Skip to content

chore(deps): bump the python-dependencies group with 5 updates#96

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/python-dependencies-4dc3071022
Open

chore(deps): bump the python-dependencies group with 5 updates#96
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/python-dependencies-4dc3071022

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Jun 2, 2026

Bumps the python-dependencies group with 5 updates:

Package From To
idna 3.16 3.18
openai 2.38.0 2.40.0
openai-agents 0.17.3 0.17.4
starlette 1.1.0 1.2.1
ruff 0.15.14 0.15.15

Updates idna from 3.16 to 3.18

Changelog

Sourced from idna's changelog.

3.18 (2026-06-02)

  • When decoding a domain, add a display argument that will pass through invalid labels rather than raising an exception.

3.17 (2026-05-28)

  • Substantial 75% reduction in memory usage through new data structures and some optimization in processing speed.
  • Added a general 1024-character input length cap to the public validation, conversion, and codec entry points. This is well above any legitimate domain or label and guards against pathological inputs.
Commits
  • f39ea90 Release 3.18
  • 40f4e40 Pre-release 3.18rc0
  • 1a5bf80 Merge pull request #253 from kjd/lenient-decode
  • 5bbb26f Merge branch 'master' into lenient-decode
  • c532bae Rename decode() lenient= option to display= (issue #248)
  • 0b1758b Merge pull request #252 from kjd/release-3.17
  • f48619c Release 3.17
  • 7421ba8 Pre-release 3.17rc0
  • 22ebb73 Merge pull request #251 from kjd/structure-optimizations
  • 2a7ac0a Drop redundant parallel-arrays comment from uts46data
  • Additional commits viewable in compare view

Updates openai from 2.38.0 to 2.40.0

Release notes

Sourced from openai's releases.

v2.40.0

2.40.0 (2026-06-01)

Full Changelog: v2.39.0...v2.40.0

Features

  • api: Add Amazon Bedrock Responses support

Bug Fixes

  • api: allow setting bedrock api keys on the client directly (4d5bfde)

v2.39.0

2.39.0 (2026-06-01)

Full Changelog: v2.38.0...v2.39.0

Features

  • api: workload identity in audit logs, additional_tools item in responses, fix ActionSearch.query to be optional. (ab60d7a)
Changelog

Sourced from openai's changelog.

2.40.0 (2026-06-01)

Full Changelog: v2.39.0...v2.40.0

Features

  • api: Add Amazon Bedrock Responses support

Bug Fixes

  • api: allow setting bedrock api keys on the client directly (4d5bfde)

2.39.0 (2026-06-01)

Full Changelog: v2.38.0...v2.39.0

Features

  • api: workload identity in audit logs, additional_tools item in responses, fix ActionSearch.query to be optional. (ab60d7a)
Commits
  • a28a3f6 Merge pull request #3352 from openai/release-please--branches--main--changes-...
  • db6ccaf Update CHANGELOG.md
  • 2264f70 release: 2.40.0
  • 4d5bfde fix(api): allow setting bedrock api keys on the client directly
  • ccef143 Merge pull request #3326 from openai/codex/bedrock-responses-review
  • a50ff0a Fix Bedrock with_options overrides
  • fdf4901 codegen metadata
  • e4bccc7 release: 2.39.0
  • 268de68 feat(api): workload identity in audit logs, additional_tools item in response...
  • 8be32d3 [codex] Add Amazon Bedrock provider support
  • Additional commits viewable in compare view

Updates openai-agents from 0.17.3 to 0.17.4

Release notes

Sourced from openai-agents's releases.

v0.17.4

What's Changed

Documentation & Other Changes

New Contributors

Full Changelog: openai/openai-agents-python@v0.17.3...v0.17.4

Commits
  • 6d5b888 Release 0.17.4 (#3505)
  • 9a92ea4 Support Realtime custom voice objects (#3473)
  • fedc809 fix: export MCPListToolsItem, ToolSearchCallItem, and ToolSearchOutputItem fr...
  • 573530f fix: export more tracing related functions & types from agents (#3489)
  • 813a003 fix: redact invalid JSON payload in ModelBehaviorError data (#3485)
  • eda7b51 fix: add missing entries to span slots (#3483)
  • 45effb4 fix: #3459 add opt-in recovery for missing function tools (#3461)
  • 9303389 fix: use non-None value for output in FunctionSpanData (#3475)
  • 9514473 fix: apply hardened http client default to MCP SSE transport (#3466)
  • 445ad22 docs: add SECURITY.md in the same way with openai-agents-js repo
  • See full diff in compare view

Updates starlette from 1.1.0 to 1.2.1

Release notes

Sourced from starlette's releases.

Version 1.2.1

What's Changed

New Contributors

Full Changelog: Kludex/starlette@1.2.0...1.2.1

Version 1.2.0

What's Changed

Full Changelog: Kludex/starlette@1.1.0...1.2.0

Changelog

Sourced from starlette's changelog.

1.2.1 (May 31, 2026)

Fixed

  • Use httpx2 for type checking in the testclient module #3304.
  • Add assert error for requires() when the request parameter is not a Request type #3298.

1.2.0 (May 28, 2026)

Added

  • Support httpx2 in the test client #3291.
Commits
  • ef773fe Version 1.2.1 (#3306)
  • 3fc68a7 Add sponsors section to docs sidebar (#3305)
  • b053f7b chore(deps): bump the python-packages group across 1 directory with 6 updates...
  • 1478775 Add assert error for requires() when request param is not Request type (#3298)
  • 6576547 Describe disconnected-after-response behavior in test docstring (#3243)
  • 9cb1553 Use same module (httpx|httpx2) for type checking as for runtime (#3304)
  • 4060987 Version 1.2.0 (#3300)
  • 1e289ca Migrate docs deploy from Cloudflare Pages to Workers Static Assets (#3282)
  • 100f05a Add httpx2 as a dev dependency (#3295)
  • 508023b Support httpx2 in the test client (#3291)
  • See full diff in compare view

Updates ruff from 0.15.14 to 0.15.15

Release notes

Sourced from ruff's releases.

0.15.15

Release Notes

Released on 2026-05-28.

Preview features

  • Fix Markdown closing fence handling (#25310)
  • [pyflakes] Report duplicate imports in typing.TYPE_CHECKING block (F811) (#22560)

Bug fixes

  • [pyflakes] Treat function-scope bare annotations as locals per PEP 526 (F821) (#21540)

Performance

  • Avoid redundant TokenValue drops in the lexer (#25300)
  • Reduce memory usage by dropping token-excess capacity and improve performance by approximating the initial tokens Vec size (#25354)
  • Use ThinVec in AST to shrink Stmt (#25361)

Documentation

  • Fix line-length example for --config option (#25389)
  • [flake8-comprehensions] Document RecursionError edge case in __len__ (C416) (#25286)
  • [mccabe] Improve example (C901) (#25287)
  • [pyupgrade] Clarify fix safety docs (UP007, UP045) (#25288)
  • [refurb] Document FURB192 exception change for empty sequences (#25317)
  • [ruff] Document false negative for user-defined types (RUF013) (#25289)

Formatter

  • Fix formatting of lambdas nested within f-strings (#25398)

Server

  • Return code action for codeAction/resolve requests that contain no or no valid URL (#25365)

Other changes

  • Expand semantic syntax errors for invalid walruses (#25415)

Contributors

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.15

Released on 2026-05-28.

Preview features

  • Fix Markdown closing fence handling (#25310)
  • [pyflakes] Report duplicate imports in typing.TYPE_CHECKING block (F811) (#22560)

Bug fixes

  • [pyflakes] Treat function-scope bare annotations as locals per PEP 526 (F821) (#21540)

Performance

  • Avoid redundant TokenValue drops in the lexer (#25300)
  • Reduce memory usage by dropping token-excess capacity and improve performance by approximating the initial tokens Vec size (#25354)
  • Use ThinVec in AST to shrink Stmt (#25361)

Documentation

  • Fix line-length example for --config option (#25389)
  • [flake8-comprehensions] Document RecursionError edge case in __len__ (C416) (#25286)
  • [mccabe] Improve example (C901) (#25287)
  • [pyupgrade] Clarify fix safety docs (UP007, UP045) (#25288)
  • [refurb] Document FURB192 exception change for empty sequences (#25317)
  • [ruff] Document false negative for user-defined types (RUF013) (#25289)

Formatter

  • Fix formatting of lambdas nested within f-strings (#25398)

Server

  • Return code action for codeAction/resolve requests that contain no or no valid URL (#25365)

Other changes

  • Expand semantic syntax errors for invalid walruses (#25415)

Contributors

Commits
  • db5aa0a Bump 0.15.15 (#25431)
  • 366fe21 [ty] Improve diagnostics for syntax errors in forward annotations (#25158)
  • e2e1e64 [ty] Remove excess capacity from more Salsa cached collections (#25411)
  • 1bd77e1 [ty] Use diagnostic message as tie breaker when sorting (#25424)
  • 7e1bc1e Add agent skills for working on ty (#25422)
  • 574e107 Expand semantic syntax errors for invalid walruses (#25415)
  • 4a7ca06 [ty] Display docs for matching parameter when hovering over the name of an ar...
  • 5432709 Refine a few agents instructions (#25423)
  • 3cb09eb [ty] Support typing.TypeForm (#25334)
  • c8cd59f [ty] Infer class attributes assigned by metaclass initialization (#25342)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the python-dependencies group with 5 updates
660644f 
Bumps the python-dependencies group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [idna](https://github.com/kjd/idna) | `3.16` | `3.18` |
| [openai](https://github.com/openai/openai-python) | `2.38.0` | `2.40.0` |
| [openai-agents](https://github.com/openai/openai-agents-python) | `0.17.3` | `0.17.4` |
| [starlette](https://github.com/Kludex/starlette) | `1.1.0` | `1.2.1` |
| [ruff](https://github.com/astral-sh/ruff) | `0.15.14` | `0.15.15` |


Updates `idna` from 3.16 to 3.18
- [Release notes](https://github.com/kjd/idna/releases)
- [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.md)
- [Commits](kjd/idna@v3.16...v3.18)

Updates `openai` from 2.38.0 to 2.40.0
- [Release notes](https://github.com/openai/openai-python/releases)
- [Changelog](https://github.com/openai/openai-python/blob/main/CHANGELOG.md)
- [Commits](openai/openai-python@v2.38.0...v2.40.0)

Updates `openai-agents` from 0.17.3 to 0.17.4
- [Release notes](https://github.com/openai/openai-agents-python/releases)
- [Changelog](https://github.com/openai/openai-agents-python/blob/main/docs/release.md)
- [Commits](openai/openai-agents-python@v0.17.3...v0.17.4)

Updates `starlette` from 1.1.0 to 1.2.1
- [Release notes](https://github.com/Kludex/starlette/releases)
- [Changelog](https://github.com/Kludex/starlette/blob/main/docs/release-notes.md)
- [Commits](Kludex/starlette@1.1.0...1.2.1)

Updates `ruff` from 0.15.14 to 0.15.15
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.14...0.15.15)

---
updated-dependencies:
- dependency-name: idna
  dependency-version: '3.18'
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-dependencies
- dependency-name: openai
  dependency-version: 2.40.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-dependencies
- dependency-name: openai-agents
  dependency-version: 0.17.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-dependencies
- dependency-name: starlette
  dependency-version: 1.2.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-dependencies
- dependency-name: ruff
  dependency-version: 0.15.15
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: python-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Jun 2, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants