Skip to content

Bump the pip-version-updates group across 1 directory with 3 updates#3289

Merged
Weltraumschaf merged 1 commit intomainfrom
dependabot/pip/scanners/git-repo-scanner/scanner/pip-version-updates-0ede755cd3
Sep 30, 2025
Merged

Bump the pip-version-updates group across 1 directory with 3 updates#3289
Weltraumschaf merged 1 commit intomainfrom
dependabot/pip/scanners/git-repo-scanner/scanner/pip-version-updates-0ede755cd3

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 22, 2025
edited
Loading

Bumps the pip-version-updates group with 3 updates in the /scanners/git-repo-scanner/scanner directory: pygithub, python-gitlab and pytz.

Updates pygithub from 1.54.1 to 2.8.1

Release notes

Sourced from pygithub's releases.

v2.8.1

What's Changed

Bug Fixes

Full Changelog: PyGithub/PyGithub@v2.8.0...v2.8.1

v2.8.0

What's Changed

New Features

Improvements

Bug Fixes

Maintenance

... (truncated)

Changelog

Sourced from pygithub's changelog.

Version 2.8.1 (September 02, 2025)

Bug Fixes ^^^^^^^^^

  • Use default type if known type is not supported ([#3365](https://github.com/pygithub/pygithub/issues/3365) <https://github.com/PyGithub/PyGithub/pull/3365>) (40506415 <https://github.com/PyGithub/PyGithub/commit/40506415>)

Version 2.8.0 (September 02, 2025)

New Features ^^^^^^^^^^^^

  • Add self hosted runner management to Organization ([#3203](https://github.com/pygithub/pygithub/issues/3203) <https://github.com/PyGithub/PyGithub/pull/3203>) (4ea1c4e2 <https://github.com/PyGithub/PyGithub/commit/4ea1c4e2>)
  • Add support to generate release notes ([#3022](https://github.com/pygithub/pygithub/issues/3022) <https://github.com/PyGithub/PyGithub/pull/3022>) (e359b83a <https://github.com/PyGithub/PyGithub/commit/e359b83a>)

Improvements ^^^^^^^^^^^^

  • Fix connection pooling to improve connection performance ([#3289](https://github.com/pygithub/pygithub/issues/3289) <https://github.com/PyGithub/PyGithub/pull/3289>_)
  • Add Repository.get_automated_security_fixes method ([#3303](https://github.com/pygithub/pygithub/issues/3303) <https://github.com/PyGithub/PyGithub/pull/3303>) (22048d83 <https://github.com/PyGithub/PyGithub/commit/22048d83>)
  • Sync Issue class with API spec ([#3338](https://github.com/pygithub/pygithub/issues/3338) <https://github.com/PyGithub/PyGithub/pull/3338>) (62da467a <https://github.com/PyGithub/PyGithub/commit/62da467a>)
  • Return more union classes like NamedUser | Organization | Enterprise ([#3224](https://github.com/pygithub/pygithub/issues/3224) <https://github.com/PyGithub/PyGithub/pull/3224>) (aea64148 <https://github.com/PyGithub/PyGithub/commit/aea64148>)
  • Sync Enterprise class with API spec ([#3342](https://github.com/pygithub/pygithub/issues/3342) <https://github.com/PyGithub/PyGithub/pull/3342>) (01bb5ab1 <https://github.com/PyGithub/PyGithub/commit/01bb5ab1>)
  • Sync GitReleaseAsset class with API spec ([#3343](https://github.com/pygithub/pygithub/issues/3343) <https://github.com/PyGithub/PyGithub/pull/3343>) (74449fed <https://github.com/PyGithub/PyGithub/commit/74449fed>)
  • Sync many class with OpenAPI spec ([#3344](https://github.com/pygithub/pygithub/issues/3344) <https://github.com/PyGithub/PyGithub/pull/3344>_)
  • Point deprecation warnings to the caller code rather than inner class ([#3275](https://github.com/pygithub/pygithub/issues/3275) <https://github.com/PyGithub/PyGithub/pull/3275>) (99bb5270 <https://github.com/PyGithub/PyGithub/commit/99bb5270>)
  • Allow for repo strings in all Team repo methods ([#3356](https://github.com/pygithub/pygithub/issues/3356) <https://github.com/PyGithub/PyGithub/pull/3356>) (3234a21f <https://github.com/PyGithub/PyGithub/commit/3234a21f>)

Bug Fixes ^^^^^^^^^

  • Fix API path of Repository.get_git_ref ([#2992](https://github.com/pygithub/pygithub/issues/2992) <https://github.com/PyGithub/PyGithub/pull/2992>) (a6965031 <https://github.com/PyGithub/PyGithub/commit/a6965031>)
  • Rework redirection URL allowance check ([#3329](https://github.com/pygithub/pygithub/issues/3329) <https://github.com/PyGithub/PyGithub/pull/3329>) (065b1319 <https://github.com/PyGithub/PyGithub/commit/065b1319>)
  • Fix GitRelease.name, deprecate GitRelease.title ([#3346](https://github.com/pygithub/pygithub/issues/3346) <https://github.com/PyGithub/PyGithub/pull/3346>) (fb51957f <https://github.com/PyGithub/PyGithub/commit/fb51957f>)
  • Remove "COMMENT" as the default event for create_review ([#3078](https://github.com/pygithub/pygithub/issues/3078) <https://github.com/PyGithub/PyGithub/pull/3078>) (8494da5c <https://github.com/PyGithub/PyGithub/commit/8494da5c>)
  • Add support for public release assets ([#3339](https://github.com/pygithub/pygithub/issues/3339) <https://github.com/PyGithub/PyGithub/pull/3339>) (abad296e <https://github.com/PyGithub/PyGithub/commit/abad296e>)
  • Fix GitHub breaking API change of maintainers in Organization.create_team ([#3291](https://github.com/pygithub/pygithub/issues/3291) <https://github.com/PyGithub/PyGithub/pull/3291>) (17bc4df4 <https://github.com/PyGithub/PyGithub/commit/17bc4df4>)

Maintenance ^^^^^^^^^^^

  • Minor fix to release.yml ([#3201](https://github.com/pygithub/pygithub/issues/3201) <https://github.com/PyGithub/PyGithub/pull/3201>) (f1fc6e7c <https://github.com/PyGithub/PyGithub/commit/f1fc6e7c>)
  • Reduce test replay data ([#3243](https://github.com/pygithub/pygithub/issues/3243) <https://github.com/PyGithub/PyGithub/pull/3243>) (19426454 <https://github.com/PyGithub/PyGithub/commit/19426454>)
  • Add check to OpenAPI script to check doc-string verbs ([#3332](https://github.com/pygithub/pygithub/issues/3332) <https://github.com/PyGithub/PyGithub/pull/3332>) (3efde77d <https://github.com/PyGithub/PyGithub/commit/3efde77d>)
  • Improve apply OpenAPI schemas ([#3333](https://github.com/pygithub/pygithub/issues/3333) <https://github.com/PyGithub/PyGithub/pull/3333>) (ec189dd6 <https://github.com/PyGithub/PyGithub/commit/ec189dd6>)
  • Add config to OpenAPI script to ignore schemas ([#3334](https://github.com/pygithub/pygithub/issues/3334) <https://github.com/PyGithub/PyGithub/pull/3334>) (0478d33b <https://github.com/PyGithub/PyGithub/commit/0478d33b>)
  • Add suggest and create method feature to OpenAPI script ([#3318](https://github.com/pygithub/pygithub/issues/3318) <https://github.com/PyGithub/PyGithub/pull/3318>_)
  • Fix CI OpenApi apply command ([#3341](https://github.com/pygithub/pygithub/issues/3341) <https://github.com/PyGithub/PyGithub/pull/3341>) (cdc10a27 <https://github.com/PyGithub/PyGithub/commit/cdc10a27>)
  • Improve OpenAPI scripts ([#3340](https://github.com/pygithub/pygithub/issues/3340) <https://github.com/PyGithub/PyGithub/pull/3340>) (ad278c5f <https://github.com/PyGithub/PyGithub/commit/ad278c5f>)
  • Improve OpenAPI CI ([#3347](https://github.com/pygithub/pygithub/issues/3347) <https://github.com/PyGithub/PyGithub/pull/3347>) (8165bbc9 <https://github.com/PyGithub/PyGithub/commit/8165bbc9>)
  • Rework test framework ([#3271](https://github.com/pygithub/pygithub/issues/3271) <https://github.com/PyGithub/PyGithub/pull/3271>) (1b700187 <https://github.com/PyGithub/PyGithub/commit/1b700187>)
  • Some minor fixes to OpenAPI scripts ([#3350](https://github.com/pygithub/pygithub/issues/3350) <https://github.com/PyGithub/PyGithub/pull/3350>) (a813a945 <https://github.com/PyGithub/PyGithub/commit/a813a945>)
  • Add manual workflow to fix auto-fixable issues ([#3351](https://github.com/pygithub/pygithub/issues/3351) <https://github.com/PyGithub/PyGithub/pull/3351>) (0e6317d9 <https://github.com/PyGithub/PyGithub/commit/0e6317d9>)

... (truncated)

Commits

Updates python-gitlab from 2.6.0 to 6.3.0

Release notes

Sourced from python-gitlab's releases.

v6.3.0 (2025-08-28)

This release is published under the LGPL-3.0-or-later License.

Chores

  • deps: Update actions/checkout action to v5 (36629a4)

  • deps: Update actions/download-artifact action to v5 (397cf39)

  • deps: Update all non-major dependencies (d40d5d2)

  • deps: Update all non-major dependencies (2fce144)

  • deps: Update all non-major dependencies (2dd2e8e)

  • deps: Update all non-major dependencies (bf7a60a)

  • deps: Update all non-major dependencies (18c946f)

Features

  • Add sync method to force remote mirror updates (f3c6678)

  • api: Add missing ProjectJob list filters (5fe0e71)

  • api: Add missing ProjectPackageManager list filters (b1696be)

  • users: Implement support for 'admins' in administrators 'list' (aaed51c)

Detailed Changes: v6.2.0...v6.3.0

v6.2.0 (2025-07-28)

This release is published under the LGPL-3.0-or-later License.

Build System

  • release: Use correct python-semantic-release/publish-action (2f20634)

Chores

  • deps: Update all non-major dependencies (3b8fbf4)

  • deps: Update all non-major dependencies (be25c16)

  • deps: Update all non-major dependencies (9c095bd)

... (truncated)

Changelog

Sourced from python-gitlab's changelog.

CHANGELOG

v5.6.0 (2025-01-28)

Features

  • group: Add support for group level MR approval rules (304bdd0)

v5.5.0 (2025-01-28)

Chores

  • Add deprecation warning for mirror_pull functions (7f6fd5c)

  • Relax typing constraints for response action (f430078)

  • tests: Catch deprecation warnings (0c1af08)

Documentation

  • Add usage of pull mirror (9b374b2)

  • Remove old pull mirror implementation (9e18672)

Features

  • functional: Add pull mirror test (3b31ade)

  • projects: Add pull mirror class (2411bff)

  • unit: Add pull mirror tests (5c11203)

v5.4.0 (2025-01-28)

Bug Fixes

  • api: Make type ignores more specific where possible (e3cb806)

... (truncated)

Commits
  • a7ef3b4 chore: release v6.3.0
  • d40d5d2 chore(deps): update all non-major dependencies
  • 36629a4 chore(deps): update actions/checkout action to v5
  • 2fce144 chore(deps): update all non-major dependencies
  • aaed51c feat(users): implement support for 'admins' in administrators 'list'
  • 397cf39 chore(deps): update actions/download-artifact action to v5
  • 2dd2e8e chore(deps): update all non-major dependencies
  • 5fe0e71 feat(api): add missing ProjectJob list filters
  • b1696be feat(api): add missing ProjectPackageManager list filters
  • f3c6678 feat: add sync method to force remote mirror updates
  • Additional commits viewable in compare view

Updates pytz from 2021.1 to 2025.2

Commits
  • 82e0891 Bump version numbers to 2024.2 (2024b)
  • 277b33c IANA 2025b
  • 07d8e91 Squashed 'tz/' changes from a8e2fcd87b..a84610f010
  • 00ad7f1 Bump version numbers to 2025.1 / 2025a
  • 7abdc14 Squashed 'tz/' changes from 6903dde39e..5ad5cfba5b
  • f3a8f38 IANA 2025a
  • 3944f75 Bump version numbers to 2024.2 / 2024b
  • 382ca0c Squashed 'tz/' changes from 380c07cef..923e54bae
  • 640c9bd IANA 2024b
  • 96a1e88 Stop testing unavailable and EOL Python 3.5
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Issues based on python implementations labels Sep 22, 2025
@netlify
Copy link

netlify bot commented Sep 22, 2025
edited
Loading

Deploy Preview for docs-securecodebox canceled.

Name Link
🔨 Latest commit a0557cc
🔍 Latest deploy log https://app.netlify.com/projects/docs-securecodebox/deploys/68dc24ec35c5e600084773c2

@Weltraumschaf Weltraumschaf moved this from Triage to To Review in secureCodeBox Sep 22, 2025
@dependabot dependabot bot force-pushed the dependabot/pip/scanners/git-repo-scanner/scanner/pip-version-updates-0ede755cd3 branch from c37d71c to 3b30f68 Compare September 29, 2025 11:32
@J12934
Copy link
Member

J12934 commented Sep 30, 2025

@Weltraumschaf can you have a look at the fossa stuff?

@dependabot @Weltraumschaf
Bump the pip-version-updates group across 1 directory with 3 updates
a0557cc 
Bumps the pip-version-updates group with 3 updates in the /scanners/git-repo-scanner/scanner directory: [pygithub](https://github.com/pygithub/pygithub), [python-gitlab](https://github.com/python-gitlab/python-gitlab) and [pytz](https://github.com/stub42/pytz).


Updates `pygithub` from 1.54.1 to 2.8.1
- [Release notes](https://github.com/pygithub/pygithub/releases)
- [Changelog](https://github.com/PyGithub/PyGithub/blob/main/doc/changes.rst)
- [Commits](PyGithub/PyGithub@v1.54.1...v2.8.1)

Updates `python-gitlab` from 2.6.0 to 6.3.0
- [Release notes](https://github.com/python-gitlab/python-gitlab/releases)
- [Changelog](https://github.com/python-gitlab/python-gitlab/blob/main/CHANGELOG.md)
- [Commits](python-gitlab/python-gitlab@v2.6.0...v6.3.0)

Updates `pytz` from 2021.1 to 2025.2
- [Release notes](https://github.com/stub42/pytz/releases)
- [Commits](stub42/pytz@release_2021.1...release_2025.2)

---
updated-dependencies:
- dependency-name: pygithub
  dependency-version: 2.8.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: pip-version-updates
- dependency-name: python-gitlab
  dependency-version: 6.3.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: pip-version-updates
- dependency-name: pytz
  dependency-version: '2025.2'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: pip-version-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
@Weltraumschaf Weltraumschaf force-pushed the dependabot/pip/scanners/git-repo-scanner/scanner/pip-version-updates-0ede755cd3 branch from 3b30f68 to a0557cc Compare September 30, 2025 18:43
@github-project-automation github-project-automation bot moved this from To Review to Reviewer Approved in secureCodeBox Sep 30, 2025
@Weltraumschaf Weltraumschaf enabled auto-merge (rebase) September 30, 2025 18:44
@sonarqubecloud
Copy link

sonarqubecloud bot commented Sep 30, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@Weltraumschaf Weltraumschaf merged commit b7c4daa into main Sep 30, 2025
49 checks passed
@Weltraumschaf Weltraumschaf deleted the dependabot/pip/scanners/git-repo-scanner/scanner/pip-version-updates-0ede755cd3 branch September 30, 2025 19:04
@github-project-automation github-project-automation bot moved this from Reviewer Approved to Done in secureCodeBox Sep 30, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Weltraumschaf Weltraumschaf Weltraumschaf approved these changes

Assignees

@Weltraumschaf Weltraumschaf

Labels

dependencies Pull requests that update a dependency file python Issues based on python implementations

Projects

secureCodeBox
Archived in project

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@J12934 @Weltraumschaf