Bump the development-version-updates group with 4 updates by dependabot[bot] · Pull Request #365 · mrlonis/python-open-restaurant-fastapi

dependabot · 2026-06-08T11:30:28Z

Bumps the development-version-updates group with 4 updates: tox, uvicorn, distlib and filelock.

Updates tox from 4.55.0 to 4.55.1

Release notes

v4.55.1

What's Changed

🐛 fix(config): propagate overrides through config references by @tales-aparecida in tox-dev/tox#3951

New Contributors

@tales-aparecida made their first contribution in tox-dev/tox#3951

Full Changelog: tox-dev/tox@4.55.0...4.55.1

Changelog

Sourced from tox's changelog.

Bug fixes - 4.55.1

TOX_OVERRIDE (and -x/--override) now propagates through configuration references. Previously, overriding a base value that was later referenced via {[section]key} (ini) or {replace = "ref", of = [...]} (toml) was ignored because reference resolution read the raw file value, bypassing the override system - by :user:tales-aparecida. (:issue:3950) (:issue:3950)

v4.55.0 (2026-05-28)

Commits

7ebde0c release 4.55.1
9ac5479 🐛 fix(config): propagate overrides through config references (#3951)
28972a9 [pre-commit.ci] pre-commit autoupdate (#3949)
See full diff in compare view

Updates uvicorn from 0.48.0 to 0.49.0

Release notes

Sourced from uvicorn's releases.

Version 0.49.0

What's Changed

Bump httptools minimum version to 0.8.0 by @Kludex in Kludex/uvicorn#2962

Consume duplicate forwarding headers in ProxyHeadersMiddleware (reverses the 0.48.0 behavior of ignoring them) by @Kludex in Kludex/uvicorn#2971

Full Changelog: Kludex/uvicorn@0.48.0...0.49.0

Changelog

Sourced from uvicorn's changelog.

0.49.0 (June 3, 2026)

Changed

Bump httptools minimum version to 0.8.0 (#2962)

Consume duplicate forwarding headers in ProxyHeadersMiddleware (reverses the 0.48.0 behavior of ignoring them) (#2971)

Commits

3ef2e3e Version 0.49.0 (#2973)
eeb64b1 Consume duplicate forwarding headers in ProxyHeadersMiddleware (#2971)
630f4ac Make the watchfiles reload tests deterministic (#2972)
9154922 chore(deps): bump the github-actions group across 1 directory with 6 updates ...
739727a Migrate docs deploy from Cloudflare Pages to Workers (#2967)
be4a240 Gate docs preview deploy on Cloudflare token presence (#2966)
c489d7e Bump httptools minimum version to 0.8.0 (#2962)
9f547bd Skip docs preview deploy for Dependabot PRs (#2961)
44446b8 Migrate documentation from MkDocs Material to Zensical (#2959)
cfd659c Bump pymdown-extensions to 10.21.3 (#2958)
Additional commits viewable in compare view

Updates distlib from 0.4.0 to 0.4.1

Changelog

Sourced from distlib's changelog.

0.4.1


Released: 2026-06-02


scripts

Fix path traversal bug in handling entry points which allowed escaping the scripts directory.
Thanks to tonghuaroot for the comprehensive report.



tests

Fix #251: Change test function following a reorganization which happened in the Python stdlib.

Commits

d562ad5 Changes for 0.4.1.
6286442 Fix #251: Use more appropriate function in test.
e3b1cd6 Bump version.
da3e90a Added tag 0.4.0 for changeset d31f0b340fde
See full diff in compare view

Updates filelock from 3.29.0 to 3.29.1

Release notes

Sourced from filelock's releases.

3.29.1

What's Changed

docs: fix API docs of release() by @MrAnno in tox-dev/filelock#540

docs: clarify per-thread scope of FileLock configuration by @Gares95 in tox-dev/filelock#543

chore: improve filelock maintenance path by @lphuc2250gma in tox-dev/filelock#542

chore: improve filelock maintenance path by @lphuc2250gma in tox-dev/filelock#544

chore: improve filelock maintenance path by @lphuc2250gma in tox-dev/filelock#545

🐛 fix(soft): refuse to follow symlinks when reading the lock file by @dxbjavid in tox-dev/filelock#548

New Contributors

@MrAnno made their first contribution in tox-dev/filelock#540

@Gares95 made their first contribution in tox-dev/filelock#543

@lphuc2250gma made their first contribution in tox-dev/filelock#542

@dxbjavid made their first contribution in tox-dev/filelock#548

Full Changelog: tox-dev/filelock@3.29.0...3.29.1

Changelog

Sourced from filelock's changelog.

########### Changelog ###########

3.29.1 (2026-06-03)

🐛 fix(soft): refuse to follow symlinks when reading the lock file :pr:548 - by :user:dxbjavid

[pre-commit.ci] pre-commit autoupdate :pr:547 - by :user:pre-commit-ci[bot]

[pre-commit.ci] pre-commit autoupdate :pr:546 - by :user:pre-commit-ci[bot]

chore: improve filelock maintenance path :pr:545 - by :user:lphuc2250gma

chore: improve filelock maintenance path :pr:544 - by :user:lphuc2250gma

chore: improve filelock maintenance path :pr:542 - by :user:lphuc2250gma

docs: clarify per-thread scope of FileLock configuration :pr:543 - by :user:Gares95

[pre-commit.ci] pre-commit autoupdate :pr:541 - by :user:pre-commit-ci[bot]

docs: fix API docs of release() :pr:540 - by :user:MrAnno

[pre-commit.ci] pre-commit autoupdate :pr:539 - by :user:pre-commit-ci[bot]

[pre-commit.ci] pre-commit autoupdate :pr:538 - by :user:pre-commit-ci[bot]

[pre-commit.ci] pre-commit autoupdate :pr:537 - by :user:pre-commit-ci[bot]

build(deps): bump astral-sh/setup-uv from 8.0.0 to 8.1.0 :pr:536 - by :user:dependabot[bot]

[pre-commit.ci] pre-commit autoupdate :pr:535 - by :user:pre-commit-ci[bot]

3.29.0 (2026-04-19)

✨ feat(soft): enable stale lock detection on Windows :pr:534

🐛 fix(async): use single-thread executor for lock consistency :pr:533

build(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 :pr:530 - by :user:dependabot[bot]

3.28.0 (2026-04-14)

🐛 fix(ci): unbreak release workflow, publish to PyPI again :pr:529

3.26.1 (2026-04-09)

🐛 fix(asyncio): add exit to BaseAsyncFileLock and fix del loop handling :pr:518 - by :user:naarob

build(deps): bump pypa/gh-action-pypi-publish from 1.13.0 to 1.14.0 :pr:525 - by :user:dependabot[bot]

3.26.0 (2026-04-06)

✨ feat(soft): add PID inspection and lock breaking :pr:524

[pre-commit.ci] pre-commit autoupdate :pr:523 - by :user:pre-commit-ci[bot]

... (truncated)

Commits

438b6fe Release 3.29.1
bfbfa76 🐛 fix(soft): refuse to follow symlinks when reading the lock file (#548)
c51a72c [pre-commit.ci] pre-commit autoupdate (#547)
cc05fd7 [pre-commit.ci] pre-commit autoupdate (#546)
cb947e5 chore: improve filelock maintenance path (#545)
e087ca9 chore: improve filelock maintenance path (#544)
f9dd949 chore: improve filelock maintenance path (#542)
9200f1f docs: clarify per-thread scope of FileLock configuration (#543)
9d8985f [pre-commit.ci] pre-commit autoupdate (#541)
7d1f48c docs: fix API docs of release() (#540)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the development-version-updates group with 4 updates: [tox](https://github.com/tox-dev/tox), [uvicorn](https://github.com/Kludex/uvicorn), [distlib](https://github.com/pypa/distlib) and [filelock](https://github.com/tox-dev/py-filelock). Updates `tox` from 4.55.0 to 4.55.1 - [Release notes](https://github.com/tox-dev/tox/releases) - [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst) - [Commits](tox-dev/tox@4.55.0...4.55.1) Updates `uvicorn` from 0.48.0 to 0.49.0 - [Release notes](https://github.com/Kludex/uvicorn/releases) - [Changelog](https://github.com/Kludex/uvicorn/blob/main/docs/release-notes.md) - [Commits](Kludex/uvicorn@0.48.0...0.49.0) Updates `distlib` from 0.4.0 to 0.4.1 - [Release notes](https://github.com/pypa/distlib/releases) - [Changelog](https://github.com/pypa/distlib/blob/master/CHANGES.rst) - [Commits](pypa/distlib@0.4.0...0.4.1) Updates `filelock` from 3.29.0 to 3.29.1 - [Release notes](https://github.com/tox-dev/py-filelock/releases) - [Changelog](https://github.com/tox-dev/filelock/blob/main/docs/changelog.rst) - [Commits](tox-dev/filelock@3.29.0...3.29.1) --- updated-dependencies: - dependency-name: tox dependency-version: 4.55.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: development-version-updates - dependency-name: uvicorn dependency-version: 0.49.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: development-version-updates - dependency-name: distlib dependency-version: 0.4.1 dependency-type: indirect update-type: version-update:semver-patch dependency-group: development-version-updates - dependency-name: filelock dependency-version: 3.29.1 dependency-type: indirect update-type: version-update:semver-patch dependency-group: development-version-updates ... Signed-off-by: dependabot[bot] <support@github.com>

codacy-production · 2026-06-08T11:31:10Z

Up to standards ✅

🟢 Issues 0 issues

Results:
0 new issues

View in Codacy

🟢 Metrics 0 complexity · 0 duplication

Metric Results

Complexity 0

Duplication 0

View in Codacy

_{NEW Get contextual insights on your PRs based on Codacy's metrics, along with PR and Jira context, without leaving GitHub. Enable AI reviewer}
_{TIP This summary will be updated as you push new changes.}

dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Jun 8, 2026

github-actions Bot enabled auto-merge June 8, 2026 11:30

github-actions Bot approved these changes Jun 8, 2026

View reviewed changes

github-actions Bot merged commit 09a2d38 into main Jun 8, 2026
4 checks passed

github-actions Bot deleted the dependabot/pip/development-version-updates-67ec039b06 branch June 8, 2026 11:32

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the development-version-updates group with 4 updates#365

Bump the development-version-updates group with 4 updates#365
github-actions[bot] merged 1 commit into
mainfrom
dependabot/pip/development-version-updates-67ec039b06

dependabot Bot commented on behalf of github Jun 8, 2026

Uh oh!

codacy-production Bot commented Jun 8, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github Jun 8, 2026

v4.55.1

What's Changed

New Contributors

Bug fixes - 4.55.1

Version 0.49.0

What's Changed

0.49.0 (June 3, 2026)

Changed

3.29.1

What's Changed

New Contributors

Uh oh!

codacy-production Bot commented Jun 8, 2026

Up to standards ✅

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants