0.3
- [Release notes](https://github.com/pallets/werkzeug/releases)
- [Changelog](https://github.com/pallets/werkzeug/blob/main/CHANGES.rst)
- [Commits](pallets/werkzeug@2.3.7...3.0.3)

---
updated-dependencies:
- dependency-name: mlflow
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: pillow
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: fonttools
  dependency-type: indirect
  dependency-group: pip
- dependency-name: gitpython
  dependency-type: indirect
  dependency-group: pip
- dependency-name: gunicorn
  dependency-type: indirect
  dependency-group: pip
- dependency-name: idna
  dependency-type: indirect
  dependency-group: pip
- dependency-name: jinja2
  dependency-type: indirect
  dependency-group: pip
- dependency-name: pyarrow
  dependency-type: indirect
  dependency-group: pip
- dependency-name: requests
  dependency-type: indirect
  dependency-group: pip
- dependency-name: sqlparse
  dependency-type: indirect
  dependency-group: pip
- dependency-name: tornado
  dependency-type: indirect
  dependency-group: pip
- dependency-name: urllib3
  dependency-type: indirect
  dependency-group: pip
- dependency-name: werkzeug
  dependency-type: indirect
  dependency-group: pip
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jun 17, 2024
@dependabot dependabot bot mentioned this pull request Jun 17, 2024
Closed
@dependabot Dependabot
Copy link
Author

dependabot bot commented on behalf of github Jun 18, 2024

Superseded by #30.

@dependabot dependabot bot closed this Jun 18, 2024
@dependabot dependabot bot deleted the dependabot/pip/pip-a2c10fab35 branch June 18, 2024 00:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@futabato futabato

Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@futabato