Skip to content

Bump the dependencies group with 10 updates#1096

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/dependencies-132d23cd51
Open

Bump the dependencies group with 10 updates#1096
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/dependencies-132d23cd51

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 1, 2026

Bumps the dependencies group with 10 updates:

Package From To
pymongo 4.10.1 4.17.0
paramiko 3.5.1 4.0.0
boto3 1.42.96 1.42.97
azure-storage-blob 12.27.1 12.28.0
responses 0.21.0 0.26.0
botocore 1.42.96 1.42.97
urllib3 1.26.20 2.6.3
mpmath 1.3.0 1.4.1
textual 8.2.4 8.2.5
virtualenv 21.2.4 21.3.0

Updates pymongo from 4.10.1 to 4.17.0

Release notes

Sourced from pymongo's releases.

PyMongo 4.17.0

Community notes

What's Changed

... (truncated)

Changelog

Sourced from pymongo's changelog.

Changes in Version 4.17.0 (2026/04/20)

PyMongo 4.17 brings a number of changes including:

  • has_key, iterkeys and itervalues in :class:bson.son.SON have been deprecated and will be removed in PyMongo 5.0. These methods were deprecated in favor of the standard dictionary containment operator in and the keys() and values() methods, respectively.
  • Added the :meth:~pymongo.asynchronous.client_session.AsyncClientSession.bind and :meth:~pymongo.client_session.ClientSession.bind methods that allow users to bind a session to all database operations within the scope of a context manager instead of having to explicitly pass the session to each individual operation. See the Transactions docs <https://www.mongodb.com/docs/languages/python/pymongo-driver/current/crud/transactions/#methods>_ for examples and more information.
  • Added support for MongoDB's Intelligent Workload Management (IWM) and ingress connection rate limiting features. The driver now gracefully handles write-blocking scenarios and optimizes connection establishment during high-load conditions to maintain application availability. See the IWM <https://www.mongodb.com/docs/atlas/intelligent-workload-management>_ or Overload Errors <https://www.mongodb.com/docs/atlas/overload-errors/?interface=driver&language=python>_ docs for more information.

Changes in Version 4.16.0 (2026/01/07)

PyMongo 4.16 brings a number of changes including:

  • Removed invalid documents from :class:bson.errors.InvalidDocument error messages as doing so may leak sensitive user data. Instead, invalid documents are stored in :attr:bson.errors.InvalidDocument.document.
  • PyMongo now requires dnspython>=2.6.1, since dnspython 1.0 is no longer maintained. The minimum version is 2.6.1 to account for CVE-2023-29483 <https://www.cve.org/CVERecord?id=CVE-2023-29483>_.
  • Removed support for Eventlet. Eventlet is actively being sunset by its maintainers and has compatibility issues with PyMongo's dnspython dependency.
  • Use Zstandard support from the standard library for Python 3.14+, and use backports.zstd for older versions.
  • Fixed return type annotation for find_one_and_* methods on :class:~pymongo.asynchronous.collection.AsyncCollection and :class:~pymongo.synchronous.collection.Collection to include None.
  • Added support for NumPy 1D-arrays in :class:bson.binary.BinaryVector.
  • Prevented :class:~pymongo.encryption.ClientEncryption from loading the crypt shared library to fix "MongoCryptError: An existing crypt_shared library is loaded by the application" unless the linked library search path is set.

Changes in Version 4.15.5 (2025/12/02)

Version 4.15.5 is a bug fix release.

  • Fixed a bug that could cause AutoReconnect("connection pool paused") errors when cursors fetched more documents from the database after SDAM heartbeat failures.

Changes in Version 4.15.4 (2025/10/21)

Version 4.15.4 is a bug fix release.

  • Relaxed the callback type of :meth:~pymongo.asynchronous.client_session.AsyncClientSession.with_transaction to allow the broader Awaitable type rather than only Coroutine objects.
  • Added the missing Python 3.14 trove classifier to the package metadata.

... (truncated)

Commits
  • f2103a9 Prep branch v4.17
  • 3491c08 PYTHON-5801 - Update changelog for 4.17 release (#2762)
  • 912ef33 PYTHON-5798 - Overload retargeting prose tests do not ensure that sec… (#2760)
  • b4e2c03 PYTHON-5800 - Simple collation is included in index information (#2761)
  • f31ba09 PYTHON-5797 - Add IWM and Overload Error links to changelog (#2757)
  • 5da9183 PYTHON-5794 - Add prose tests to verify correct retry behavior when a… (#2755)
  • 35e51a5 Revert "PYTHON-5768 Add AGENTS.md w/copilot instructions" (#2744) (#2754)
  • f41dd5c PYTHON-5772 Increase _gcp_helpers.py coverage (#2749)
  • 49e7a05 PYTHON-5760 Increase _azure_helpers.py coverage (#2747)
  • a2b0cd8 PYTHON-5795 Fix absolute link to CONTRIBUTING.md in README.md (#2756)
  • Additional commits viewable in compare view

Updates paramiko from 3.5.1 to 4.0.0

Commits
  • aad0370 Cut 4.0.0 in changelog
  • 76f2406 Speling
  • 8c4277c Fix syntax-warning-throwing unittest method call
  • d3a9617 Test existence of root module dunder version
  • 9579700 Nuke mentions of specific Python 3.x versions from docs etc
  • dbfd52c Administrivia update: Python>=3.9, pyproject.toml, etc
  • c2ba378 Remove outdated version check in GSS module
  • 2af0dd7 I'm good at my job, honest
  • e534b1a Fixes #973: remove DSA/DSS support
  • 3523feb Tweak .gitignore to more safely ignore top level docs/
  • See full diff in compare view

Updates boto3 from 1.42.96 to 1.42.97

Commits

Updates azure-storage-blob from 12.27.1 to 12.28.0

Commits
  • b3301ac STG 100 GA Release Date for 2026-01-06
  • beb8dfa [Storage][STG 100] Prepare branch for GA + cherry-pick block size change (#44...
  • 874cfcf [Storage] Update Swagger and Release Date (#44243)
  • 4aca0cc Fix perf tests on Python 3.14 + Storage change (#44230)
  • cd5ecc5 [Storage] Fix 100 Live Tests (#44108)
  • 1cd78b1 [Storage] Added support for Python 3.14 + update 100 release date (#44224)
  • 471cda1 [Storage] Add Blob download perf test that uses HTTP library directly (#44111)
  • 9e53510 [Storage] Decompression for Binary Response in Download APIs (#43587)
  • 68b646b Removed create file with data and file semantics features (#43978)
  • 09f0066 [Storage] Added Support for UseDevelopmentStorage=true; for Connection Stri...
  • Additional commits viewable in compare view

Updates responses from 0.21.0 to 0.26.0

Release notes

Sourced from responses's releases.

0.26.0

  • When using assert_all_requests_are_fired=True, assertions about unfired requests are now raised even when an exception occurs in the context manager or decorated function. Previously, these assertions were suppressed when exceptions occurred. This new behavior provides valuable debugging context about which mocked requests were or weren't called.
  • Consider the Retry-After header when handling retries

0.25.8

  • Fix bug where the content type is always recorded as either text/plain or application/json. See #770
  • Allow asserts on add_callback() matches. See #727

0.25.7

  • Added support for python 3.13

0.25.6

No release notes provided.

0.25.5

No release notes provided.

0.25.3

  • Fixed recorder not saving and loading response headers with yaml files. See #715

0.25.2

  • Mulligan on 0.25.1 to run release pipeline correctly.
  • Added matchers.body_matcher for matching string request bodies. See #717

Responses 0.25.1

What's Changed

New Contributors

Full Changelog: getsentry/responses@0.25.0...0.25.1

0.25.0

  • Added support for Python 3.12
  • Fixed matchers.header_matcher not failing when a matched header is missing from the request. See #702

0.24.1

  • Reverted overloads removal
  • Added typing to Call attributes.
  • Fix socket issues (see #693)

0.24.0

... (truncated)

Changelog

Sourced from responses's changelog.

0.26.0

  • When using assert_all_requests_are_fired=True, assertions about unfired requests are now raised even when an exception occurs in the context manager or decorated function. Previously, these assertions were suppressed when exceptions occurred. This new behavior provides valuable debugging context about which mocked requests were or weren't called.
  • Consider the Retry-After header when handling retries

0.25.8

  • Fix bug where the content type is always recorded as either text/plain or application/json. See #770
  • Allow asserts on add_callback() matches. See #727

0.25.7

  • Added support for python 3.13

0.25.6

  • Added py.typed to package_data

0.25.5

  • Fix readme issue that prevented 0.25.4 from being published to pypi.

0.25.4

  • Responses can now match requests that use data with file-like objects. Files will be read as bytes and stored in the request mock. See #736
  • RequestsMock.matchers was added. This property is an alias to responses.matchers. See #739
  • Removed tests from packaged wheels. See #746
  • Improved recorder API to ease use in REPL environments. See #745

0.25.3

  • Fixed recorder not saving and loading response headers with yaml files. See #715

0.25.2

  • Mulligan on 0.25.1 to run release pipeline correctly.

... (truncated)

Commits
  • 94913d0 release: 0.26.0
  • 051b79e Make assert_all_requests_are_fired always assert on exception (#782)
  • 0905cb8 Fix query_param_matcher not matching empty query parameter values (#787)
  • e0c6faa ci(release): Switch from action-prepare-release to Craft (#785)
  • 1be3a73 fix: Consider the Retry-After header when handling retries (#784)
  • c6730fb Merge branch 'release/0.25.8'
  • cdd104d release: 0.25.8
  • f940dc7 Allow asserts on add_callback() matches (#774)
  • 9485a01 Fix mypy errors in master (#776)
  • 1532e9e 🔧 chore: update return type of RequestsMock.exit (#769)
  • Additional commits viewable in compare view

Updates botocore from 1.42.96 to 1.42.97

Commits

Updates urllib3 from 1.26.20 to 2.6.3

Release notes

Sourced from urllib3's releases.

2.6.3

🚀 urllib3 is fundraising for HTTP/2 support

urllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects please consider contributing financially to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.

Thank you for your support.

Changes

2.6.2

🚀 urllib3 is fundraising for HTTP/2 support

urllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects please consider contributing financially to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.

Thank you for your support.

Changes

  • Fixed HTTPResponse.read_chunked() to properly handle leftover data in the decoder's buffer when reading compressed chunked responses. (urllib3/urllib3#3734)

2.6.1

🚀 urllib3 is fundraising for HTTP/2 support

urllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects please consider contributing financially to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.

Thank you for your support.

Changes

  • Restore previously removed HTTPResponse.getheaders() and HTTPResponse.getheader() methods. (#3731)

2.6.0

🚀 urllib3 is fundraising for HTTP/2 support

urllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects please consider contributing financially to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.

Thank you for your support.

Security

  • Fixed a security issue where streaming API could improperly handle highly compressed HTTP content ("decompression bombs") leading to excessive resource consumption even when a small amount of data was requested. Reading small chunks of compressed data is safer and much more efficient now. (CVE-2025-66471 reported by @​Cycloctane, 8.9 High, GHSA-2xpw-w6gg-jr37)
  • Fixed a security issue where an attacker could compose an HTTP response with virtually unlimited links in the Content-Encoding header, potentially leading to a denial of service (DoS) attack by exhausting system resources during decoding. The number of allowed chained encodings is now limited to 5. (CVE-2025-66418 reported by @​illia-v, 8.9 High, GHSA-gm62-xv2j-4w53)

[!IMPORTANT]

  • If urllib3 is not installed with the optional urllib3[brotli] extra, but your environment contains a Brotli/brotlicffi/brotlipy package anyway, make sure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to benefit from the security fixes and avoid warnings. Prefer using urllib3[brotli] to install a compatible Brotli package automatically.

... (truncated)

Changelog

Sourced from urllib3's changelog.

2.6.3 (2026-01-07)

  • Fixed a high-severity security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were followed. (GHSA-38jv-5279-wg99 <https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99>__)
  • Started treating Retry-After times greater than 6 hours as 6 hours by default. ([#3743](https://github.com/urllib3/urllib3/issues/3743) <https://github.com/urllib3/urllib3/issues/3743>__)
  • Fixed urllib3.connection.VerifiedHTTPSConnection on Emscripten. ([#3752](https://github.com/urllib3/urllib3/issues/3752) <https://github.com/urllib3/urllib3/issues/3752>__)

2.6.2 (2025-12-11)

  • Fixed HTTPResponse.read_chunked() to properly handle leftover data in the decoder's buffer when reading compressed chunked responses. ([#3734](https://github.com/urllib3/urllib3/issues/3734) <https://github.com/urllib3/urllib3/issues/3734>__)

2.6.1 (2025-12-08)

  • Restore previously removed HTTPResponse.getheaders() and HTTPResponse.getheader() methods. ([#3731](https://github.com/urllib3/urllib3/issues/3731) <https://github.com/urllib3/urllib3/issues/3731>__)

2.6.0 (2025-12-05)

Security

  • Fixed a security issue where streaming API could improperly handle highly compressed HTTP content ("decompression bombs") leading to excessive resource consumption even when a small amount of data was requested. Reading small chunks of compressed data is safer and much more efficient now. (GHSA-2xpw-w6gg-jr37 <https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37>__)
  • Fixed a security issue where an attacker could compose an HTTP response with virtually unlimited links in the Content-Encoding header, potentially leading to a denial of service (DoS) attack by exhausting system resources during decoding. The number of allowed chained encodings is now limited to 5. (GHSA-gm62-xv2j-4w53 <https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53>__)

.. caution::

  • If urllib3 is not installed with the optional urllib3[brotli] extra, but your environment contains a Brotli/brotlicffi/brotlipy package anyway, make sure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to benefit from the security fixes and avoid warnings. Prefer using

... (truncated)

Commits
  • 0248277 Release 2.6.3
  • 8864ac4 Merge commit from fork
  • 70cecb2 Fix Scorecard issues related to vulnerable dev dependencies (#3755)
  • 41f249a Move "v2.0 Migration Guide" to the end of the table of contents (#3747)
  • fd4dffd Patch VerifiedHTTPSConnection for Emscripten (#3752)
  • 13f0bfd Handle massive values in Retry-After when calculating time to sleep for (#3743)
  • 8c480bf Bump actions/upload-artifact from 5.0.0 to 6.0.0 (#3748)
  • 4b40616 Bump actions/cache from 4.3.0 to 5.0.1 (#3750)
  • 82b8479 Bump actions/download-artifact from 6.0.0 to 7.0.0 (#3749)
  • 34284cb Mention experimental features in the security policy (#3746)
  • Additional commits viewable in compare view

Updates mpmath from 1.3.0 to 1.4.1

Release notes

Sourced from mpmath's releases.

1.4.1

Bug fixes:

  • Fix test_hexadecimal_with_libc_bulk(), see #1049 (Doug Torrance)
  • Keep available deprecated aliases for mpc/mpf_log() (Sergey B Kirpichev)
  • Use version_file option of setuptools-scm to keep version info, see #1048 (Sergey B Kirpichev)
  • Add workaround for test on s390x, see #1061 (Sergey B Kirpichev)

Full Changelog: mpmath/mpmath@1.4.0...1.4.1

1.4.0

Features:

  • Support underscores as digit separators per PEP 515, see #661 (Sergey B Kirpichev)
  • Add rationals converter for mpf's, see #666 (Sergey B Kirpichev)
  • Rewrite bernpoly/eulerpoly to avoid dependency on bernoulli(1) convention, see #700 (Sergey B Kirpichev)
  • Support base kwarg for from_str(), see #703 (Jonathan Warner, Sergey B Kirpichev)
  • Support randmatrix() for mp.iv and mp contexts, see #527 (Maximilian Gaukler)
  • Added rank() function for matrices, see #610 (Jan-Philipp Hoffmann)
  • Add plus flag to select the B_1 sign convention for bernoulli/bernfrac, see #724 (Jeremy Tan Jie Rui, Sergey B Kirpichev)
  • Add mpf.as_integer_ratio() method, support construction of mpf from Decimal objects, see #731 (Sergey B Kirpichev)
  • Expose lower/upper_gamma functions, see #740 (Sergey B Kirpichev)
  • Support mpc initialization from string, see #743 (Sergey B Kirpichev)
  • Support asinh/acosh/atanh in the fp context, see #750 (Sergey B Kirpichev)
  • Support binary/octal/hexadecimal string output, see #711 (Jonathan Warner, Sergey B Kirpichev)
  • Support pickling for matrices and mpi, see #761 (Sergey B Kirpichev)
  • Support matrix.__array__() dunder method, see #767 (Sergey B Kirpichev)
  • Support more number syntaxes, see #778 (Sergey B Kirpichev)
  • Run mpmath as a module for interactive work, see #773, #923, #931, #936, #939 and #954 (Sergey B Kirpichev)
  • Add signed option to to_man_exp(), see #783 (Sergey B Kirpichev)
  • Add fp.hypot, see #798 (Sergey B Kirpichev)
  • Support inf/nan's in ctx.almosteq(), #802 (Sergey B Kirpichev)
  • Implement mpf.__format__(), see #819, #831, #850, #859, #857, #862, #881, #944 and #966 (Javier Garcia, Sergey B Kirpichev)
  • Support conversion from scalar ndarray's, see #821 (Sergey B Kirpichev)
  • Support rounding modes in mpf.__format__, see #823, #831, #834 and #969 (Javier Garcia, Sergey B Kirpichev)
  • Support '%' presentation type for mpf, see #847 (Sergey B Kirpichev)
  • Support gmpy2-like rounding modes in to_str(), see #830 (Javier Garcia)
  • Implement 'a'/'A' formating types for mpf.__format__, see #841 and #870 (Sergey B Kirpichev)
  • Add mpc.__format__(), see #855 (Sergey B Kirpichev)
  • Now mpf.__round__() returns mpf, see #826 and #966 (Sergey B Kirpichev)
  • Support 'b' (binary) format type for mpf/mpc, see #867 (Sergey B Kirpichev)
  • Implement mpf.__floordiv__() and mpf.__divmod__(), see #873 (Sergey B Kirpichev)
  • Add parameters for MPContext constructor, see #876 and #963 (Sergey B Kirpichev)
  • Add MPFR-compatible aliases for rounding modes, see #892 (Sergey B Kirpichev)
  • Support negative indexes in matrix, see #897 (Riccardo Orsi)
  • Better introspection support for decorated functions, see #900 (Sergey B Kirpichev)
  • Add moving sofa demo, see #924 (Sergey B Kirpichev)
  • Support spherical Bessel functions (jn/yn), #935 (Sergey B Kirpichev)
  • Add pretty_dps context property to control number of printed digits, see #933 (Sergey B Kirpichev)

... (truncated)

Changelog

Sourced from mpmath's changelog.

--1.4.1-- Released March 15, 2026

Bug fixes:

  • Fix test_hexadecimal_with_libc_bulk(), see #1049 (Doug Torrance)
  • Keep available deprecated aliases for mpc/mpf_log() (Sergey B Kirpichev)
  • Use version_file option of setuptools-scm to keep version info, see #1048 (Sergey B Kirpichev)
  • Add workaround for test on s390x, see #1061 (Sergey B Kirpichev)

--1.4.0-- Released February 23, 2026

Features:

  • Support underscores as digit separators per PEP 515, see #661 (Sergey B Kirpichev)
  • Add rationals converter for mpf's, see #666 (Sergey B Kirpichev)
  • Rewrite bernpoly/eulerpoly to avoid dependency on bernoulli(1) convention, see #700 (Sergey B Kirpichev)
  • Support base kwarg for from_str(), see #703 (Jonathan Warner, Sergey B Kirpichev)
  • Support randmatrix() for mp.iv and mp contexts, see #527 (Maximilian Gaukler)
  • Added rank() function for matrices, see #610 (Jan-Philipp Hoffmann)
  • Add plus flag to select the B_1 sign convention for bernoulli/bernfrac, see #724 (Jeremy Tan Jie Rui, Sergey B Kirpichev)
  • Add mpf.as_integer_ratio() method, support construction of mpf from Decimal objects, see #731 (Sergey B Kirpichev)
  • Expose lower/upper_gamma functions, see #740 (Sergey B Kirpichev)
  • Support mpc initialization from string, see #743 (Sergey B Kirpichev)
  • Support asinh/acosh/atanh in the fp context, see #750 (Sergey B Kirpichev)
  • Support binary/octal/hexadecimal string output, see #711 (Jonathan Warner, Sergey B Kirpichev)
  • Support pickling for matrices and mpi, see #761 (Sergey B Kirpichev)
  • Support matrix.array() dunder method, see #767 (Sergey B Kirpichev)
  • Support more number syntaxes, see #778 (Sergey B Kirpichev)
  • Run mpmath as a module for interactive work, see #773, #923, #931, #936, #939 and #954 (Sergey B Kirpichev)
  • Add signed option to to_man_exp(), see #783 (Sergey B Kirpichev)
  • Add fp.hypot, see #798 (Sergey B Kirpichev)
  • Support inf/nan's in ctx.almosteq(), #802 (Sergey B Kirpichev)
  • Implement mpf.format(), see #819, #831, #850, #859, #857, #862, #881, #944 and #966 (Javier Garcia, Sergey B Kirpichev)
  • Support conversion from scalar ndarray's, see #821 (Sergey B Kirpichev)
  • Support rounding modes in mpf.format, see #823, #831, #834 and #969 (Javier Garcia, Sergey B Kirpichev)
  • Support '%' presentation type for mpf, see #847 (Sergey B Kirpichev)
  • Support gmpy2-like rounding modes in to_str(), see #830 (Javier Garcia)

... (truncated)

Commits
  • c1131e2 Merge pull request #1053 from skirpichev/release-1.4.1
  • d3d3eb9 Update CHANGES
  • 629daff Add a workaround for test on s390x
  • 96272f3 Revert "Add backport action"
  • e129480 Test frozen package version (#1055)
  • 1ef88b4 Amend docstring for round_digits()
  • 650520b Use version_file option of setuptools-scm to keep version info
  • 501af4a Keep forever deprecated aliases for mpc/mpf_log()
  • 6887127 Set argtypes for sprintf from ctypes
  • f3e9cf0 Update CHANGES (free-threading support)
  • Additional commits viewable in compare view

Updates textual from 8.2.4 to 8.2.5

Release notes

Sourced from textual's releases.

The Antsy Release

This release adds support for dedicated ansi themes, which are also exposed from the command palette.

There were a few tweaks to the theming system which may result in broken snapshots, but there should be no visual changes.

[8.2.5] - 2026-04-30

Added

Changed

Changelog

Sourced from textual's changelog.

[8.2.5] - 2026-04-30

Added

Changed

Commits

@dependabot
Bump the dependencies group with 10 updates
73e414b 
Bumps the dependencies group with 10 updates:

| Package | From | To |
| --- | --- | --- |
| [pymongo](https://github.com/mongodb/mongo-python-driver) | `4.10.1` | `4.17.0` |
| [paramiko](https://github.com/paramiko/paramiko) | `3.5.1` | `4.0.0` |
| [boto3](https://github.com/boto/boto3) | `1.42.96` | `1.42.97` |
| [azure-storage-blob](https://github.com/Azure/azure-sdk-for-python) | `12.27.1` | `12.28.0` |
| [responses](https://github.com/getsentry/responses) | `0.21.0` | `0.26.0` |
| [botocore](https://github.com/boto/botocore) | `1.42.96` | `1.42.97` |
| [urllib3](https://github.com/urllib3/urllib3) | `1.26.20` | `2.6.3` |
| [mpmath](https://github.com/mpmath/mpmath) | `1.3.0` | `1.4.1` |
| [textual](https://github.com/Textualize/textual) | `8.2.4` | `8.2.5` |
| [virtualenv](https://github.com/pypa/virtualenv) | `21.2.4` | `21.3.0` |


Updates `pymongo` from 4.10.1 to 4.17.0
- [Release notes](https://github.com/mongodb/mongo-python-driver/releases)
- [Changelog](https://github.com/mongodb/mongo-python-driver/blob/master/doc/changelog.rst)
- [Commits](mongodb/mongo-python-driver@4.10.1...4.17.0)

Updates `paramiko` from 3.5.1 to 4.0.0
- [Commits](paramiko/paramiko@3.5.1...4.0.0)

Updates `boto3` from 1.42.96 to 1.42.97
- [Release notes](https://github.com/boto/boto3/releases)
- [Commits](boto/boto3@1.42.96...1.42.97)

Updates `azure-storage-blob` from 12.27.1 to 12.28.0
- [Release notes](https://github.com/Azure/azure-sdk-for-python/releases)
- [Commits](Azure/azure-sdk-for-python@azure-storage-blob_12.27.1...azure-storage-blob_12.28.0)

Updates `responses` from 0.21.0 to 0.26.0
- [Release notes](https://github.com/getsentry/responses/releases)
- [Changelog](https://github.com/getsentry/responses/blob/master/CHANGES)
- [Commits](getsentry/responses@0.21.0...0.26.0)

Updates `botocore` from 1.42.96 to 1.42.97
- [Commits](boto/botocore@1.42.96...1.42.97)

Updates `urllib3` from 1.26.20 to 2.6.3
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst)
- [Commits](urllib3/urllib3@1.26.20...2.6.3)

Updates `mpmath` from 1.3.0 to 1.4.1
- [Release notes](https://github.com/mpmath/mpmath/releases)
- [Changelog](https://github.com/mpmath/mpmath/blob/1.4.1/CHANGES)
- [Commits](mpmath/mpmath@1.3.0...1.4.1)

Updates `textual` from 8.2.4 to 8.2.5
- [Release notes](https://github.com/Textualize/textual/releases)
- [Changelog](https://github.com/Textualize/textual/blob/main/CHANGELOG.md)
- [Commits](Textualize/textual@v8.2.4...v8.2.5)

Updates `virtualenv` from 21.2.4 to 21.3.0
- [Release notes](https://github.com/pypa/virtualenv/releases)
- [Changelog](https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst)
- [Commits](pypa/virtualenv@21.2.4...21.3.0)

---
updated-dependencies:
- dependency-name: pymongo
  dependency-version: 4.17.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: paramiko
  dependency-version: 4.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: boto3
  dependency-version: 1.42.97
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: azure-storage-blob
  dependency-version: 12.28.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: responses
  dependency-version: 0.26.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: botocore
  dependency-version: 1.42.97
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: urllib3
  dependency-version: 2.6.3
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: mpmath
  dependency-version: 1.4.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: textual
  dependency-version: 8.2.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: virtualenv
  dependency-version: 21.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels May 1, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants