Skip to content

chore(deps-dev): bump mkdocs-material from 9.6.21 to 9.7.1#83

Closed
dependabot[bot] wants to merge 118 commits intomainfrom
dependabot/pip/mkdocs-material-9.7.1
Closed

chore(deps-dev): bump mkdocs-material from 9.6.21 to 9.7.1#83
dependabot[bot] wants to merge 118 commits intomainfrom
dependabot/pip/mkdocs-material-9.7.1

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Dec 29, 2025
edited
Loading

Bumps mkdocs-material from 9.6.21 to 9.7.1.

Release notes

Sourced from mkdocs-material's releases.

mkdocs-material-9.7.1

  • Updated requests to 2.30+ to mitigate CVE in urllib
  • Fixed privacy plugin not picking up protocol-relative URLs
  • Fixed #8542: false positives and negatives captured in privacy plugin

mkdocs-material-9.7.0

[!WARNING]

Material for MkDocs is now in maintenance mode

This is the last release of Material for MkDocs that will receive new features. Going forward, the Material for MkDocs team focuses on Zensical, a next-gen static site generator built from first principles. We will provide critical bug fixes and security updates for Material for MkDocs for 12 months at least.

Read the full announcement on our blog

This release includes all features that were previously exclusive to the Insiders edition. These features are now freely available to everyone.

Note on deprecated plugins: The projects and typeset plugins are included in this release, but must be considered deprecated. Both plugins proved unsustainable to maintain and represent architectural dead ends. They are provided as-is without ongoing support.

Changes:

  • Added support for projects plugin (for compat, now deprecated)
  • Added support for typeset plugin (for compat, now deprecated)
  • Added support for pinned blog posts and author profiles
  • Added support for customizing pagination for blog index pages
  • Added support for customizing blog category sort order
  • Added support for staying on page when switching languages
  • Added support for disabling tags in table of contents
  • Added support for nested tags and shadow tags
  • Added support for footnote tooltips
  • Added support for instant previews
  • Added support for instant prefetching
  • Added support for custom social card layouts
  • Added support for custom social card background images
  • Added support for selectable rangs in code blocks
  • Added support for custom selectors for code annotations
  • Added support for configurable log level in privacy plugin
  • Added support for processing of external links in privacy plugin
  • Added support for automatic image optimization via optimize plugin
  • Added support for navigation paths (breadcrumbs)
  • Fixed #8519: Vector accents do not render when using KaTeX

mkdocs-material-9.6.23

  • Updated Burmese translation

mkdocs-material-9.6.22

... (truncated)

Changelog

Sourced from mkdocs-material's changelog.

mkdocs-material-9.7.1 (2025-12-18)

  • Updated requests to 2.30+ to mitigate CVE in urllib
  • Fixed privacy plugin not picking up protocol-relative URLs
  • Fixed #8542: false positives and negatives captured in privacy plugin

mkdocs-material-9.7.0 (2025-11-11)

⚠️ Material for MkDocs is now in maintenance mode

This is the last release of Material for MkDocs that will receive new features. Going forward, the Material for MkDocs team focuses on Zensical, a next-gen static site generator built from first principles. We will provide critical bug fixes and security updates for Material for MkDocs for 12 months at least.

Read the full announcement on our blog: https://squidfunk.github.io/mkdocs-material/blog/2025/11/05/zensical/

This release includes all features that were previously exclusive to the Insiders edition. These features are now freely available to everyone.

Note on deprecated plugins: The projects and typeset plugins are included in this release, but must be considered deprecated. Both plugins proved unsustainable to maintain and represent architectural dead ends. They are provided as-is without ongoing support.

Changes:

  • Added support for pinned blog posts and author profiles
  • Added support for customizing pagination for blog index pages
  • Added support for customizing blog category sort order
  • Added support for staying on page when switching languages
  • Added support for disabling tags in table of contents
  • Added support for nested tags and shadow tags
  • Added support for footnote tooltips
  • Added support for instant previews
  • Added support for instant prefetching
  • Added support for custom social card layouts
  • Added support for custom social card background images
  • Added support for selectable rangs in code blocks
  • Added support for custom selectors for code annotations
  • Added support for configurable log level in privacy plugin
  • Added support for processing of external links in privacy plugin
  • Added support for automatic image optimization via optimize plugin
  • Added support for navigation paths (breadcrumbs)
  • Fixed #8519: Vector accents do not render when using KaTeX

mkdocs-material-9.6.23 (2025-11-01)

  • Updated Burmese translation

... (truncated)

Commits

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

thehapyone and others added 30 commits February 2, 2025 18:26
@thehapyone
Initial commit
5a7a0a1
@thehapyone
chore: first draft for crew definitions
b6a5d69
@thehapyone
chore: refactor gitlab tool
19f9249
@thehapyone
chore: adds support for config
678eb96
@thehapyone
fix: address issue with crew definitions
88e41b8
@thehapyone
featur: initial working draft for crews
b8e931a
@thehapyone
chore: adds a crew for publishing results
800908b
@thehapyone
fix: address publicator crew
baf8702
@thehapyone
fix: remove examples
758b0d5
@thehapyone
chore: gitlab_tool configuration refactor
ebc4a72
@thehapyone
fix: address wrong gitlab tool configuration
fd28257
@thehapyone
chore: update to the impact task
f4c5001
@thehapyone
feat: adds gitlab pipeline support
d5d2ee6
@thehapyone
chore: cleanup crew
051e776
@thehapyone
feat: adds webhook support(untested) and cli mode with enhanced logging
429b8bf
@thehapyone
chore: migrate to async
1533f21
@thehapyone
tmp: initial draft for dashboard and ondemand runner setup
1dd4cd1
@thehapyone
chore: fix wrong path
229fbdb
@thehapyone
chore: more dashboard update
4024c02
@thehapyone
refactor: cleanup old analytics stuffs
cdc457d
@thehapyone
chore: adds support to get analysis data
6949e04
@thehapyone
fix: update dashboard
0ceab6a 
Support showing recommendation, analysis link and impact scores
@thehapyone
chore. update task definition
ce8b6c2
@thehapyone
Merge pull request #1 from thehapyone/enhancement
608d291 
Adds various modes and dashboard
@thehapyone
chore: adds support for approval policy
7760136
@thehapyone
chore: update approval logic
68f6e0d
@thehapyone
chore: update configuration
547cd9c
@thehapyone
Merge pull request #6 from thehapyone/approval-policy
39cc43f 
feat: adds support for configuring approval policy
@thehapyone
chore: initial draft for ci build system
2d42b93
@thehapyone
Add Docker and CLI support with entrypoint, compose, and docs
9a0803a 
- Add Docker CLI and Compose usage instructions to README
- Add docker-compose.yml for easy orchestration
- Update Dockerfile to include .local/bin in PATH for CLI
- Add [project.scripts] to pyproject.toml to install mergebot CLI
- Update entrypoint to exec mergebot with passed arguments
- Add test-docker-cli job to CI workflow for Docker CLI/ondemand modes
- Refactor mergebot/app.py to provide a CLI entrypoint function
dependabot Bot and others added 18 commits October 12, 2025 20:20
@dependabot
chore(deps-dev): bump ruff from 0.13.2 to 0.14.0 (#63)
7da5326 
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.13.2 to 0.14.0.
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.13.2...0.14.0)

---
updated-dependencies:
- dependency-name: ruff
  dependency-version: 0.14.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@thehapyone
fix: address gitlab runner issue
2be343f
@thehapyone
fix(ci): set an api timeout to 60 secs
ae98f32
@thehapyone
chore(deps): update event_listener import and remove unused packages
814e956 
Refactored import path for EventListener in flow.py for consistency with new project structure. Removed alembic, asgiref, and chroma-hnswlib from poetry.lock to clean up unused dependencies. Updated poetry.lock to be generated by Poetry 2.2.1 for improved dependency management.
@thehapyone @gemini-code-assist
feat: add dashboard analytics for LLM token usage tracking (#66)
bcab268 
* docs: add dashboard analytics for LLM token usage tracking

Added documentation for a new dashboard analytics feature displaying "Total Tokens Used" and per-crew token breakdown. This provides project-wide visibility on LLM resource utilization per scan, increases transparency, and supports future extensibility and optimization efforts.

* Update docs/usage/overview.md

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>

* Update docs/architecture/dashboard.md

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>

* Update mergebot/flow.py

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>

---------

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
@dependabot
chore(deps-dev): bump pre-commit from 4.2.0 to 4.3.0 (#64)
0053633 
Bumps [pre-commit](https://github.com/pre-commit/pre-commit) from 4.2.0 to 4.3.0.
- [Release notes](https://github.com/pre-commit/pre-commit/releases)
- [Changelog](https://github.com/pre-commit/pre-commit/blob/main/CHANGELOG.md)
- [Commits](pre-commit/pre-commit@v4.2.0...v4.3.0)

---
updated-dependencies:
- dependency-name: pre-commit
  dependency-version: 4.3.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@thehapyone
chore: update ignores for EE/saas files and bump aiohttp to 3.13.0
2488da6 
- Add 'mergebot-saas' to .gitignore and .dockerignore to avoid tracking SaaS-specific files
- Update poetry.lock to bump aiohttp from 3.12.13 to 3.13.0 for latest features and fixes
- Update poetry.lock comment to reflect generation by Poetry 2.2.1
@mergebot-dev
chore: add .mergebot.yml for onboarding (#71)
f0384b8 
Co-authored-by: mergebot-dev[bot] <225918908+mergebot-dev[bot]@users.noreply.github.com>
@thehapyone
feat: webhook and multi-project support (#72)
42a27f0 
* feat: improve the webhook server approach support secret

* feat: adds support for multiple project based analysis

- Update .dockerignore and .gitignore to exclude local config files, build caches, and logs
- Refactor config-github.yaml and config-gitlab.yaml to use unified 'projects' structure
- Move repository webhook secrets into project definitions for clarity
- Improve error handling in ensure_repo_config to raise exceptions instead of sys.exit
- Enhance maintainability by reducing hard-coded values and centralizing config paths

* fix: remove config cached files

* refactor: improve readability by reformatting long lines

Reformat long function signatures and method calls for better readability by placing arguments on separate lines. No logic changes were made.

* refactor(flow): improve logging to include project path during flow init

Removed redundant log statement in MergeBotFlow setup and enhanced log message in run_flow to include project path, ensuring clearer tracking of flow initialization context.

* docs(config): clarify LLM config to require provider-prefixed models

Update LLM configuration documentation to specify use of provider-prefixed model names (e.g., openai/gpt-4o-mini) for more explicit provider selection. Add table of common provider/model string examples and update YAML snippets to reflect new format for clarity.

* refactor(webhook): make webhook server fully async and improve startup

Convert webhook server startup to be fully async by introducing an async serve method and removing sys.exit calls. Add _log_startup for improved logging, and update orchestration flow to use async server operations for better event loop integration and error handling.
@thehapyone
feat: enhance re-review option (#74)
1eb5882 
* feat(dashboard): add review triggers section and centralize markers

Introduce a "Review Triggers" section in the dashboard for better visibility of PR review statuses. Move marker constants into a dedicated constants.py module for improved maintainability and consistent usage across dashboard helpers.

* feat: add comment-based review triggers and update docs/CI config

- Introduce support for review triggers via `/mergebot review` comment, bot mentions, and dashboard checkbox across GitHub/GitLab
- Update docs with trigger options, usage instructions, and impact assessment guidance
- Track and clear trigger state automatically in dashboard after rerun or PR/MR closure
- Add local pre-commit hooks for formatting, linting, and spell-check to .pre-commit-config.yaml

* refactor(review): use absolute import for DashboardReviewTracker

Replaced relative import with absolute import for DashboardReviewTracker to improve code clarity and maintainability in the review module.
@dependabot
chore(deps-dev): bump mkdocs-mermaid2-plugin from 1.2.2 to 1.2.3 (#69)
603fab8 
Bumps [mkdocs-mermaid2-plugin](https://github.com/fralau/mkdocs-mermaid2-plugin) from 1.2.2 to 1.2.3.
- [Release notes](https://github.com/fralau/mkdocs-mermaid2-plugin/releases)
- [Changelog](https://github.com/fralau/mkdocs-mermaid2-plugin/blob/master/CHANGELOG.md)
- [Commits](fralau/mkdocs-mermaid2-plugin@v1.2.2...v1.2.3)

---
updated-dependencies:
- dependency-name: mkdocs-mermaid2-plugin
  dependency-version: 1.2.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
chore(deps-dev): bump ruff from 0.14.0 to 0.14.3 (#75)
b2a3a6c 
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.14.0 to 0.14.3.
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.14.0...0.14.3)

---
updated-dependencies:
- dependency-name: ruff
  dependency-version: 0.14.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@thehapyone
feat(webhook): handle manual triggers from bot mentions
3a3286c 
- cache per-project bot identities via the GitHub/GitLab wrappers
- ignore bot-authored comments and parse note context for PR/MR URLs
- fire review flows when Mergebot is mentioned in comments to enable manual kicks
@thehapyone
docs: add local webhook testing guidance for tunnels
d7e1074 
- document steps for exposing local webhook server via tunneling tools
- add security reminders to protect temporary public endpoints
@thehapyone
docs: streamline GitHub Actions guide with container jobs
920d48d 
- document using the Mergebot image as a job container in GitHub Actions
- replace manual docker run steps with direct CLI usage and add config tips
@dependabot
chore(deps-dev): bump ruff from 0.14.3 to 0.14.4 (#80)
84f9576 
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.14.3 to 0.14.4.
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.14.3...0.14.4)

---
updated-dependencies:
- dependency-name: ruff
  dependency-version: 0.14.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
chore(deps): bump starlette from 0.48.0 to 0.49.1 (#79)
34122ab 
Bumps [starlette](https://github.com/Kludex/starlette) from 0.48.0 to 0.49.1.
- [Release notes](https://github.com/Kludex/starlette/releases)
- [Changelog](https://github.com/Kludex/starlette/blob/main/docs/release-notes.md)
- [Commits](Kludex/starlette@0.48.0...0.49.1)

---
updated-dependencies:
- dependency-name: starlette
  dependency-version: 0.49.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
chore(deps): bump fastapi from 0.119.0 to 0.119.1 (#77)
2ffead3 
Bumps [fastapi](https://github.com/fastapi/fastapi) from 0.119.0 to 0.119.1.
- [Release notes](https://github.com/fastapi/fastapi/releases)
- [Commits](fastapi/fastapi@0.119.0...0.119.1)

---
updated-dependencies:
- dependency-name: fastapi
  dependency-version: 0.119.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Dec 29, 2025
@dependabot dependabot Bot mentioned this pull request Dec 29, 2025
Closed
dependabot Bot added 2 commits January 16, 2026 10:28
@dependabot
chore(deps-dev): bump ruff from 0.14.5 to 0.14.13 (#85)
07b6ad6 
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.14.5 to 0.14.13.
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.14.5...0.14.13)

---
updated-dependencies:
- dependency-name: ruff
  dependency-version: 0.14.13
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
chore(deps-dev): bump mkdocs-material from 9.6.21 to 9.7.1
34e194b 
Bumps [mkdocs-material](https://github.com/squidfunk/mkdocs-material) from 9.6.21 to 9.7.1.
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](squidfunk/mkdocs-material@9.6.21...9.7.1)

---
updated-dependencies:
- dependency-name: mkdocs-material
  dependency-version: 9.7.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/pip/mkdocs-material-9.7.1 branch from 8b25932 to 34e194b Compare January 16, 2026 09:30
@thehapyone thehapyone closed this Mar 5, 2026
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github Mar 5, 2026

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot Bot deleted the dependabot/pip/mkdocs-material-9.7.1 branch March 5, 2026 14:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@thehapyone