Skip to content

chore(deps): bump the python-dependencies group with 5 updates#22

Merged
kanywst merged 2 commits into
mainfrom
dependabot/uv/python-dependencies-04344e02b9
Jul 11, 2026
Merged

chore(deps): bump the python-dependencies group with 5 updates#22
kanywst merged 2 commits into
mainfrom
dependabot/uv/python-dependencies-04344e02b9

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 11, 2026

Copy link
Copy Markdown
Contributor

Bumps the python-dependencies group with 5 updates:

Package From To
agent-client-protocol 0.10.1 0.11.0
uvicorn 0.49.0 0.51.0
claude-agent-sdk 0.2.110 0.2.116
ruff 0.15.20 0.15.21
mypy 2.1.0 2.2.0

Updates agent-client-protocol from 0.10.1 to 0.11.0

Release notes

Sourced from agent-client-protocol's releases.

0.11.0

What's Changed

Full Changelog: agentclientprotocol/python-sdk@0.10.1...0.11.0

Commits
  • 0f2859a docs: add 0.11 migration guide
  • b2db256 docs: fix quickstart prompt signature
  • f8431a9 feat(schema): bump ACP schema to v1.16.0 (#114)
  • fe643ab fix: close run_agent connection on cancellation (#113)
  • 6bcf11a fix: recover from oversized JSON-RPC frames (#111)
  • 3756c28 feat: update ACP schema to v0.13.6 (#110)
  • 50a27ef feat: update ACP schema to v0.13.3 (#106)
  • d6e5def chore(deps): bump uv in the uv group across 1 directory (#107)
  • See full diff in compare view

Updates uvicorn from 0.49.0 to 0.51.0

Release notes

Sourced from uvicorn's releases.

Version 0.51.0

What's Changed

Full Changelog: Kludex/uvicorn@0.50.2...0.51.0

Version 0.50.1

What's Changed

New Contributors

Full Changelog: Kludex/uvicorn@0.50.0...0.50.1

Version 0.50.0

What's Changed

Full Changelog: Kludex/uvicorn@0.49.0...0.50.0

Changelog

Sourced from uvicorn's changelog.

0.51.0 (July 8, 2026)

Added

  • Restart workers one at a time on SIGHUP, bringing each replacement up before retiring the old worker, so reloads no longer drop requests (#3025)

Removed

  • Remove colorama from the standard extra (#3027)

0.50.2 (July 6, 2026)

Fixed

  • Require websockets>=13.0, which the default websockets-sansio implementation needs (#3021)

0.50.1 (July 6, 2026)

Fixed

  • Split comma-separated Sec-WebSocket-Protocol values in the websockets-sansio implementation (#3019)

0.50.0 (July 4, 2026)

If you use WebSockets, note that --ws auto now picks the websockets-sansio implementation. You shouldn't need it, but you can pin --ws websockets to get the deprecated legacy one back.

Changed

  • Exit with the dedicated code 3 on any startup failure: app loading, socket bind and lifespan startup errors previously exited with a mix of 0, 1 and 3 (#3001)
  • Stop the multiprocess supervisor when a worker exits with code 3 instead of restarting it forever (#3001)
  • Default --ws auto to websockets-sansio when websockets is installed (#2985)
  • Skip the eager app import in the parent process with --reload or --workers, fixing a memory regression introduced in 0.47.0 (#3012)
  • Build a fresh asgi scope dict per request (#2977)
  • Cache the asgi scope sub-dict per connection (#2976)
  • Avoid copying single-frame WebSocket payloads in websockets-sansio (#2983)
  • Memoize trusted host checks in ProxyHeadersMiddleware (#2970)
  • Replace click.style with an internal ANSI style helper (#2981)

Deprecated

  • Deprecate the legacy websockets implementation; use websockets-sansio or wsproto instead (#2985)
Commits
  • e4d0b05 Version 0.51.0 (#3028)
  • 944e43d Remove colorama from the standard extra (#3027)
  • 2e78770 Restart workers with overlap on SIGHUP for near-zero-downtime reloads (#3025)
  • a1b570c Version 0.50.2 (#3022)
  • 83c7da7 Require websockets>=13.0 for the default sansio implementation (#3021)
  • b4d0116 Version 0.50.1 (#3020)
  • 2a9151d Split comma-separated Sec-WebSocket-Protocol values in the websockets-sansi...
  • 1bf3ab4 Cover the excluded-directory branch in FileFilter with a direct test (#3014)
  • 837b5f9 Deflake multiprocess, reload, and signal supervisor tests (#2975)
  • 21d2c16 Version 0.50.0 (#3013)
  • Additional commits viewable in compare view

Updates claude-agent-sdk from 0.2.110 to 0.2.116

Release notes

Sourced from claude-agent-sdk's releases.

v0.2.116

Internal/Other Changes

  • Updated bundled Claude CLI to version 2.1.207
  • Fixed CI workspace trust so Claude Code honors project-scoped permission grants in checkout directories (#1085)

PyPI: https://pypi.org/project/claude-agent-sdk/0.2.116/

pip install claude-agent-sdk==0.2.116

v0.2.115

Internal/Other Changes

  • Updated bundled Claude CLI to version 2.1.206

PyPI: https://pypi.org/project/claude-agent-sdk/0.2.115/

pip install claude-agent-sdk==0.2.115

v0.2.114

Internal/Other Changes

  • Updated bundled Claude CLI to version 2.1.205

PyPI: https://pypi.org/project/claude-agent-sdk/0.2.114/

pip install claude-agent-sdk==0.2.114

v0.2.113

Internal/Other Changes

... (truncated)

Changelog

Sourced from claude-agent-sdk's changelog.

0.2.116

Internal/Other Changes

  • Updated bundled Claude CLI to version 2.1.207
  • Fixed CI workspace trust so Claude Code honors project-scoped permission grants in checkout directories (#1085)

0.2.115

Internal/Other Changes

  • Updated bundled Claude CLI to version 2.1.206

0.2.114

Internal/Other Changes

  • Updated bundled Claude CLI to version 2.1.205

0.2.113

Internal/Other Changes

  • Updated bundled Claude CLI to version 2.1.204

0.2.112

Internal/Other Changes

  • Updated bundled Claude CLI to version 2.1.203

0.2.111

Bug Fixes

  • Zombie CLI subprocess prevention: Shielded subprocess cleanup from asyncio cancellation so SIGTERM/SIGKILL teardown always runs, preventing orphaned claude child processes when the parent task is cancelled (#1082)
  • Silent whitespace loss on large NDJSON lines: Fixed the NDJSON parser silently dropping whitespace when a single line exceeded the 64 KiB stream buffer, which could corrupt tool output or assistant message content (#1083)
  • TypeError on non-dict message content: Fixed an uncaught TypeError when the CLI emits a message whose content field is a plain string or other non-dict value instead of the expected list of content blocks (#1058)
  • can_use_tool shadowed by allowed_tools: Added a runtime warning when a can_use_tool callback is registered alongside allowed_tools or bypassPermissions, which silently prevents the callback from ever firing (#1081)

Internal/Other Changes

  • Updated bundled Claude CLI to version 2.1.202
  • Fixed e2e stderr test flakiness by running the query from a clean working directory (#1084)
Commits
  • 528265f docs: update changelog for v0.2.116
  • 1a887d9 chore: release v0.2.116
  • 85ad6a6 chore: bump bundled CLI version to 2.1.207
  • b817bf5 ci: trust the checkout workspace so Claude Code honors project-scoped grants ...
  • 41f7b2d docs: update changelog for v0.2.115
  • ac4772e chore: release v0.2.115
  • 66bfd70 chore: bump bundled CLI version to 2.1.206
  • fdee0ad docs: update changelog for v0.2.114
  • 5aa66ae chore: release v0.2.114
  • 8d4ab78 chore: bump bundled CLI version to 2.1.205
  • Additional commits viewable in compare view

Updates ruff from 0.15.20 to 0.15.21

Release notes

Sourced from ruff's releases.

0.15.21

Release Notes

Released on 2026-07-09.

Preview features

  • Add --add-ignore for adding ruff:ignore comments (#26346)
  • [flake8-comprehensions] Drop C409 tuple comprehension preview behavior (#25707)
  • Avoid whitespace normalization when formatting comments (#26455)
  • [pyupgrade] Lint and fix use of deprecated abc decorators (UP051) (#26417)

Bug fixes

  • Refine non-empty f-string detection (#26526)
  • Detect syntax errors in individual notebook cells (#26419)
  • [flake8-implicit-str-concat] Fix ISC003 autofix incorrectly stripping + from comments (#26554)

Rule changes

  • [flake8-executable] Mark EXE004 fix as unsafe (#26033)
  • [flake8-pyi] Mark PYI061 fixes as unsafe in Python files (#26533)
  • [pydocstyle] Skip overload-with-docstring in stub files (D418) (#26318)

Performance

  • Avoid per-token source index visitor calls (#26506)
  • Cache parenthesized expression boundaries in the formatter (#26344)
  • Improve performance of rendering edits in preview mode (#26565)
  • Inline fits_element in formatter (#26429)
  • Inline formatter printing hot paths (#26504)
  • Lazily create builtin bindings (#26510)
  • Skip empty trivia scans in the source indexer (#26507)
  • Use ICF for macOS release builds (#25780)

Formatter

  • Add --extend-exclude to ruff format (#26372)

Documentation

  • Add "How does Ruff's import sorting compare to isort?" link to README (#26530)
  • Fix Mozilla Firefox repository link in README (#26537)
  • [flake8-bandit] Fix misleading docstring for mako-templates (S702) (#26432)
  • [ruff] Fix non-triggering example for if-key-in-dict-del (RUF051) (#26433)

Contributors

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.21

Released on 2026-07-09.

Preview features

  • Add --add-ignore for adding ruff:ignore comments (#26346)
  • [flake8-comprehensions] Drop C409 tuple comprehension preview behavior (#25707)
  • Avoid whitespace normalization when formatting comments (#26455)
  • [pyupgrade] Lint and fix use of deprecated abc decorators (UP051) (#26417)

Bug fixes

  • Refine non-empty f-string detection (#26526)
  • Detect syntax errors in individual notebook cells (#26419)
  • [flake8-implicit-str-concat] Fix ISC003 autofix incorrectly stripping + from comments (#26554)

Rule changes

  • [flake8-executable] Mark EXE004 fix as unsafe (#26033)
  • [flake8-pyi] Mark PYI061 fixes as unsafe in Python files (#26533)
  • [pydocstyle] Skip overload-with-docstring in stub files (D418) (#26318)

Performance

  • Avoid per-token source index visitor calls (#26506)
  • Cache parenthesized expression boundaries in the formatter (#26344)
  • Improve performance of rendering edits in preview mode (#26565)
  • Inline fits_element in formatter (#26429)
  • Inline formatter printing hot paths (#26504)
  • Lazily create builtin bindings (#26510)
  • Skip empty trivia scans in the source indexer (#26507)
  • Use ICF for macOS release builds (#25780)

Formatter

  • Add --extend-exclude to ruff format (#26372)

Documentation

  • Add "How does Ruff's import sorting compare to isort?" link to README (#26530)
  • Fix Mozilla Firefox repository link in README (#26537)
  • [flake8-bandit] Fix misleading docstring for mako-templates (S702) (#26432)
  • [ruff] Fix non-triggering example for if-key-in-dict-del (RUF051) (#26433)

Contributors

... (truncated)

Commits

Updates mypy from 2.1.0 to 2.2.0

Changelog

Sourced from mypy's changelog.

Mypy Release Notes

Next Release

Mypy 2.2

We've just uploaded mypy 2.2.0 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features, performance improvements and bug fixes. You can install it as follows:

python3 -m pip install -U mypy

You can read the full documentation for this release on Read the Docs.

Support for Closed TypedDicts (PEP 728)

Mypy now supports closed TypedDicts as specified in PEP 728. A closed TypedDict cannot have extra keys beyond those explicitly defined. This allows the type checker to determine that certain operations are safe when they otherwise wouldn't be due to the potential presence of unknown keys.

You can use the closed keyword argument with TypedDict:

HasName = TypedDict("HasName", {"name": str})
HasOnlyName = TypedDict("HasOnlyName", {"name": str}, closed=True)
Movie = TypedDict("Movie", {"name": str, "year": int})
movie: Movie = {"name": "Nimona", "year": 2023}
has_name: HasName = movie  # OK: HasName is open (default)
has_only_name: HasOnlyName = movie  # Error: HasOnlyName is closed and Movie has extra "year" key

Closed TypedDicts enable more precise type checking because the type checker knows exactly which keys are present. This is particularly useful when working with TypedDict unions or when you want to ensure that a TypedDict conforms to an exact shape.

The closed keyword also enables safe type narrowing with in checks:

Book = TypedDict('Book', {'book': str}, closed=True)
DVD = TypedDict('DVD', {'dvd': str}, closed=True)
type Inventory = Book | DVD
def print_type(inventory: Inventory) -> None:
if "book" in inventory:
# Type is narrowed to Book here - safe because DVD is closed
print(inventory["book"])
else:
# Type is narrowed to DVD here
print(inventory["dvd"])
</tr></table>

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the python-dependencies group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [agent-client-protocol](https://github.com/agentclientprotocol/python-sdk) | `0.10.1` | `0.11.0` |
| [uvicorn](https://github.com/Kludex/uvicorn) | `0.49.0` | `0.51.0` |
| [claude-agent-sdk](https://github.com/anthropics/claude-agent-sdk-python) | `0.2.110` | `0.2.116` |
| [ruff](https://github.com/astral-sh/ruff) | `0.15.20` | `0.15.21` |
| [mypy](https://github.com/python/mypy) | `2.1.0` | `2.2.0` |


Updates `agent-client-protocol` from 0.10.1 to 0.11.0
- [Release notes](https://github.com/agentclientprotocol/python-sdk/releases)
- [Commits](agentclientprotocol/python-sdk@0.10.1...0.11.0)

Updates `uvicorn` from 0.49.0 to 0.51.0
- [Release notes](https://github.com/Kludex/uvicorn/releases)
- [Changelog](https://github.com/Kludex/uvicorn/blob/main/docs/release-notes.md)
- [Commits](Kludex/uvicorn@0.49.0...0.51.0)

Updates `claude-agent-sdk` from 0.2.110 to 0.2.116
- [Release notes](https://github.com/anthropics/claude-agent-sdk-python/releases)
- [Changelog](https://github.com/anthropics/claude-agent-sdk-python/blob/main/CHANGELOG.md)
- [Commits](anthropics/claude-agent-sdk-python@v0.2.110...v0.2.116)

Updates `ruff` from 0.15.20 to 0.15.21
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.20...0.15.21)

Updates `mypy` from 2.1.0 to 2.2.0
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](python/mypy@v2.1.0...v2.2.0)

---
updated-dependencies:
- dependency-name: agent-client-protocol
  dependency-version: 0.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-dependencies
- dependency-name: uvicorn
  dependency-version: 0.51.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-dependencies
- dependency-name: claude-agent-sdk
  dependency-version: 0.2.116
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: python-dependencies
- dependency-name: ruff
  dependency-version: 0.15.21
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: python-dependencies
- dependency-name: mypy
  dependency-version: 2.2.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: python-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Jul 11, 2026
….11.0

The 0.11.0 bump reorders the Client interface methods to put session_id
first: request_permission, read_text_file, and write_text_file all
changed argument order (and write_text_file now returns
WriteTextFileResponse | None). Align the bridge overrides and their
tests so mypy's override check passes again.
@kanywst kanywst merged commit 163ade0 into main Jul 11, 2026
3 checks passed
@kanywst kanywst deleted the dependabot/uv/python-dependencies-04344e02b9 branch July 11, 2026 09:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant