Skip to content

chore(deps): bump simplejson from 3.20.2 to 4.0.1#45

Merged
BoboTiG merged 1 commit intomainfrom
dependabot/pip/simplejson-4.0.1
Apr 21, 2026
Merged

chore(deps): bump simplejson from 3.20.2 to 4.0.1#45
BoboTiG merged 1 commit intomainfrom
dependabot/pip/simplejson-4.0.1

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 20, 2026

Bumps simplejson from 3.20.2 to 4.0.1.

Release notes

Sourced from simplejson's releases.

v4.0.1

What's Changed

Full Changelog: simplejson/simplejson@v4.0.0...v4.0.1

v4.0.0

What's Changed

Version 4.0.0 released 2026-04-18

  • simplejson 4 requires Python 2.7 or Python 3.8+. Older Python versions (2.5, 2.6, 3.0-3.7) are no longer supported. pip will not install simplejson 4 on unsupported versions.

  • The C extension now uses heap types and per-module state instead of static types and global state. This is required for free-threading support and sub-interpreter isolation. The Python-level API is unchanged.

  • Full support for Python 3.13+ free-threading (PEP 703). The C extension is now safe to use with the GIL disabled (python3.14t):

  • Numerous C extension memory safety fixes:

... (truncated)

Changelog

Sourced from simplejson's changelog.

Version 4.0.1 released 2026-04-18

  • Skip uploading Pyodide/wasm wheels to PyPI, which rejects them with "unsupported platform tag 'pyodide_2024_0_wasm32'". The wheels are still built in CI and preserved as workflow artifacts. simplejson/simplejson#375

Version 4.0.0 released 2026-04-18

  • simplejson 4 requires Python 2.7 or Python 3.8+. Older Python versions (2.5, 2.6, 3.0-3.7) are no longer supported. pip will not install simplejson 4 on unsupported versions.

  • The C extension now uses heap types and per-module state instead of static types and global state. This is required for free-threading support and sub-interpreter isolation. The Python-level API is unchanged.

  • Full support for Python 3.13+ free-threading (PEP 703). The C extension is now safe to use with the GIL disabled (python3.14t):

  • Numerous C extension memory safety fixes:

  • C/Python parity fixes:

    • Fix C scanstring off-by-one bounds checks that caused truncated or boundary \uXXXX escapes to raise "Invalid \uXXXX escape

... (truncated)

Commits
  • 19b5f94 Exclude Pyodide wheels from PyPI uploads (#375)
  • 1608c05 Use JSONDecodeError for out-of-range end indices in C scanstring (#374)
  • 3bba179 Encoder parity fixes (for_json/_asdict) and TSan stress CI job (#373)
  • 7b22d65 Error parity for the C and Python scanstring in surrogate and truncated strin...
  • 825100a Release version 4.0.0: free-threading, CPython json parity, Python 2.7 fixes ...
  • 0dbb9d8 C extension: dead code cleanup, fast paths for dict/list/string encoding, cor...
  • e2e5f0b Add Python 3.13+ free-threading support to dict operations (#369)
  • e817370 Fix free-threading (3.14t) crashes: heap types, unified per-module state, tem...
  • 6397302 Add per-object critical sections to scanner and encoder (free-threading safet...
  • e127d3d Replace PyDict_GetItem with PyDict_GetItemWithError (#364)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): bump simplejson from 3.20.2 to 4.0.1
15b6eb2 
Bumps [simplejson](https://github.com/simplejson/simplejson) from 3.20.2 to 4.0.1.
- [Release notes](https://github.com/simplejson/simplejson/releases)
- [Changelog](https://github.com/simplejson/simplejson/blob/main/CHANGES.txt)
- [Commits](simplejson/simplejson@v3.20.2...v4.0.1)

---
updated-dependencies:
- dependency-name: simplejson
  dependency-version: 4.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Apr 20, 2026
@BoboTiG BoboTiG merged commit ae724c8 into main Apr 21, 2026
15 checks passed
@BoboTiG BoboTiG deleted the dependabot/pip/simplejson-4.0.1 branch April 21, 2026 06:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@BoboTiG BoboTiG

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@BoboTiG