Skip to content

Bump the all-dependencies group across 1 directory with 5 updates #90

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Bump the all-dependencies group across 1 directory with 5 updates #90

wants to merge 1 commit into from

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Nov 1, 2025
edited
Loading

Bumps the all-dependencies group with 5 updates in the / directory:

Package From To
click 8.1.8 8.3.0
mlflow 3.1.1 3.5.1
python-dotenv 1.1.1 1.2.1
matplotlib 3.10.6 3.10.7
pytest-cov 6.3.0 7.0.0

Updates click from 8.1.8 to 8.3.0

Release notes

Sourced from click's releases.

8.3.0

This is the Click 8.3.0 feature release. A feature release may include new features, remove previously deprecated code, add new deprecation, or introduce potentially breaking changes.

We encourage everyone to upgrade. You can read more about our Version Support Policy on our website.

PyPI: https://pypi.org/project/click/8.3.0/ Changes: https://click.palletsprojects.com/page/changes/#version-8-3-0 Milestone https://github.com/pallets/click/milestone/27

  • Improved flag option handling: Reworked the relationship between flag_value and default parameters for better consistency:

    • The default parameter value is now preserved as-is and passed directly to CLI functions (no more unexpected transformations)
    • Exception: flag options with default=True maintain backward compatibility by defaulting to their flag_value
    • The default parameter can now be any type (bool, None, etc.)
    • Fixes inconsistencies reported in: #1992 #2514 #2610 #3024 #3030

  • Allow default to be set on Argument for nargs = -1. #2164 #3030

  • Show correct auto complete value for nargs option in combination with flag option #2813

  • Show correct auto complete value for nargs option in combination with flag option #2813

  • Fix handling of quoted and escaped parameters in Fish autocompletion. #2995 #3013

  • Lazily import shutil. #3023

  • Properly forward exception information to resources registered with click.core.Context.with_resource(). #2447 #3058

  • Fix regression related to EOF handling in CliRunner. #2939 #2940

8.2.2

This is the Click 8.2.2 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/click/8.2.2/ Changes: https://click.palletsprojects.com/page/changes/#version-8-2-2 Milestone: https://github.com/pallets/click/milestone/25

  • Fix reconciliation of default, flag_value and type parameters for flag options, as well as parsing and normalization of environment variables. #2952 #2956
  • Fix typing issue in BadParameter and MissingParameter exceptions for the parameter param_hint that did not allow for a sequence of string where the underlying functino _join_param_hints allows for it. #2777 #2990
  • Use the value of Enum choices to render their default value in help screen. #2911 #3004
  • Fix completion for the Z shell (zsh) for completion items containing colons. #2703 #2846
  • Don't include envvar in error hint when not configured. #2971 #2972

... (truncated)

Changelog

Sourced from click's changelog.

Version 8.3.0

Released 2025-09-17

  • Improved flag option handling: Reworked the relationship between flag_value and default parameters for better consistency:

    • The default parameter value is now preserved as-is and passed directly to CLI functions (no more unexpected transformations)
    • Exception: flag options with default=True maintain backward compatibility by defaulting to their flag_value
    • The default parameter can now be any type (bool, None, etc.)
    • Fixes inconsistencies reported in: :issue:1992 :issue:2514 :issue:2610 :issue:3024 :pr:3030

  • Allow default to be set on Argument for nargs = -1. :issue:2164 :pr:3030

  • Show correct auto complete value for nargs option in combination with flag option :issue:2813

  • Fix handling of quoted and escaped parameters in Fish autocompletion. :issue:2995 :pr:3013

  • Lazily import shutil. :pr:3023

  • Properly forward exception information to resources registered with click.core.Context.with_resource(). :issue:2447 :pr:3058

  • Fix regression related to EOF handling in CliRunner. :issue:2939 :pr:2940

Version 8.2.2

Released 2025-07-31

  • Fix reconciliation of default, flag_value and type parameters for flag options, as well as parsing and normalization of environment variables. :issue:2952 :pr:2956
  • Fix typing issue in BadParameter and MissingParameter exceptions for the parameter param_hint that did not allow for a sequence of string where the underlying function _join_param_hints allows for it. :issue:2777 :pr:2990
  • Use the value of Enum choices to render their default value in help screen. Refs :issue:2911 :pr:3004
  • Fix completion for the Z shell (zsh) for completion items containing colons. :issue:2703 :pr:2846
  • Don't include envvar in error hint when not configured. :issue:2971 :pr:2972
  • Fix a rare race in click.testing.StreamMixer's finalization that manifested as a ValueError on close in a multi-threaded test session. :issue:2993 :pr:2991

Version 8.2.1

Released 2025-05-20

... (truncated)

Commits
  • 00fadb8 Release version 8.3.0
  • 2a0e3ba testing/CliRunner: Fix regression related to EOF introduced in 262bdf0 (#2940)
  • e11a1ef Merge branch 'main' into fix-cli-runner-prompt-eof-handling
  • 36deba8 Forward exception information to resources registered in a context (#3058)
  • f2cae7a #2447 Add summary of PR to changelog for 8.3.x
  • 7c7ec36 #2447 Split resource exception handling tests in single and nested
  • 92129c5 #2447 Added exception forwarding to context tests
  • 555fa9b #2447 Forward exception data to exit stack when calling __exit__
  • 16fe802 Add more tests on Enum rendering (#3053)
  • d36de6f Add more tests on Enum rendering their item's names and not values
  • Additional commits viewable in compare view

Updates mlflow from 3.1.1 to 3.5.1

Release notes

Sourced from mlflow's releases.

v3.5.1

MLflow 3.5.1 is a patch release that includes several bug fixes and improvements.

Features:

Bug fixes:

Documentation updates:

v3.5.0

MLflow 3.5.0 includes several major features and improvements!

Major Features

  • 🤖 Tracing support for Claude Code SDK: MLflow now provides a tracing integration for both the Claude Code CLI and SDK! Configure the autologging integration to track your prompts, Claude's responses, tool calls, and more. Check out this doc page to get started. (#18022, @​smoorjani)
  • 🎯 Flexible Prompt Optimization API: Introduced a new flexible API for prompt optimization with support for model switching and the GEPA algorithm, enabling more efficient prompt tuning with fewer rollouts. See the documentation to get started. (#18183, #18031, @​TomeHirata)
  • 🎨 Enhanced UI Onboarding: Improved in-product onboarding experience with trace quickstart drawer and updated homepage guidance to help users discover MLflow's latest features. (#18098, #18187, @​B-Step62)
  • 🔐 Security Middleware for Tracking Server: Added a security middleware layer to protect against DNS rebinding, CORS attacks, and other security threats. Read the documentation for configuration details. (#17910, @​BenWilson2)

Features

  • [Tracing / Tracking] Add unlink_traces_from_run batch operation (#18316, @​harupy)
  • [Tracing] Add batch trace link/unlink operations to DatabricksTracingRestStore (#18295, @​harupy)
  • [Tracking] Claude Code SDK autologging support (#18022, @​smoorjani)

... (truncated)

Changelog

Sourced from mlflow's changelog.

3.5.1 (2025-10-21)

MLflow 3.5.1 is a patch release that includes several bug fixes and improvements.

Features:

Bug fixes:

Documentation updates:

3.5.0 (2025-10-16)

MLflow 3.5.0 includes several major features and improvements!

Major Features

  • ⚙️ Job Execution Backend: Introduced a new job execution backend infrastructure for running asynchronous tasks with individual execution pools, job search capabilities, and transient error handling. (#17676, #18012, #18070, #18071, #18112, #18049, @​WeichenXu123)
  • 🎯 Flexible Prompt Optimization API: Introduced a new flexible API for prompt optimization with support for model switching and the GEPA algorithm, enabling more efficient prompt tuning with fewer rollouts. See the documentation to get started. (#18183, #18031, @​TomeHirata)
  • 🎨 Enhanced UI Onboarding: Improved in-product onboarding experience with trace quickstart drawer and updated homepage guidance to help users discover MLflow's latest features. (#18098, #18187, @​B-Step62)
  • 🔐 Security Middleware for Tracking Server: Added a security middleware layer to protect against DNS rebinding, CORS attacks, and other security threats. Read the documentation for configuration details. (#17910, @​BenWilson2)

Features

  • [Tracing / Tracking] Add unlink_traces_from_run batch operation (#18316, @​harupy)

... (truncated)

Commits
  • c4ee72f Fix chat message parsing in summary view (#18454)
  • 6e1c8fa Remove X-Frame-Options for notebook trace renderer (#18446)
  • d1facbc Fix Span to_dict format to be loadable with from_dict in old versions (#18439)
  • a03e133 Fix span ID parsing in the UI (#18419)
  • 82fb4df [DOC-FIX] Fix Kubernetes Deployment Tutorial Code (#18381)
  • 3cb519d Fix attribute error in StrandsAgent tracing (#18409)
  • 90e0c40 Add configuration option for long-running deployments client requests (#18363)
  • 9bea5b1 Show instructions for prompt optimization on prompt registry (#18375)
  • 45376b3 Move fastmcp to optional mcp extra (#18422)
  • 9c51398 Adjust util for remote tracking server declaration (#18411)
  • Additional commits viewable in compare view

Updates python-dotenv from 1.1.1 to 1.2.1

Release notes

Sourced from python-dotenv's releases.

v1.2.1

What's Changed

New Contributors

Full Changelog: theskumar/python-dotenv@v1.2.0...v1.2.1

v1.2.0

What's Changed

New Contributors

Full Changelog: theskumar/python-dotenv@v1.1.1...v1.2.0

Changelog

Sourced from python-dotenv's changelog.

[1.2.1] - 2025-10-26

  • Move more config to pyproject.toml, removed setup.cfg
  • Add support for reading .env from FIFOs (Unix) by [@​sidharth-sudhir] in #586

[1.2.0] - 2025-10-26

Commits
  • eaf2a91 Do not remove .coverage file
  • 8716196 Bump version: 1.2.0 → 1.2.1
  • b87807f Update changelog
  • 3af77d3 Support reading .env from FIFOs (Unix) (#586)
  • 467ee22 Fix test failures after moving config to pyproject.toml
  • 76999e7 Move more config pyproject.toml
  • 222ce2c Update to use trusted publisher on pypi
  • 8ed4f79 Update docs requirements
  • 5bf8822 Bump version: 1.1.1 → 1.2.0
  • 1fe11cc upadate changelog
  • Additional commits viewable in compare view

Updates matplotlib from 3.10.6 to 3.10.7

Release notes

Sourced from matplotlib's releases.

REL: v3.10.7

This is the latest bugfix release in the 3.10.x series.

The most important update in this release is that the minimum version of pyparsing has been updated to version 3.0.

Commits
  • 4aeb773 REL: v3.10.7
  • 080add3 Merge branch 'v3.10.6-doc' into v3.10.x
  • a604a8b Github Stats v3.10.7
  • f550261 Zenodo v3.10.6
  • 9a5e3e4 Merge pull request #30628 from meeseeksmachine/auto-backport-of-pr-30626-on-v...
  • eb8cb0c Backport PR #30626: MNT: Fix new F401 unused imports warnings
  • 8fadc71 Backport PR #29745: Use PEP8 style method and function names from (#30589)
  • 098876e Merge pull request #30614 from meeseeksmachine/auto-backport-of-pr-30612-on-v...
  • eb42d86 Backport PR #30612: MNT: update black pin
  • 4a9c187 Merge pull request #30572 from QuLogic/auto-backport-of-pr-30571-on-v3.10.x
  • Additional commits viewable in compare view

Updates pytest-cov from 6.3.0 to 7.0.0

Changelog

Sourced from pytest-cov's changelog.

7.0.0 (2025-09-09)

  • Dropped support for subprocesses measurement.

    It was a feature added long time ago when coverage lacked a nice way to measure subprocesses created in tests. It relied on a .pth file, there was no way to opt-out and it created bad interations with coverage's new patch system <https://coverage.readthedocs.io/en/latest/config.html#run-patch>_ added in 7.10 <https://coverage.readthedocs.io/en/7.10.6/changes.html#version-7-10-0-2025-07-24>_.

    To migrate to this release you might need to enable the suprocess patch, example for .coveragerc:

    .. code-block:: ini

    [run] patch = subprocess

    This release also requires at least coverage 7.10.6.

  • Switched packaging to have metadata completely in pyproject.toml and use hatchling <https://pypi.org/project/hatchling/>_ for building. Contributed by Ofek Lev in [#551](https://github.com/pytest-dev/pytest-cov/issues/551) <https://github.com/pytest-dev/pytest-cov/pull/551>_ with some extras in [#716](https://github.com/pytest-dev/pytest-cov/issues/716) <https://github.com/pytest-dev/pytest-cov/pull/716>_.

  • Removed some not really necessary testing deps like six.

Commits
  • 224d896 Bump version: 6.3.0 → 7.0.0
  • 73424e3 Cleanup the docs a bit.
  • 36f1cc2 Bump pins in template.
  • f299c59 Bump the github-actions group with 2 updates
  • 25f0b2e Update docs/config.rst
  • bb23eac Improve configuration docs
  • a19531e Switch from build/pre-commit to uv/prek - this should make this faster.
  • 82f9993 Update changelog.
  • 211b5cd Fix links.
  • 97aadd7 Update some ci config, reformat and apply some lint fixes.
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the all-dependencies group across 1 directory with 5 updates
0fb1b90 
Bumps the all-dependencies group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [click](https://github.com/pallets/click) | `8.1.8` | `8.3.0` |
| [mlflow](https://github.com/mlflow/mlflow) | `3.1.1` | `3.5.1` |
| [python-dotenv](https://github.com/theskumar/python-dotenv) | `1.1.1` | `1.2.1` |
| [matplotlib](https://github.com/matplotlib/matplotlib) | `3.10.6` | `3.10.7` |
| [pytest-cov](https://github.com/pytest-dev/pytest-cov) | `6.3.0` | `7.0.0` |



Updates `click` from 8.1.8 to 8.3.0
- [Release notes](https://github.com/pallets/click/releases)
- [Changelog](https://github.com/pallets/click/blob/main/CHANGES.rst)
- [Commits](pallets/click@8.1.8...8.3.0)

Updates `mlflow` from 3.1.1 to 3.5.1
- [Release notes](https://github.com/mlflow/mlflow/releases)
- [Changelog](https://github.com/mlflow/mlflow/blob/master/CHANGELOG.md)
- [Commits](mlflow/mlflow@v3.1.1...v3.5.1)

Updates `python-dotenv` from 1.1.1 to 1.2.1
- [Release notes](https://github.com/theskumar/python-dotenv/releases)
- [Changelog](https://github.com/theskumar/python-dotenv/blob/main/CHANGELOG.md)
- [Commits](theskumar/python-dotenv@v1.1.1...v1.2.1)

Updates `matplotlib` from 3.10.6 to 3.10.7
- [Release notes](https://github.com/matplotlib/matplotlib/releases)
- [Commits](matplotlib/matplotlib@v3.10.6...v3.10.7)

Updates `pytest-cov` from 6.3.0 to 7.0.0
- [Changelog](https://github.com/pytest-dev/pytest-cov/blob/master/CHANGELOG.rst)
- [Commits](pytest-dev/pytest-cov@v6.3.0...v7.0.0)

---
updated-dependencies:
- dependency-name: click
  dependency-version: 8.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: mlflow
  dependency-version: 3.5.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: python-dotenv
  dependency-version: 1.2.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: matplotlib
  dependency-version: 3.10.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: pytest-cov
  dependency-version: 7.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: all-dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Nov 1, 2025
@dependabot dependabot bot requested a review from a team as a code owner November 1, 2025 21:28
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Nov 1, 2025
@github-actions
Copy link

github-actions bot commented Nov 1, 2025

MLCommons CLA bot All contributors have signed the MLCommons CLA ✍️ ✅

@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Dec 2, 2025

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Dec 2, 2025
@dependabot dependabot bot deleted the dependabot/pip/all-dependencies-0380fd5ba3 branch December 2, 2025 01:10
@github-actions github-actions bot locked and limited conversation to collaborators Dec 2, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant