Skip to content

Bump the python-dependencies group with 2 updates#281

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/uv/python-dependencies-f3fe5bc61b
Open

Bump the python-dependencies group with 2 updates#281
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/uv/python-dependencies-f3fe5bc61b

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 14, 2026

Copy link
Copy Markdown
Contributor

Bumps the python-dependencies group with 2 updates: cyclopts and gitpython.

Updates cyclopts from 4.20.0 to 4.21.0

Release notes

Sourced from cyclopts's releases.

v4.21.0

Feature

  • Add Parameter.negative_alias to append extra names to a flag's negative form (e.g. a short -d) without dropping the generated --no-*/--empty-* names. Mirrors name/alias. By @​BrianPugh in BrianPugh/cyclopts#859

Bug Fixes

  • Fix [#857](https://github.com/BrianPugh/cyclopts/issues/857): a dataclass command with a default_factory field could raise a spurious "Input should be a valid list" validation error simply because pydantic was imported anywhere in the program. Factory defaults are now invoked during introspection, so the produced value (rather than the <factory> sentinel) is used as the default and shown in help text — consistent across dataclass, attrs, and pydantic. By @​BrianPugh in BrianPugh/cyclopts#858

Full Changelog: BrianPugh/cyclopts@v4.20.0...v4.21.0

Commits
  • 19ed511 Merge pull request #858 from BrianPugh/issue-857-pydantic-dataclass-default-f...
  • 0e4203e Add regression test for attrs takes_self factory default
  • 23b8179 Merge pull request #859 from BrianPugh/negative-alias
  • 821efec Add Parameter.negative_alias
  • 10491b1 Invoke zero-arg pydantic default_factory during introspection
  • 4d04724 DRY up sentinel-default resolution in signature_parameters
  • dfd4110 Don't re-register fields when accepts_keys=True is explicit
  • f2eb9de Resolve pydantic default_factory sentinel in signature_parameters
  • 196467d Resolve attrs Factory defaults in _attrs_field_infos
  • 0ae04ae Resolve attrs Factory sentinel in signature_parameters
  • Additional commits viewable in compare view

Updates gitpython from 3.1.50 to 3.1.51

Release notes

Sourced from gitpython's releases.

3.1.51 - Security

What's Changed

New Contributors

Full Changelog: gitpython-developers/GitPython@3.1.50...3.1.51

Commits
  • 7b0764d bump to v3.1.51
  • af027be Merge pull request #2163 from gitpython-developers/fix-unguarded-blame
  • 701ce32 fix: Guard unsafe git command options (GHSA-956x-8gvw-wg5v)
  • 65a7283 Merge pull request #2168 from gitpython-developers/advisory-fix-1
  • 3e59876 Merge pull request #2169 from gitpython-developers/fix-config-assert
  • f033017 chore: avoid duplicate runs of CI in PRs
  • 1551238 fix: allow relative config paths with includes (#2103)
  • 5680608 fix: reject joined unsafe short options
  • 181e8ed Address review feedback about unsafe option abbreviations
  • 40f1424 Add Commit.is_shallow property; document stats() limitation at shallow bounda...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the python-dependencies group with 2 updates: [cyclopts](https://github.com/BrianPugh/cyclopts) and [gitpython](https://github.com/gitpython-developers/GitPython).


Updates `cyclopts` from 4.20.0 to 4.21.0
- [Release notes](https://github.com/BrianPugh/cyclopts/releases)
- [Commits](BrianPugh/cyclopts@v4.20.0...v4.21.0)

Updates `gitpython` from 3.1.50 to 3.1.51
- [Release notes](https://github.com/gitpython-developers/GitPython/releases)
- [Changelog](https://github.com/gitpython-developers/GitPython/blob/main/CHANGES)
- [Commits](gitpython-developers/GitPython@3.1.50...3.1.51)

---
updated-dependencies:
- dependency-name: cyclopts
  dependency-version: 4.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-dependencies
- dependency-name: gitpython
  dependency-version: 3.1.51
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: python-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Jul 14, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants