Bump python-dotenv from 1.2.1 to 1.2.2#69
Conversation
Bumps [python-dotenv](https://github.com/theskumar/python-dotenv) from 1.2.1 to 1.2.2. - [Release notes](https://github.com/theskumar/python-dotenv/releases) - [Changelog](https://github.com/theskumar/python-dotenv/blob/main/CHANGELOG.md) - [Commits](theskumar/python-dotenv@v1.2.1...v1.2.2) --- updated-dependencies: - dependency-name: python-dotenv dependency-version: 1.2.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
dependencies
… etc. Rolls up the open dependabot PRs #65, #66, #69, #72, #73, #74, #75, #76 into a single commit. Each bump is a minor/patch release with no breaking changes relevant to this codebase; all chat.completions / Flask-SocketIO / pydantic-v1-validator usage continues to work. - Flask[async] 3.1.2 -> 3.1.3 (#65, #72) - Flask-SocketIO 5.6.0 -> 5.6.1 (#66) - Werkzeug 3.1.5 -> 3.1.8 (#73; supersedes master-targeting #67 which wanted 3.1.6) - python-dotenv 1.2.1 -> 1.2.2 (#69) - requests 2.32.5 -> 2.33.1 (#74) - pydantic 2.12.5 -> 2.13.2 (#76) - Authlib 1.6.8 -> 1.7.0 (#75) Doing this as one commit on dev because dev has diverged from master (Phase 0 + Phase 1 security/architectural work) and each dependabot PR has a requirements.txt conflict against the new pins we added — resolving 8 of those by hand is more churn than just bumping the versions directly.
|
Superseded by e7418eb on dev, which rolls this bump up with the rest of the open dependabot PRs into a single commit. Needed because dev has diverged from master with Phase 0 + Phase 1 work and resolving 8 individual requirements.txt conflicts is more churn than a direct bump. Thanks @dependabot 🤖 |
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
1 participant
Bumps python-dotenv from 1.2.1 to 1.2.2.
Release notes
Sourced from python-dotenv's releases.
Changelog
Sourced from python-dotenv's changelog.
Commits
36004e0Bump version: 1.2.1 → 1.2.2eb20252docs: update changelog for v1.2.2790c5c0Merge commit from fork43340daRemove the use ofshin tests (#612)09d7ceedocs: clarify override behavior and document FIFO support (#610)c8de288ci: improve workflow efficiency with best practices (#609)7bd9e3dAdd Windows testing to CI (#604)1baaf04Drop Python 3.9 support and update to PyPy 3.11 (#608)4a22cf8ci: enable testing on Python 3.14t (free-threaded) (#588)e2e8e77Fix license specifier (#597)You can trigger a rebase of this PR by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)