Skip to content

fix(deps): bump the backend group in /backend with 2 updates#69

Merged
vovinacci merged 1 commit intomainfrom
dependabot/pip/backend/backend-43b2000300
Mar 24, 2026
Merged

fix(deps): bump the backend group in /backend with 2 updates#69
vovinacci merged 1 commit intomainfrom
dependabot/pip/backend/backend-43b2000300

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 23, 2026

Bumps the backend group in /backend with 2 updates: uvicorn[standard] and ruff.

Updates uvicorn[standard] from 0.41.0 to 0.42.0

Release notes

Sourced from uvicorn[standard]'s releases.

Version 0.42.0

Changed

  • Use bytearray for request body accumulation to avoid O(n^2) allocation on fragmented bodies (#2845)

Fixed

  • Escape brackets and backslash in httptools HEADER_RE regex (#2824)
  • Fix multiple issues in websockets sans-io implementation (#2825)

New Contributors

Full Changelog: Kludex/uvicorn@0.41.0...0.42.0

Changelog

Sourced from uvicorn[standard]'s changelog.

0.42.0 (March 16, 2026)

Changed

  • Use bytearray for request body accumulation to avoid O(n^2) allocation on fragmented bodies (#2845)

Fixed

  • Escape brackets and backslash in httptools HEADER_RE regex (#2824)
  • Fix multiple issues in websockets sans-io implementation (#2825)
Commits
  • 02bed6f Version 0.42.0 (#2852)
  • d8f2501 chore: pre-create Config objects in benchmarks to measure protocol hot paths ...
  • 9dbb783 Add WebSocket protocol benchmarks for wsproto and websockets-sansio (#2849)
  • b3c69da Use bytearray for request body accumulation (#2845)
  • 3f3ebee Disable pytest-xdist for CodSpeed benchmark runs (#2847)
  • d072de7 Add fragmented body benchmark for chunked body accumulation (#2846)
  • e300c2c Add CodSpeed benchmark suite for HTTP protocol hot paths (#2844)
  • 1fa6976 Escape brackets and backslash in httptools HEADER_RE regex (#2824)
  • 59ec1de Fix multiple issues in websockets sansio implementation (#2825)
  • 2fc0efc Clarify Windows asyncio event loop selection in docs (#2843)
  • Additional commits viewable in compare view

Updates ruff from 0.15.6 to 0.15.7

Release notes

Sourced from ruff's releases.

0.15.7

Release Notes

Released on 2026-03-19.

Preview features

  • Display output severity in preview (#23845)
  • Don't show noqa hover for non-Python documents (#24040)

Rule changes

  • [pycodestyle] Recognize pyrefly: as a pragma comment (E501) (#24019)

Server

  • Don't return code actions for non-Python documents (#23905)

Documentation

  • Add company AI policy to contributing guide (#24021)
  • Document editor features for Markdown code formatting (#23924)
  • [pylint] Improve phrasing (PLC0208) (#24033)

Other changes

  • Use PEP 639 license information (#19661)

Contributors

Install ruff 0.15.7

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/ruff/releases/download/0.15.7/ruff-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/ruff/releases/download/0.15.7/ruff-installer.ps1 | iex"
</tr></table>

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.7

Released on 2026-03-19.

Preview features

  • Display output severity in preview (#23845)
  • Don't show noqa hover for non-Python documents (#24040)

Rule changes

  • [pycodestyle] Recognize pyrefly: as a pragma comment (E501) (#24019)

Server

  • Don't return code actions for non-Python documents (#23905)

Documentation

  • Add company AI policy to contributing guide (#24021)
  • Document editor features for Markdown code formatting (#23924)
  • [pylint] Improve phrasing (PLC0208) (#24033)

Other changes

  • Use PEP 639 license information (#19661)

Contributors

Commits
  • 0ef39de Bump 0.15.7 (#24049)
  • beb543b [ty] ecosystem-analyzer: Fail on newly panicking projects (#24043)
  • 378fe73 Don't show noqa hover for non-Python documents (#24040)
  • b5665bd [pylint] Improve phrasing (PLC0208) (#24033)
  • 6e20f22 test: migrate show_settings and version tests to use CliTest (#23702)
  • f99b284 Drain file watcher events during test setup (#24030)
  • 744c996 [ty] Filter out unsatisfiable inference attempts during generic call narrowin...
  • 1616095 [ty] Avoid inferring intersection types for call arguments (#23933)
  • 7f275f4 [ty] Pin mypy_primer in setup_primer_project.py (#24020)
  • 7255e36 [pycodestyle] Recognize pyrefly: as a pragma comment (E501) (#24019)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
fix(deps): bump the backend group in /backend with 2 updates
ceef8d1 
Bumps the backend group in /backend with 2 updates: [uvicorn[standard]](https://github.com/Kludex/uvicorn) and [ruff](https://github.com/astral-sh/ruff).


Updates `uvicorn[standard]` from 0.41.0 to 0.42.0
- [Release notes](https://github.com/Kludex/uvicorn/releases)
- [Changelog](https://github.com/Kludex/uvicorn/blob/main/docs/release-notes.md)
- [Commits](Kludex/uvicorn@0.41.0...0.42.0)

Updates `ruff` from 0.15.6 to 0.15.7
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.6...0.15.7)

---
updated-dependencies:
- dependency-name: uvicorn[standard]
  dependency-version: 0.42.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: backend
- dependency-name: ruff
  dependency-version: 0.15.7
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: backend
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot requested a review from vovinacci as a code owner March 23, 2026 03:46
@vovinacci vovinacci merged commit c2f8bbb into main Mar 24, 2026
5 checks passed
@vovinacci vovinacci deleted the dependabot/pip/backend/backend-43b2000300 branch March 24, 2026 10:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@vovinacci vovinacci vovinacci approved these changes

Assignees

No one assigned

Labels

dependencies python

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@vovinacci