Skip to content

Bump the python-dependencies group across 1 directory with 12 updates#2353

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/main/python-dependencies-9df0babd89
Open

Bump the python-dependencies group across 1 directory with 12 updates#2353
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/main/python-dependencies-9df0babd89

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 16, 2026

Bumps the python-dependencies group with 12 updates in the / directory:

Package From To
pydantic-settings 2.12.0 2.13.0
elasticsearch 7.17.12 7.17.13
pymongo 4.15.5 4.16.0
fastapi 0.127.0 0.129.0
starlette 0.50.0 0.52.1
aiida-core 2.7.2 2.7.3
rich 14.2.0 14.3.2
ase 3.26.0 3.27.0
mkdocs-autorefs 1.4.3 1.4.4
mkdocstrings[python] 1.0.0 1.0.3
griffe 1.15.0 2.0.0
jarvis-tools 2025.5.30 2026.1.10

Updates pydantic-settings from 2.12.0 to 2.13.0

Commits
  • 198e71c Prepare release 2.13.0 (#777)
  • de71e84 Add nested path support for yaml_config_section (fixes #772) (#773)
  • 0f8f951 CLI Union Discriminator Choices in Help (#764)
  • ce9804c CLI coerce numeric types. (#769)
  • e460f0b Update deps (#768)
  • a04b034 fix: Only override preferred_key when no value was found (#767)
  • f6ddaee Allow snake_case_conversion with env_prefix for Azure Key Vault source (#...
  • 6ce78bc feat(gcp): support SecretVersion annotation for per-field secret versioning (...
  • 21c7093 CLI format_help method support (#759)
  • 0e96e9c Add support for overriding default help on CLI internal parser. (#758)
  • Additional commits viewable in compare view

Updates elasticsearch from 7.17.12 to 7.17.13

Commits

Updates pymongo from 4.15.5 to 4.16.0

Release notes

Sourced from pymongo's releases.

PyMongo 4.16.0

Community notes:

Changelog

Sourced from pymongo's changelog.

Changes in Version 4.16.0 (2026/01/07)

PyMongo 4.16 brings a number of changes including:

  • Removed invalid documents from :class:bson.errors.InvalidDocument error messages as doing so may leak sensitive user data. Instead, invalid documents are stored in :attr:bson.errors.InvalidDocument.document.
  • PyMongo now requires dnspython>=2.6.1, since dnspython 1.0 is no longer maintained. The minimum version is 2.6.1 to account for CVE-2023-29483 <https://www.cve.org/CVERecord?id=CVE-2023-29483>_.
  • Removed support for Eventlet. Eventlet is actively being sunset by its maintainers and has compatibility issues with PyMongo's dnspython dependency.
  • Use Zstandard support from the standard library for Python 3.14+, and use backports.zstd for older versions.
  • Fixed return type annotation for find_one_and_* methods on :class:~pymongo.asynchronous.collection.AsyncCollection and :class:~pymongo.synchronous.collection.Collection to include None.
  • Added support for NumPy 1D-arrays in :class:bson.binary.BinaryVector.
  • Prevented :class:~pymongo.encryption.ClientEncryption from loading the crypt shared library to fix "MongoCryptError: An existing crypt_shared library is loaded by the application" unless the linked library search path is set.
Commits
  • 3290101 Prepare 4.16.0 release (#2672)
  • 1be94d2 PYTHON-5685 Fix unified spec sync metadata for csot and sessions tests (#2669)
  • 6585d9c PYTHON-2442: Refactor: use _asdict() in _options_dict() (#2670)
  • fdb1f7e PYTHON-5677 Prevent ClientEncryption from loading crypt shared library (#2659)
  • 0cd9763 Bump zizmorcore/zizmor-action from cb3d8e846e148d1111d90b03375b9c03deceda37 t...
  • 2f263d4 PYTHON-5680 Fix handling of expectedDocuments in Unified Test Runner (#2665)
  • e9658b2 Add 4.15.5 release date to changelog (#2666)
  • 10dd204 Update coverage[toml] requirement from <=7.10.6,>=5 to >=5,<=7.10.7 (#2662)
  • 1300677 [Spec Resync] 12-22-2025 (#2663)
  • 18c1f14 PYTHON-5529 Introduce optin setting to await for MinPoolSize population (#2664)
  • Additional commits viewable in compare view

Updates fastapi from 0.127.0 to 0.129.0

Release notes

Sourced from fastapi's releases.

0.129.0

Breaking Changes

Refactors

Docs

Internal

  • 🔨 Update docs.py scripts to migrate Python 3.9 to Python 3.10. PR #14906 by @​tiangolo.

0.128.8

Docs

Internal

0.128.7

Features

Refactors

  • ♻️ Simplify reading files in memory, do it sequentially instead of (fake) parallel. PR #14884 by @​tiangolo.

Docs

Internal

0.128.6

... (truncated)

Commits

Updates starlette from 0.50.0 to 0.52.1

Release notes

Sourced from starlette's releases.

Version 0.52.1

What's Changed


Full Changelog: Kludex/starlette@0.52.0...0.52.1

Version 0.52.0

In this release, State can be accessed using dictionary-style syntax for improved type safety (#3036).

from collections.abc import AsyncIterator
from contextlib import asynccontextmanager
from typing import TypedDict
import httpx
from starlette.applications import Starlette
from starlette.requests import Request
class State(TypedDict):
http_client: httpx.AsyncClient
@​asynccontextmanager
async def lifespan(app: Starlette) -> AsyncIterator[State]:
async with httpx.AsyncClient() as client:
yield {"http_client": client}
async def homepage(request: Request[State]):
client = request.state["http_client"]
# If you run the below line with mypy or pyright, it will reveal the correct type.
reveal_type(client)  # Revealed type is 'httpx.AsyncClient'

See Accessing State for more details.


Full Changelog: Kludex/starlette@0.51.0...0.52.0

Version 0.51.0

Added

  • Add allow_private_network in CORSMiddleware #3065.

Changed

... (truncated)

Changelog

Sourced from starlette's changelog.

0.52.1 (January 18, 2026)

Fixed

  • Only use typing_extensions in older Python versions #3109.

0.52.0 (January 18, 2026)

In this release, State can be accessed using dictionary-style syntax for improved type safety (#3036).

from collections.abc import AsyncIterator
from contextlib import asynccontextmanager
from typing import TypedDict
import httpx
from starlette.applications import Starlette
from starlette.requests import Request
class State(TypedDict):
http_client: httpx.AsyncClient
@​asynccontextmanager
async def lifespan(app: Starlette) -> AsyncIterator[State]:
async with httpx.AsyncClient() as client:
yield {"http_client": client}
async def homepage(request: Request[State]):
client = request.state["http_client"]
# If you run the below line with mypy or pyright, it will reveal the correct type.
reveal_type(client)  # Revealed type is 'httpx.AsyncClient'

See Accessing State for more details.

0.51.0 (January 10, 2026)

Added

  • Add allow_private_network in CORSMiddleware #3065.

Changed

  • Increase warning stacklevel on DeprecationWarning for wsgi module #3082.
Commits

Updates aiida-core from 2.7.2 to 2.7.3

Release notes

Sourced from aiida-core's releases.

AiiDA v2.7.3

See CHANGELOG.md

Changelog

Sourced from aiida-core's changelog.

v2.7.3 - 2026-01-23

Fixes

Transport

  • Improve path escaping in OpenSSH transport for special characters (#7171) [4c89d9624]
  • Fix a critical race condition in TransportQueue (#7144) [b02a233af]
  • Add semaphore control to AsyncSshTransport::exec_command_wait_async to prevent SSH connection overwhelm (#7144) [985d5c809]

Engine

Devops

Commits
  • 67e97fb Release v2.7.3
  • de48e38 Switch from token-based to OIDC trusted publishing
  • 782ba2a Improve path escaping in OpenSSH transport for special characters
  • 60ef336 Fix: Avoid mutating _polling_jobs inside (slurm) scheduler (#7155)
  • e395345 Fixes a critical race condition in TransportQueue.
  • 53ea84d Add semaphore control to AsyncSshTransport::exec_command_wait_async to preven...
  • 29bde8d Fix PyPI index url (#6923)
  • 9d0a86f Merge release/2.7.2 into support/2.7.x (#7132)
  • 2befa6b Release v2.7.2
  • 4005693 CI fixes
  • See full diff in compare view

Updates rich from 14.2.0 to 14.3.2

Release notes

Sourced from rich's releases.

The ZWJy release

A fix for cell_len edge cases

[14.3.2] - 2026-02-01

Fixed

The Nerdy Fix release

Fixed issue with characters outside of unicode range reporting 0 cell size

[14.3.1] - 2026-01-24

Fixed

The more emojis release

Rich now has support for multi-codepoint emojis. There have also been some Markdown improvements, and a number of fixes. See the release notes below for details.

[14.3.0] - 2026-01-24

Fixed

Added

Changed

Changelog

Sourced from rich's changelog.

[14.3.2] - 2026-02-01

Fixed

[14.3.1] - 2026-01-24

Fixed

[14.3.0] - 2026-01-24

Fixed

Added

Changed

Commits

Updates ase from 3.26.0 to 3.27.0

Commits
  • bbddb82 ASE version 3.27.0
  • 9b59235 Merge branch 'fix-1851' into 'master'
  • 211871f Merge branch 'ci-fixes' into 'master'
  • 6658c2b attempt to fix warnings in windows job
  • 1ce3dcf Rename test_bad_restart.py
  • 372583a Convert restart into str in todict
  • d57625f fix test that was platform-specific for some reason
  • 1348389 use exitstack for creation/closing of tempfiles
  • bb6f5c8 use exitstack in a way that requires less indentation
  • 722e8ec ignore warning about binary incompatibility
  • Additional commits viewable in compare view

Updates mkdocs-autorefs from 1.4.3 to 1.4.4

Release notes

Sourced from mkdocs-autorefs's releases.

1.4.4

1.4.4 - 2026-02-10

Compare with 1.4.3

Code Refactoring

  • Register headings with a Markdown processor rather than the on_page_content hook and the table of contents (17665e2 by Timothée Mazzucotelli).
Changelog

Sourced from mkdocs-autorefs's changelog.

1.4.4 - 2026-02-10

Compare with 1.4.3

Code Refactoring

  • Register headings with a Markdown processor rather than the on_page_content hook and the table of contents (17665e2 by Timothée Mazzucotelli).
Commits
  • 73c897a chore: Prepare release 1.4.4
  • 1753b0a ci: Ignore unused type ignore comments
  • 62cfc22 chore: Symbol reorganization
  • 17665e2 refactor: Register headings with a Markdown processor rather than the `on_pag...
  • 4664b97 ci: Ignore type warning
  • 632d8e9 chore: Update YORE comment
  • 3e9bc2f docs: Explain how to find out the anchor of a heading
  • See full diff in compare view

Updates mkdocstrings[python] from 1.0.0 to 1.0.3

Release notes

Sourced from mkdocstrings[python]'s releases.

1.0.3

1.0.3 - 2026-02-07

Compare with 1.0.2

Bug Fixes

  • Forward extension instances directly passed from Zensical (65b27ec by Timothée Mazzucotelli).
  • Propagate Zensical's zrelpath processor (dbf263d by Timothée Mazzucotelli).

1.0.2

1.0.2 - 2026-01-24

Compare with 1.0.1

Code Refactoring

  • Use global instances for handlers and autorefs (9f79141 by Timothée Mazzucotelli).

1.0.1

1.0.1 - 2026-01-19

Compare with 1.0.0

Code Refactoring

  • Support manual cross-references in Zensical too (d37d907 by Timothée Mazzucotelli).
  • Support cross-references in Zensical (f43f1ee by Timothée Mazzucotelli). PR-812
Changelog

Sourced from mkdocstrings[python]'s changelog.

1.0.3 - 2026-02-07

Compare with 1.0.2

Bug Fixes

  • Forward extension instances directly passed from Zensical (65b27ec by Timothée Mazzucotelli).
  • Propagate Zensical's zrelpath processor (dbf263d by Timothée Mazzucotelli).

1.0.2 - 2026-01-24

Compare with 1.0.1

Code Refactoring

  • Use global instances for handlers and autorefs (9f79141 by Timothée Mazzucotelli).

1.0.1 - 2026-01-19

Compare with 1.0.0

Code Refactoring

  • Support manual cross-references in Zensical too (d37d907 by Timothée Mazzucotelli).
  • Support cross-references in Zensical (f43f1ee by Timothée Mazzucotelli). PR-812
Commits
  • 8bdff16 chore: Prepare release 1.0.3
  • 65b27ec fix: Forward extension instances directly passed from Zensical
  • 1624e2c ci: Update lint/type-checking
  • cc3d6a4 chore: Template upgrade
  • dbf263d fix: Propagate Zensical's zrelpath processor
  • 4e66617 chore: Prepare release 1.0.2
  • 9f79141 refactor: Use global instances for handlers and autorefs
  • cb8a3c7 chore: Prepare release 1.0.1
  • d37d907 refactor: Support manual cross-references in Zensical too
  • 0edd18a chore: Clean up after v1
  • Additional commits viewable in compare view

Updates griffe from 1.15.0 to 2.0.0

Changelog

Sourced from griffe's changelog.

2.0.0 - 2026-02-09

Compare with 1.15.0

Breaking Changes

This version removes previously deprecated API:

  • ExportedName: Public object was removed
  • infer_docstring_style(options): Parameter was removed
  • parse_auto(options): Parameter was removed
  • parse_google(options): Parameter was removed
  • parse_numpy(options): Parameter was removed
  • parse_sphinx(options): Parameter was removed
  • assert_git_repo: Public object was removed
  • get_latest_tag: Public object was removed
  • get_repo_root: Public object was removed
  • tmp_worktree: Public object was removed

Features

  • Support merging overload annotations into implementation (584cdb5 by Timothée Mazzucotelli). Issue-442, PR-443
  • Add support for PEP 750 template strings (59266a9 by ellie). PR-440

Bug Fixes

Code Refactoring

Build

  • Declare tag pattern for uv-dynamic-versioning (no v prefix) (c869c97 by Timothée Mazzucotelli). Upstream-issue
  • Change build system to hatchling (09b0682 by Bartosz Sławecki). PR-430
Commits
  • bc86dc3 chore: Prepare release 2.0.0
  • 4772456 refactor: Make griffe imports lazy in CLI
  • c869c97 build: Declare tag pattern for uv-dynamic-versioning (no v prefix)
  • cb535e0 docs: Update example command in home page
  • 40b0a79 chore: Simplify build duty
  • 852b5d2 chore: Fix sdist file inclusion
  • d750a74 chore: Allow building subpackages in root dist folder
  • 9cb6f13 chore: Ignore dist dirs in subpackages
  • 584cdb5 feat: Support merging overload annotations into implementation
  • 59266a9 feat: Add support for PEP 750 template strings
  • Additional commits viewable in compare view

Updates jarvis-tools from 2025.5.30 to 2026.1.10

Commits

You can trigger a rebase of this PR by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the python-dependencies group with 12 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [pydantic-settings](https://github.com/pydantic/pydantic-settings) | `2.12.0` | `2.13.0` |
| [elasticsearch](https://github.com/elastic/elasticsearch-py) | `7.17.12` | `7.17.13` |
| [pymongo](https://github.com/mongodb/mongo-python-driver) | `4.15.5` | `4.16.0` |
| [fastapi](https://github.com/fastapi/fastapi) | `0.127.0` | `0.129.0` |
| [starlette](https://github.com/Kludex/starlette) | `0.50.0` | `0.52.1` |
| [aiida-core](https://github.com/aiidateam/aiida-core) | `2.7.2` | `2.7.3` |
| [rich](https://github.com/Textualize/rich) | `14.2.0` | `14.3.2` |
| [ase](https://gitlab.com/ase/ase) | `3.26.0` | `3.27.0` |
| [mkdocs-autorefs](https://github.com/mkdocstrings/autorefs) | `1.4.3` | `1.4.4` |
| [mkdocstrings[python]](https://github.com/mkdocstrings/mkdocstrings) | `1.0.0` | `1.0.3` |
| [griffe](https://github.com/mkdocstrings/griffe) | `1.15.0` | `2.0.0` |
| [jarvis-tools](https://github.com/atomgptlab/jarvis-tools) | `2025.5.30` | `2026.1.10` |



Updates `pydantic-settings` from 2.12.0 to 2.13.0
- [Release notes](https://github.com/pydantic/pydantic-settings/releases)
- [Commits](pydantic/pydantic-settings@v2.12.0...v2.13.0)

Updates `elasticsearch` from 7.17.12 to 7.17.13
- [Release notes](https://github.com/elastic/elasticsearch-py/releases)
- [Commits](https://github.com/elastic/elasticsearch-py/commits)

Updates `pymongo` from 4.15.5 to 4.16.0
- [Release notes](https://github.com/mongodb/mongo-python-driver/releases)
- [Changelog](https://github.com/mongodb/mongo-python-driver/blob/master/doc/changelog.rst)
- [Commits](mongodb/mongo-python-driver@4.15.5...4.16.0)

Updates `fastapi` from 0.127.0 to 0.129.0
- [Release notes](https://github.com/fastapi/fastapi/releases)
- [Commits](fastapi/fastapi@0.127.0...0.129.0)

Updates `starlette` from 0.50.0 to 0.52.1
- [Release notes](https://github.com/Kludex/starlette/releases)
- [Changelog](https://github.com/Kludex/starlette/blob/main/docs/release-notes.md)
- [Commits](Kludex/starlette@0.50.0...0.52.1)

Updates `aiida-core` from 2.7.2 to 2.7.3
- [Release notes](https://github.com/aiidateam/aiida-core/releases)
- [Changelog](https://github.com/aiidateam/aiida-core/blob/v2.7.3/CHANGELOG.md)
- [Commits](aiidateam/aiida-core@v2.7.2...v2.7.3)

Updates `rich` from 14.2.0 to 14.3.2
- [Release notes](https://github.com/Textualize/rich/releases)
- [Changelog](https://github.com/Textualize/rich/blob/master/CHANGELOG.md)
- [Commits](Textualize/rich@v14.2.0...v14.3.2)

Updates `ase` from 3.26.0 to 3.27.0
- [Changelog](https://gitlab.com/ase/ase/blob/master/CHANGELOG.rst)
- [Commits](https://gitlab.com/ase/ase/compare/3.26.0...3.27.0)

Updates `mkdocs-autorefs` from 1.4.3 to 1.4.4
- [Release notes](https://github.com/mkdocstrings/autorefs/releases)
- [Changelog](https://github.com/mkdocstrings/autorefs/blob/main/CHANGELOG.md)
- [Commits](mkdocstrings/autorefs@1.4.3...1.4.4)

Updates `mkdocstrings[python]` from 1.0.0 to 1.0.3
- [Release notes](https://github.com/mkdocstrings/mkdocstrings/releases)
- [Changelog](https://github.com/mkdocstrings/mkdocstrings/blob/main/CHANGELOG.md)
- [Commits](mkdocstrings/mkdocstrings@1.0.0...1.0.3)

Updates `griffe` from 1.15.0 to 2.0.0
- [Release notes](https://github.com/mkdocstrings/griffe/releases)
- [Changelog](https://github.com/mkdocstrings/griffe/blob/main/CHANGELOG.md)
- [Commits](mkdocstrings/griffe@1.15.0...2.0.0)

Updates `jarvis-tools` from 2025.5.30 to 2026.1.10
- [Release notes](https://github.com/atomgptlab/jarvis-tools/releases)
- [Commits](https://github.com/atomgptlab/jarvis-tools/commits)

---
updated-dependencies:
- dependency-name: pydantic-settings
  dependency-version: 2.13.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-dependencies
- dependency-name: elasticsearch
  dependency-version: 7.17.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-dependencies
- dependency-name: pymongo
  dependency-version: 4.16.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-dependencies
- dependency-name: fastapi
  dependency-version: 0.129.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-dependencies
- dependency-name: starlette
  dependency-version: 0.52.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-dependencies
- dependency-name: aiida-core
  dependency-version: 2.7.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-dependencies
- dependency-name: rich
  dependency-version: 14.3.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-dependencies
- dependency-name: ase
  dependency-version: 3.27.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-dependencies
- dependency-name: mkdocs-autorefs
  dependency-version: 1.4.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-dependencies
- dependency-name: mkdocstrings[python]
  dependency-version: 1.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-dependencies
- dependency-name: griffe
  dependency-version: 2.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: python-dependencies
- dependency-name: jarvis-tools
  dependency-version: 2026.1.10
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: python-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependency_updates Issues pertaining to updates to our dependencies that are breaking the eager build label Feb 16, 2026
@dependabot dependabot bot requested review from CasperWA and ml-evs as code owners February 16, 2026 05:59
@dependabot dependabot bot added the dependency_updates Issues pertaining to updates to our dependencies that are breaking the eager build label Feb 16, 2026
@codecov
Copy link

codecov bot commented Feb 16, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 90.59%. Comparing base (86fa66e) to head (b300086).

Additional details and impacted files
@@           Coverage Diff           @@
##             main    #2353   +/-   ##
=======================================
  Coverage   90.59%   90.59%           
=======================================
  Files          75       75           
  Lines        5030     5030           
=======================================
  Hits         4557     4557           
  Misses        473      473           
Flag Coverage Δ
project 90.59% <ø> (ø)
validator 90.59% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependency_updates Issues pertaining to updates to our dependencies that are breaking the eager build

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants