Bump the pip group across 1 directory with 13 updates by dependabot[bot] · Pull Request #134 · davewalker5/ADS-B-BaseStationReader

dependabot · 2026-05-13T13:03:16Z

Bumps the pip group with 13 updates in the /reports directory:

Package	From	To
fonttools	`4.60.1`	`4.60.2`
jupyter-server	`2.17.0`	`2.18.0`
jupyterlab	`4.4.9`	`4.5.7`
mistune	`3.1.4`	`3.2.1`
nbconvert	`7.16.6`	`7.17.1`
notebook	`7.4.7`	`7.5.6`
orjson	`3.11.3`	`3.11.6`
pillow	`11.3.0`	`12.2.0`
pytest	`8.4.2`	`9.0.3`
requests	`2.32.5`	`2.33.0`
sqlparse	`0.5.3`	`0.5.4`
tornado	`6.5.2`	`6.5.5`
urllib3	`2.5.0`	`2.7.0`

Updates fonttools from 4.60.1 to 4.60.2

Release notes

Sourced from fonttools's releases.

4.60.2

Backport release Same as 4.61.0 but without "Drop support for EOL Python 3.9" change to allow downstream projects still on Python 3.9 to avail of the security fix for CVE-2025-66034 (#3994, #3999).

Changelog

Sourced from fonttools's changelog.

4.60.2 (released 2025-12-09)

Backport release Same as 4.61.0 but without "Drop support for EOL Python 3.9" change to allow downstream projects still on Python 3.9 to avail of the security fix for CVE-2025-66034 (#3994, #3999).

4.61.0 (released 2025-11-28)

[varLib.main]: SECURITY Only use basename(vf.filename) to prevent path traversal attacks when running fonttools varLib command, or code which invokes fonttools.varLib.main(). Fixes CVE-2025-66034, see: GHSA-768j-98cg-p3fv.

[feaLib] Sort BaseLangSysRecords by tag (#3986).

Drop support for EOL Python 3.9 (#3982).

[instancer] Support --remove-overlaps for fonts with CFF2 table (#3975).

[CFF2ToCFF] Add --remove-overlaps option (#3976).

[feaLib] Raise an error for rsub with NULL target (#3979).

[bezierTools] Fix logic bug in curveCurveIntersections (#3963).

[feaLib] Error when condition sets have the same name (#3958).

[cu2qu.ufo] skip processing empty glyphs to support sparse kerning masters (#3956).

[unicodedata] Update to Unicode 17. Require unicodedata2 >= 17.0.0 when installed with 'unicode' extra.

Commits

78ba5e8 Release 4.60.2
c3f9979 macos-13 runner is no more, use macos-15-intel
8016403 Revert "Merge pull request #3982 from fonttools/drop-py39"
e691e3b Release 4.61.0
c2d540f Update NEWS.rst
3859753 Update NEWS.rst
26eb070 black
5ff73af Merge commit from fork
a696d5b varLib: only use the basename(vf.filename)
b00bc45 varLib_test: test path traversal in variable-font filename
Additional commits viewable in compare view

Updates jupyter-server from 2.17.0 to 2.18.0

Release notes

Sourced from jupyter-server's releases.

v2.18.0

2.18.0

(Full Changelog)

Security patches

CVE-2026-40110 GHSA-24qx-w28j-9m6p

CVE-2025-61669 GHSA-qh7q-6qm3-653w

CVE-2026-40934 GHSA-5mrq-x3x5-8v8f

CVE-2026-35397 GHSA-5789-5fc7-67v3

API and Breaking Changes

Add query param to sanitize HTML in GET /nbconvert/html #1618 (@Yann-P, @Carreau)

Enhancements made

Update handlers.py to fix ioloop blockers(sync file operations) #1617 (@zolyfarkas-fb, @Carreau)

Add resolvePath API for resolving kernel-relative paths #1331 (@krassowski, @Carreau, @blink1073)

Bugs fixed

Move check origin into a util function and add it to websocket #1630 (@Carreau, @Yann-P)

Fix flaky test_restart_kernel by unsticking nudge() after port-changing restart #1628 (@Carreau, @claude, @krassowski)

Try to fix flaky test "test_restart_kernel" #1625 (@Carreau)

Fix potential unraisable pytest error #1624 (@Carreau)

fix: use %s placeholders in HTTPError to prevent Tornado from doubling % in gateway URLs #1620 (@terminalchai, @krassowski, @ptch314)

Fix three file descriptor leaks in kernel connection lifecycle (#1506) #1619 (@tonyx93, @Carreau)

Use web.HTTPError for kernel restart failures #1616 (@YDawn, @Carreau)

Handle EADDRINUSE and EACCES in _bind_http_server_tcp #1613 (@YDawn, @Zsailer, @minrk)

Use st_birthtime for file created timestamp on macOS/BSD #1594 (@ktaletsk, @krassowski, @minrk)

Fix double write when refusing hidden files in contents handler #1585 (@Krish-876, @minrk)

Close all sockets in _find_http_port explicitly #1584 (@MaryushSoroka, @minrk)

Fix writing on remote file systems with attribute cache #1574 (@krassowski, @Zsailer)

Add IdentityProvider.cookie_secret_hook #1569 (@emin63, @minrk)

fix context pollution #1561 (@dualc, @Zsailer)

Fix gateway cookie handling #1558 (@kevin-bates, @RRosio, @lresende, @minrk)

fix connection exception cause high cpu load #1484 (@dualc, @lresende, @minrk)

Maintenance and upkeep improvements

Start to test on Python 3.13 and 3.14 #1623 (@Carreau)

Bump actions/create-github-app-token from 2 to 3 in the actions group across 1 directory #1621 (@Carreau)

Bump brace-expansion from 1.1.12 to 1.1.13 #1615 (@minrk)

Fix package spec for jupytext #1614 (@krassowski, @Zsailer)

chore: update pre-commit hooks #1607 (@minrk)

try to fix ci on windows #1600 (@minrk, @krassowski)

run prerelease tests on 3.14 #1599 (@minrk)

Pin sphinx to an older version (<9) to fix docs #1597 (@krassowski, @minrk)

... (truncated)

Changelog

Sourced from jupyter-server's changelog.

2.18.0

(Full Changelog)

API and Breaking Changes

Add query param to sanitize HTML in GET /nbconvert/html #1618 (@Yann-P, @Carreau)

Enhancements made

Update handlers.py to fix ioloop blockers(sync file operations) #1617 (@zolyfarkas-fb, @Carreau)

Avoid redundant call to _get_os_path in _dir_model #1547 (@joeyutong, @vidartf)

Allow specifying extra params to scrub from logs #1538 (@jtpio, @Zsailer, @vidartf)

Add a logger to the ExtensionPoint API #1523 (@Zsailer, @vidartf)

Allow user to update identity values #1518 (@brichet, @minrk)

If ServerApp.ip is ipv6 use [::1] as local_url #1495 (@manics, @afshin)

Better error message when starting kernel for session. #1478 (@Carreau, @davidbrochart, @krassowski, @minrk)

Add a traitlet to disable recording HTTP request metrics #1472 (@yuvipanda, @Zsailer)

prometheus: Expose 3 activity metrics #1471 (@yuvipanda, @Zsailer)

Add prometheus info metrics listing server extensions + versions #1470 (@yuvipanda, @Zsailer)

Add prometheus metric with version information #1467 (@yuvipanda, @Zsailer)

Don't hide .so,.dylib files by default #1457 (@nokados, @krassowski, @minrk, @vidartf)

Better hash format error message #1442 (@fcollonval, @Zsailer)

Removing excessive logging from reading local files #1420 (@lresende, @kevin-bates)

Add async start hook to ExtensionApp API #1417 (@Zsailer, @Darshan808, @bollwyvl, @fcollonval, @krassowski)

Do not include token in dashboard link, when available #1406 (@minrk, @blink1073)

Add an option to have authentication enabled for all endpoints by default #1392 (@krassowski, @Wh1isper, @blink1073, @bollwyvl, @minrk, @yuvipanda)

websockets: add configurations for ping interval and timeout #1391 (@oliver-sanders, @blink1073)

log extension import time at debug level unless it's actually slow #1375 (@minrk, @Zsailer, @yuvipanda)

Add support for async Authorizers (part 2) #1374 (@Zsailer, @blink1073)

Support async Authorizers #1373 (@Zsailer, @blink1073)

Support get file(notebook) md5 #1363 (@Wh1isper, @blink1073, @bollwyvl, @krassowski)

Update kernel env to reflect changes in session #1354 (@blink1073, @Carreau, @krassowski)

Add resolvePath API for resolving kernel-relative paths #1331 (@krassowski, @Carreau, @blink1073)

Bugs fixed

Move check origin into a util function and add it to websocket #1630 (@Carreau, @Yann-P)

Fix flaky test_restart_kernel by unsticking nudge() after port-changing restart #1628 (@Carreau, @claude, @krassowski)

Try to fix flaky test "test_restart_kernel" #1625 (@Carreau)

Fix potential unraisable pytest error #1624 (@Carreau)

fix: use %s placeholders in HTTPError to prevent Tornado from doubling % in gateway URLs #1620 (@terminalchai, @krassowski, @ptch314)

Fix three file descriptor leaks in kernel connection lifecycle (#1506) #1619 (@tonyx93, @Carreau)

Use web.HTTPError for kernel restart failures #1616 (@YDawn, @Carreau)

Handle EADDRINUSE and EACCES in _bind_http_server_tcp #1613 (@YDawn, @Zsailer, @minrk)

Use st_birthtime for file created timestamp on macOS/BSD #1594 (@ktaletsk, @krassowski, @minrk)

Fix double write when refusing hidden files in contents handler #1585 (@Krish-876, @minrk)

Close all sockets in _find_http_port explicitly #1584 (@MaryushSoroka, @minrk)

Fix writing on remote file systems with attribute cache #1574 (@krassowski, @Zsailer)

Add IdentityProvider.cookie_secret_hook #1569 (@emin63, @minrk)

... (truncated)

Commits

0ceed45 Publish 2.18.0
49b3439 Move check origin into a util function and add it to websocket (#1630)
e2e08c8 Add test case for bad next URL format
624d6c0 Delete outdated patch code
d825b93 Apply suggestion from @minrk
789fed0 patch open redirect in /login
2ee51ec fix(CVE-2026-35397): path traversal when target dir starts with root dir
057869a Fix allow_origin_pat to do full matching instead of prefix matching
4862199 Add resolvePath API for resolving kernel-relative paths
e31d514 Bump actions/create-github-app-token from 2 to 3 in the actions group across ...
Additional commits viewable in compare view

Updates jupyterlab from 4.4.9 to 4.5.7

Release notes

Sourced from jupyterlab's releases.

v4.5.7

4.5.7

(Full Changelog)

Security patches

CVE-2026-42557 GHSA-mqcg-5x36-vfcg

CVE-2026-42266 GHSA-37w4-hwhx-4rc4

CVE-2026-40171 GHSA-rch3-82jr-f9w9

Bugs fixed

Video and Audio Content Providers: Fix JupyterLite support #18652 (@martinRenou)

Fix notebook hang when dropping cells #18808 (@MUFFANUJ)

Fix Contextual Help keyboard shortcut reliability and menu Help functionality #18747 (@itsmejay80)

Fix focusing input element when opening a dialog from Command Palette #18735 (@Carreau)

Fix native context menu blocked even when context menu is suppressed #18753 (@utsav-develops)

Fix flaky toolbar item placement in popup #18618 (@filipeoliveira05)

Update terminal default font family to honor macOS system-wide ui-monospace #18647 (@flaviomartins)

Maintenance and upkeep improvements

Fix linting issue #18819 (@krassowski)

Fix syntax for Python 3.9 on 4.5.x branch #18817 (@krassowski)

Remove unused CodeMirror v5 CSS rule #18785 (@Carreau)

Remove unused CSS rule forgotten after CodeMirror migration #18763 (@Carreau)

Remove unused progress bar CSS rule in execution indicator #18759 (@Carreau)

Remove dead .jp-VariableRenderer-TrustButton CSS rule #18762 (@Carreau)

Remove used .jp-Cell-Placeholder CSS rules #18761 (@Carreau)

Documentation improvements

Fix name of option for extension manager implementation in docs #18788 (@krassowski)

Remove 4.5.0 announcement from docs #18740 (@krassowski)

Contributors to this release

The following people contributed discussions, new ideas, code and documentation contributions, and review. See our definition of contributors.

(GitHub contributors page for this release)

@Carreau (activity) | @filipeoliveira05 (activity) | @flaviomartins (activity) | @itsmejay80 (activity) | @jtpio (activity) | @krassowski (activity) | @martinRenou (activity) | @MUFFANUJ (activity) | @utsav-develops (activity)

v4.5.6

4.5.6

... (truncated)

Commits

f514041 [ci skip] Publish 4.5.7
66fe9ad Backport PR #18652 on branch 4.5.x (Video and Audio Content Providers: Fix Ju...
f4455fa Fix syntax for Python 3.9 on 4.5.x branch (#18817)
d2322b5 Backport PR #18819 on branch 4.5.x (Fix linting issue) (#18820)
5d9cb8c Merge commit from fork
1de120b Merge commit from fork
6926100 Backport PR #18808 on branch 4.5.x (Fix notebook hang when dropping cells) (#...
67e6e88 Backport PR #18647 on branch 4.5.x (Update default font family to honor macOS...
bf21eb9 Backport PR #18747 on branch 4.5.x (Fix Contextual Help keyboard shortcut rel...
73cafa5 Backport PR #18788 on branch 4.5.x (Fix name of option for extension manager ...
Additional commits viewable in compare view

Updates mistune from 3.1.4 to 3.2.1

Release notes

Sourced from mistune's releases.

v3.2.1

   🐞 Bug Fixes

Resolve Windows compatibility issues in file inclusion and tests - by @Yuki9814 (25471)

Escape html text - by @lepture (a3cb6)

Update link reference - by @lepture (85eb5)

Handle escaped dollar signs in inline math - by @saschabuehrle in lepture/mistune#370 (7bd57)

Escape id of toc - by @lepture (04880)

Escape id of headings - by @lepture (28556)

Remove double-encoding of image alt text - by @lawrence3699 (0d6f3)

Escape xml for math plugin - by @lepture (5fa09)

Use strict regex for image's height and width - by @lepture (8d0cb)

    View changes on GitHub

v3.2.0

   🚀 Features

Support footnotes that start on the next line. - by @kylechui (2677e)

Properly handle code blocks inside footnotes. - by @kylechui (0516c)

Support python 3.14 - by @lepture (7e0eb)

   🐞 Bug Fixes

Render ref links and footnotes in footnotes. - by @lepture (bd90e)

Render ref links in TOC. - by @lemon24 (a0a01)

Update typing for mypy upgrades - by @lepture (8d49c)

Render correct html for footnotes - by @lepture (9b622)

    View changes on GitHub

Changelog

Sourced from mistune's changelog.

Version 3.2.1

Released on May 3, 2026

Escape link in render_toc_ul.

Escape text in math plugin.

Fix regex for math plugin.

Escape heading's ID attribute.

Fix LINK_TITLE_RE to prevent DoS.

Escape class attribute for admonition directive.

Remove double-encoding of image alt text.

Escape class attribute for image directive.

Fix width/height attribute for image directive.

Version 3.2.0

Released on Dec 23, 2025

Announce supports for python 3.14

Fix footnotes plugins for code blocks, ref links, blockquote and etc.

Fix ref links in TOC.

Commits

067f908 chore: release 3.2.1
bf55030 Merge pull request #438 from saschabuehrle/fix/issue-370
8d0cb75 fix: use strict regex for image's height and width
5fa092e fix: escape xml for math plugin
71ec947 Merge pull request #440 from lawrence3699/fix/image-alt-double-encoding
0d6f3d8 fix: remove double-encoding of image alt text
2855622 fix: escape id of headings
04880a0 fix: escape id of toc
7bd5709 fix: handle escaped dollar signs in inline math (fixes #370)
85eb54f fix: update link reference
Additional commits viewable in compare view

Updates nbconvert from 7.16.6 to 7.17.1

Release notes

Sourced from nbconvert's releases.

v7.17.1

7.17.1

This is a security release, fixing two CVEs:

CVE-2026-39377

CVE-2026-39378

(full advisories will be published seven days after release, on 2026-04-14).

(Full Changelog)

Enhancements made

Allow configureable WebPDF JavaScript processing timeout #2250 (@timkpaine, @Carreau)

Bugs fixed

Fix PermissionError when checking template paths on shared filesystems #2252 (@ctcjab, @krassowski)

Tweak webpdf template logic to fix duplicate extension problem #2249 (@timkpaine, @Carreau)

Maintenance and upkeep improvements

specify python version for pre #2276 (@minrk, @krassowski)

Contributors to this release

The following people contributed discussions, new ideas, code and documentation contributions, and review. See our definition of contributors.

(GitHub contributors page for this release)

@akhmerov (activity) | @bollwyvl (activity) | @Carreau (activity) | @ctcjab (activity) | @davidbrochart (activity) | @Ken-B (activity) | @krassowski (activity) | @mgeier (activity) | @minrk (activity) | @mpacer (activity) | @MSeal (activity) | @SylvainCorlay (activity) | @takluyver (activity) | @timkpaine (activity)

v7.17.0

7.17.0

(Full Changelog)

Enhancements made

Add support for arbitrary browser arguments #2227 (@shreve, @Carreau, @krassowski)

Bugs fixed

Fix QtPNGExporter returning empty bytes on macOS #2264 (@h3pdesign, @Carreau, @QuLogic)

... (truncated)

Changelog

Sourced from nbconvert's changelog.

7.17.1

This is a security release, fixing two CVEs:

CVE-2026-39377

CVE-2026-39378

(full advisories will be published seven days after release, on 2026-04-14).

(Full Changelog)

Enhancements made

Allow configureable WebPDF JavaScript processing timeout #2250 (@timkpaine, @Carreau)

Bugs fixed

Fix PermissionError when checking template paths on shared filesystems #2252 (@ctcjab, @krassowski)

Tweak webpdf template logic to fix duplicate extension problem #2249 (@timkpaine, @Carreau)

Maintenance and upkeep improvements

specify python version for pre #2276 (@minrk, @krassowski)

Contributors to this release

The following people contributed discussions, new ideas, code and documentation contributions, and review. See our definition of contributors.

(GitHub contributors page for this release)

@akhmerov (activity) | @bollwyvl (activity) | @Carreau (activity) | @ctcjab (activity) | @davidbrochart (activity) | @Ken-B (activity) | @krassowski (activity) | @mgeier (activity) | @minrk (activity) | @mpacer (activity) | @MSeal (activity) | @SylvainCorlay (activity) | @takluyver (activity) | @timkpaine (activity)

7.17.0

(Full Changelog)

Enhancements made

Add support for arbitrary browser arguments #2227 (@shreve, @Carreau, @krassowski)

Bugs fixed

Fix QtPNGExporter returning empty bytes on macOS #2264 (@h3pdesign, @Carreau, @QuLogic)

Fix CVE-2025-53000: Secure Inkscape Windows path (registry first + block CWD) #2261 (@h3pdesign, @krassowski, @mberlanda, @minrk, @salmankadaya, @th3gowtham)

Fix get_export_names and get_exporter default args #2228 (@shreve, @krassowski)

PyPA-Compliant Summary #2226 (@hackowitz-af, @Carreau)

... (truncated)

Commits

78ed308 Publish 7.17.1
f090a64 ruff format
b3b6ec0 chore: update pre-commit hooks (#2277)
be4841f ignore silly security lint in tests
26d57b2 fix type annotation on Lexer
0e6b8cc Merge commit from fork
ba5e5cd Merge commit from fork
1db0c88 Specify python version for pre (#2276)
7473fc3 chore: update pre-commit hooks (#2242)
4322f7f Bump the actions group across 1 directory with 2 updates (#2273)
Additional commits viewable in compare view

Updates notebook from 7.4.7 to 7.5.6

Release notes

Sourced from notebook's releases.

v7.5.6

7.5.6

(Full Changelog)

Security patches

CVE-2026-42557 GHSA-mqcg-5x36-vfcg

CVE-2026-40171 GHSA-rch3-82jr-f9w9

Maintenance and upkeep improvements

Update to JupyterLab v4.5.7 #7902 (@jtpio)

Documentation improvements

docs: Fix broken links in troubleshooting and migration docs #7824 (@RamiNoodle733)

Contributors to this release

The following people contributed discussions, new ideas, code and documentation contributions, and review. See

Bumps the pip group with 13 updates in the /reports directory: | Package | From | To | | --- | --- | --- | | [fonttools](https://github.com/fonttools/fonttools) | `4.60.1` | `4.60.2` | | [jupyter-server](https://github.com/jupyter-server/jupyter_server) | `2.17.0` | `2.18.0` | | [jupyterlab](https://github.com/jupyterlab/jupyterlab) | `4.4.9` | `4.5.7` | | [mistune](https://github.com/lepture/mistune) | `3.1.4` | `3.2.1` | | [nbconvert](https://github.com/jupyter/nbconvert) | `7.16.6` | `7.17.1` | | [notebook](https://github.com/jupyter/notebook) | `7.4.7` | `7.5.6` | | [orjson](https://github.com/ijl/orjson) | `3.11.3` | `3.11.6` | | [pillow](https://github.com/python-pillow/Pillow) | `11.3.0` | `12.2.0` | | [pytest](https://github.com/pytest-dev/pytest) | `8.4.2` | `9.0.3` | | [requests](https://github.com/psf/requests) | `2.32.5` | `2.33.0` | | [sqlparse](https://github.com/andialbrecht/sqlparse) | `0.5.3` | `0.5.4` | | [tornado](https://github.com/tornadoweb/tornado) | `6.5.2` | `6.5.5` | | [urllib3](https://github.com/urllib3/urllib3) | `2.5.0` | `2.7.0` | Updates `fonttools` from 4.60.1 to 4.60.2 - [Release notes](https://github.com/fonttools/fonttools/releases) - [Changelog](https://github.com/fonttools/fonttools/blob/main/NEWS.rst) - [Commits](fonttools/fonttools@4.60.1...4.60.2) Updates `jupyter-server` from 2.17.0 to 2.18.0 - [Release notes](https://github.com/jupyter-server/jupyter_server/releases) - [Changelog](https://github.com/jupyter-server/jupyter_server/blob/main/CHANGELOG.md) - [Commits](jupyter-server/jupyter_server@v2.17.0...v2.18.0) Updates `jupyterlab` from 4.4.9 to 4.5.7 - [Release notes](https://github.com/jupyterlab/jupyterlab/releases) - [Changelog](https://github.com/jupyterlab/jupyterlab/blob/main/RELEASE.md) - [Commits](https://github.com/jupyterlab/jupyterlab/compare/@jupyterlab/lsp@4.4.9...@jupyterlab/lsp@4.5.7) Updates `mistune` from 3.1.4 to 3.2.1 - [Release notes](https://github.com/lepture/mistune/releases) - [Changelog](https://github.com/lepture/mistune/blob/main/docs/changes.rst) - [Commits](lepture/mistune@v3.1.4...v3.2.1) Updates `nbconvert` from 7.16.6 to 7.17.1 - [Release notes](https://github.com/jupyter/nbconvert/releases) - [Changelog](https://github.com/jupyter/nbconvert/blob/main/CHANGELOG.md) - [Commits](jupyter/nbconvert@v7.16.6...v7.17.1) Updates `notebook` from 7.4.7 to 7.5.6 - [Release notes](https://github.com/jupyter/notebook/releases) - [Changelog](https://github.com/jupyter/notebook/blob/@jupyter-notebook/tree@7.5.6/CHANGELOG.md) - [Commits](https://github.com/jupyter/notebook/compare/@jupyter-notebook/tree@7.4.7...@jupyter-notebook/tree@7.5.6) Updates `orjson` from 3.11.3 to 3.11.6 - [Release notes](https://github.com/ijl/orjson/releases) - [Changelog](https://github.com/ijl/orjson/blob/master/CHANGELOG.md) - [Commits](ijl/orjson@3.11.3...3.11.6) Updates `pillow` from 11.3.0 to 12.2.0 - [Release notes](https://github.com/python-pillow/Pillow/releases) - [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst) - [Commits](python-pillow/Pillow@11.3.0...12.2.0) Updates `pytest` from 8.4.2 to 9.0.3 - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst) - [Commits](pytest-dev/pytest@8.4.2...9.0.3) Updates `requests` from 2.32.5 to 2.33.0 - [Release notes](https://github.com/psf/requests/releases) - [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md) - [Commits](psf/requests@v2.32.5...v2.33.0) Updates `sqlparse` from 0.5.3 to 0.5.4 - [Changelog](https://github.com/andialbrecht/sqlparse/blob/master/CHANGELOG) - [Commits](andialbrecht/sqlparse@0.5.3...0.5.4) Updates `tornado` from 6.5.2 to 6.5.5 - [Changelog](https://github.com/tornadoweb/tornado/blob/master/docs/releases.rst) - [Commits](tornadoweb/tornado@v6.5.2...v6.5.5) Updates `urllib3` from 2.5.0 to 2.7.0 - [Release notes](https://github.com/urllib3/urllib3/releases) - [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst) - [Commits](urllib3/urllib3@2.5.0...2.7.0) --- updated-dependencies: - dependency-name: fonttools dependency-version: 4.60.2 dependency-type: direct:production dependency-group: pip - dependency-name: jupyter-server dependency-version: 2.18.0 dependency-type: direct:production dependency-group: pip - dependency-name: jupyterlab dependency-version: 4.5.7 dependency-type: direct:production dependency-group: pip - dependency-name: mistune dependency-version: 3.2.1 dependency-type: direct:production dependency-group: pip - dependency-name: nbconvert dependency-version: 7.17.1 dependency-type: direct:production dependency-group: pip - dependency-name: notebook dependency-version: 7.5.6 dependency-type: direct:production dependency-group: pip - dependency-name: orjson dependency-version: 3.11.6 dependency-type: direct:production dependency-group: pip - dependency-name: pillow dependency-version: 12.2.0 dependency-type: direct:production dependency-group: pip - dependency-name: pytest dependency-version: 9.0.3 dependency-type: direct:production dependency-group: pip - dependency-name: requests dependency-version: 2.33.0 dependency-type: direct:production dependency-group: pip - dependency-name: sqlparse dependency-version: 0.5.4 dependency-type: direct:production dependency-group: pip - dependency-name: tornado dependency-version: 6.5.5 dependency-type: direct:production dependency-group: pip - dependency-name: urllib3 dependency-version: 2.7.0 dependency-type: direct:production dependency-group: pip ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels May 13, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the pip group across 1 directory with 13 updates#134

Bump the pip group across 1 directory with 13 updates#134
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/reports/pip-fb0fb2a71a

dependabot Bot commented on behalf of github May 13, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github May 13, 2026

4.60.2

4.60.2 (released 2025-12-09)

4.61.0 (released 2025-11-28)

v2.18.0

2.18.0

Security patches

API and Breaking Changes

Enhancements made

Bugs fixed

Maintenance and upkeep improvements

2.18.0

API and Breaking Changes

Enhancements made

Bugs fixed

v4.5.7

4.5.7

Security patches

Bugs fixed

Maintenance and upkeep improvements

Documentation improvements

Contributors to this release

v4.5.6

4.5.6

v3.2.1

🐞 Bug Fixes

View changes on GitHub

v3.2.0

🚀 Features

🐞 Bug Fixes

View changes on GitHub

Version 3.2.1

Version 3.2.0

v7.17.1

7.17.1

Enhancements made

Bugs fixed

Maintenance and upkeep improvements

Contributors to this release

v7.17.0

7.17.0

Enhancements made

Bugs fixed

7.17.1

Enhancements made

Bugs fixed

Maintenance and upkeep improvements

Contributors to this release

7.17.0

Enhancements made

Bugs fixed

v7.5.6

7.5.6

Security patches

Maintenance and upkeep improvements

Documentation improvements

Contributors to this release

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants