chore(deps): bump tornado from 6.5.5 to 6.5.6#476
Conversation
Bumps [tornado](https://github.com/tornadoweb/tornado) from 6.5.5 to 6.5.6. - [Changelog](https://github.com/tornadoweb/tornado/blob/master/docs/releases.rst) - [Commits](tornadoweb/tornado@v6.5.5...v6.5.6) --- updated-dependencies: - dependency-name: tornado dependency-version: 6.5.6 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
* chore(deps): bump Python dependencies (dependabot batch) Root (pyproject.toml + poetry.lock): - click 8.3.3 -> 8.4.1 (#458) - filelock 3.29.0 -> 3.29.4 (#479) - pydantic 2.13.3 -> 2.13.4 (#422) - aiobotocore 3.6.0 -> 3.7.0 (#414) - aiohttp 3.13.5 -> 3.14.1 (#473) - tornado 6.5.5 -> 6.5.7 (#476) - urllib3 2.6.3 -> 2.7.0 (#429) - idna 3.11 -> 3.18 (#450) - aws-durable-execution-sdk-python 1.4.0 -> 1.5.0 (#464) - redis 7.4.0 -> 8.0.0 (#472, major) - mypy 1.20.2 -> 2.1.0 (#439, major) - ruff 0.15.12 -> 0.15.17 (#480) - black 26.3.1 -> 26.5.1 (#456) - moto 5.2.0 -> 5.2.2 (#478) - pytest-asyncio 1.3.0 -> 1.4.0 (#470) - types-python-dateutil -> 2.9.0.20260518 (#466) - types-pyyaml -> 6.0.12.20260518 (#453) dashboard/backend: idna 3.11 -> 3.18 (#451, transitive) mypy 2.1.0 surfaced two latent type errors in cli/utils/interactive.py; collapsed the two-loop choice conversion into a single isinstance-narrowed loop. Verified: ruff check, ruff format --check, mypy (net-neutral vs the pre-existing AWS-module errors on main), and full pytest suite (971 passed). redis floor kept at >=5.0.0 in optional-dependencies to avoid forcing redis 8 on library consumers; lockfile pins 8.0.0 for dev. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * chore(deps): bump frontend dependencies (dependabot batch) dashboard/frontend (package.json + package-lock.json): - @tabler/icons-react 3.41 -> 3.44.0 (#416) - @tailwindcss/vite 4.2.4 -> 4.3.0 (#426) - tailwindcss 4.2.4 -> 4.3.0 (#413) - @tanstack/react-query 5.100.8 -> 5.100.13 (#454) - @tanstack/react-query-devtools 5.99 -> 5.100.13 (#463) - @tanstack/eslint-plugin-query 5.100.8 -> 5.100.13 (#457) - @tanstack/react-router 1.169.1 -> 1.170.7 (#467) - @tanstack/react-router-devtools 1.166.13 -> 1.167.0 (#446) - @tanstack/router-plugin 1.167.32 -> 1.168.10 (#462) - @uiw/react-codemirror 4.25.9 -> 4.25.10 (#460) - @hookform/resolvers 5.2.2 -> 5.4.0 (#455) - react-hook-form 7.75.0 -> 7.76.1 (#465) - axios 1.16.0 -> 1.16.1 (#437) - date-fns 4.1.0 -> 4.3.0 (#459) - lucide-react 1.14.0 -> 1.16.0 (#443) - react 19.2.5 -> 19.2.6 (#427) - tailwind-merge 3.5.0 -> 3.6.0 (#432) - zod 4.4.2 -> 4.4.3 (#418) - zustand 5.0.12 -> 5.0.13 (#423) - @types/node 25.6.0 -> 25.9.1 (#469) - @vitejs/plugin-react-swc 4.3.0 -> 4.3.1 (#448) - eslint 10.3.0 -> 10.4.0 (#440) - typescript-eslint 8.59.1 -> 8.59.4 (#452) - vite 8.0.10 -> 8.0.16 (#481, supersedes #468) Held back: react-day-picker 9.14.0 -> 10.0.1 (#441) — the v10 major removes the `table` key from its ClassNames type and breaks the build in src/components/ui/calendar.tsx. Left at 9.14.0 pending a calendar migration. Verified: npm run build passes. Frontend lint is unchanged vs main (pre-existing errors, not gated in CI). yarn.lock/pnpm-lock are vestigial (Dockerfile uses `npm ci`) and intentionally left untouched. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * chore(deps): bump codecov/codecov-action from 6 to 7 (#477) Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
|
Resolved by #483 (batch dependabot update), merged into main. This bump is already on main at or above the requested version. |
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
Bumps tornado from 6.5.5 to 6.5.6.
Changelog
Sourced from tornado's changelog.
... (truncated)
Commits
aba2569Merge pull request #3626 from bdarnell/fixes-656a24b260httpclient_test: Accept an additional error message varianta74240aRelease notes and version bump for 6.5.6.e8fc7edsimple_httpclient: Strip auth headers on cross-origin redirects96dc88cspeedups: validate mask lengthff808b3http1connection: Enforce max_body_size in _GzipMessageDelegateede4e37auth: Correctly parse check_authentication response1c178beRemove obsolete curl force_timeout workaroundc99d55bReplace deprecated pycurl IOCTLFUNCTION callback with SEEKFUNCTION2761431Merge pull request #3587 from bdarnell/fix-linkDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.