deps(quantum-ml): bump the quantum-ml-deps group across 1 directory with 2 updates#1078
Conversation
…ith 2 updates Updates the requirements on [anyio](https://github.com/agronholm/anyio) and [mypy](https://github.com/python/mypy) to permit the latest version. Updates `anyio` to 4.14.2 - [Release notes](https://github.com/agronholm/anyio/releases) - [Commits](agronholm/anyio@4.14.1...4.14.2) Updates `mypy` from 2.2.0 to 2.3.0 - [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md) - [Commits](python/mypy@v2.2.0...v2.3.0) --- updated-dependencies: - dependency-name: anyio dependency-version: 4.14.2 dependency-type: direct:production dependency-group: quantum-ml-deps - dependency-name: mypy dependency-version: 2.3.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: quantum-ml-deps ... Signed-off-by: dependabot[bot] <support@github.com>
Security Policy Alert: Harden Runner Policy ViolationThis workflow run has been blocked by StepSecurity's Harden Runner policy. This workflow run was blocked because one or more jobs are missing the Harden-Runner action, or it is not properly configured, which can introduce agent-bypass risk. Jobs not protected by Harden Runner:
Update the affected jobs so Harden Runner is initialized before any other action or command runs. For more information, see StepSecurity's Harden Runner documentation. |
Security Policy Alert: Harden Runner Policy ViolationThis workflow run has been blocked by StepSecurity's Harden Runner policy. This workflow run was blocked because one or more jobs are missing the Harden-Runner action, or it is not properly configured, which can introduce agent-bypass risk. Jobs not protected by Harden Runner:
Update the affected jobs so Harden Runner is initialized before any other action or command runs. For more information, see StepSecurity's Harden Runner documentation. |
|
ℹ️ This Dependabot update was not auto-merged (production dependency or non-trivial change). Manual review requested. |
Updates the requirements on anyio and mypy to permit the latest version.
Updates
anyioto 4.14.2Release notes
Sourced from anyio's releases.
Commits
c384f99Bumped up the versiondbba29dFixed 100% CPU spin on cancel scope misuse (#1217)6bbc6c3Fix CapacityLimiter over-granting tokens on asyncio (#1172)6f82b25Refactored TestTLSStream.test_receive_invalid_max_bytes() to be less flakybe24b04Relaxed timeouts to fix test flakiness8113506Fix test flakiness caused by slow callback duration logging1e988b6Fixed CapacityLimiter raising trio.WouldBlock instead of anyio.WouldBlock (#1...44713f3Pin setup-uv to a commit sha across downstream jobs (#1213)f1b7301Fixed stderr writes in a worker subprocess causing a deadlock (#1207)212be93Fix flaky test_tcp_listener_same_port using a hardcoded port (#1206)Updates
mypyfrom 2.2.0 to 2.3.0Changelog
Sourced from mypy's changelog.
... (truncated)
Commits
8aabf84Drop +dev from version4d8ad2aUpdate changelog for 2.3 release (#21728)2c21546[mypyc] Update documentation of race conditions under free threading (#21726)a9f62a3[mypyc] Make attribute access memory safe on free-threaded builds (#21705)0faa413UsePYODIDEenvironment variable for Emscripten cross-compilation detection...3d75cdb[mypyc] Borrow final attributes more aggressively (#21702)24c237d[mypyc] Improve documentation of Final (#21713)b5be217[mypyc] Update free threading Python compatibility docs (#21711)cbcb51aNarrow for frozendict membership check (#21709)af2bc0fSync typeshed (#21707)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions