Skip to content

Bump the lockfile-minor-patch group with 6 updates#730

Open
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/uv/lockfile-minor-patch-906b66ba4b
Open

Bump the lockfile-minor-patch group with 6 updates#730
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/uv/lockfile-minor-patch-906b66ba4b

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 28, 2026

Bumps the lockfile-minor-patch group with 6 updates:

Package From To
canfar 1.3.4 1.3.5
pandas 3.0.2 3.0.3
myst-parser 5.0.0 5.1.0
sphinxcontrib-bibtex 2.6.5 2.7.0
snakemake 9.19.0 9.20.0
build 1.4.4 1.5.0

Updates canfar from 1.3.4 to 1.3.5

Release notes

Sourced from canfar's releases.

v1.3.5

1.3.5 (2026-04-28)

Bug Fixes

Changelog

Sourced from canfar's changelog.

1.3.5 (2026-04-28)

Bug Fixes

Commits
  • 1d96573 Merge pull request #93 from opencadc/release-please--branches--main--componen...
  • dd0c8f0 chore(main): release 1.3.5
  • 1df92d9 fix: release note versions
  • a2de977 Update 2026-1.md
  • See full diff in compare view

Updates pandas from 3.0.2 to 3.0.3

Release notes

Sourced from pandas's releases.

pandas 3.0.3

We are pleased to announce the release of pandas 3.0.3. This is a patch release in the 3.0.x series and includes some regression fixes and bug fixes. We recommend that all users of the 3.0.x series upgrade to this version.

See the full whatsnew for a list of all the changes.

Pandas 3.0 supports Python 3.11 and higher. The release can be installed from PyPI:

python -m pip install --upgrade pandas==3.0.*

Or from conda-forge

conda install -c conda-forge pandas=3.0

Please report any issues with the release on the pandas issue tracker.

Thanks to all the contributors who made this release possible.

Commits
  • 72f2fea RLS: 3.0.3 (#65590)
  • 2897590 Backport PR #65436 on branch 3.0.x (Account for privatization of matplotlib `...
  • 49894b5 Backport PR #65499 on branch 3.0.x (BUG: fix check if pyarrow is installed in...
  • 1c6d1e3 [backport 3.0.x] PERF: remove special casing for zoneinfo in tz_localize_to_u...
  • 2a54711 Backport PR #64379 on branch 3.0.x (PERF: improve performance with ZoneInfo t...
  • 036bb7c Backport PR #65482 on branch 3.0.x (PERF: don't call unique on dtypes for che...
  • bf4c182 Backport PR #65410 on branch 3.0.x (TST: also convert str index to object in ...
  • dd02d75 [backport 3.0.x] BUG: keep fsspec OpenFile alive for chained URL reads (#6547...
  • aef3d0f [backport 3.0.x] CI: lowercase types-pymysql/types-pyyaml to fix mamba 2.6.0 ...
  • bb8e248 Backport PR #65399 on branch 3.0.x (DOC: fix source link for classes in the r...
  • Additional commits viewable in compare view

Updates myst-parser from 5.0.0 to 5.1.0

Release notes

Sourced from myst-parser's releases.

v5.1.0

✨ New Features

👌 Improvements

  • 👌 Update myst_gfm_only mode to use the unified gfm_plugin, which now includes GFM autolinks, alerts, and improved strikethrough/tasklist handling by @​chrisjsewell in #1128
  • 👌 Improve MathJax 4 compatibility for Sphinx 9 by @​chrisjsewell in #1110
  • 👌 Stop directive-option parsing at colon fences, fixing nested colon fence directives by @​chrisjsewell in #1133

🐛 Bug Fixes

⬆️ Dependency Upgrades

New Contributors

Full Changelog: executablebooks/MyST-Parser@v5.0.0...v5.1.0

Changelog

Sourced from myst-parser's changelog.

5.1.0 - 2026-05-13

✨ New Features

  • ✨ Add "alert" syntax extension for GFM alerts (e.g. > [!NOTE]), see by gh-user:chrisjsewell in gh-pr:1128
  • ✨ Add "gfm_autolink" syntax extension for GFM autolinks, see by gh-user:chrisjsewell in gh-pr:1128
  • ✨ Add myst_strikethrough_single_tilde config option to allow single tilde (~) for strikethrough by gh-user:chrisjsewell in gh-pr:1128
  • ✨ Add myst_colon_fence_exact_match config option to require the closing colon fence to have exactly the same number of colons as the opening, see by gh-user:chrisjsewell in gh-pr:1128

👌 Improvements

  • 👌 Update myst_gfm_only mode to use the unified gfm_plugin, which now includes GFM autolinks, alerts, and improved strikethrough/tasklist handling by gh-user:chrisjsewell in gh-pr:1128
  • 👌 Improve MathJax 4 compatibility for Sphinx 9 by gh-user:chrisjsewell in gh-pr:1110
  • 👌 Stop directive-option parsing at colon fences, fixing nested colon fence directives by gh-user:chrisjsewell in gh-pr:1133

🐛 Bug Fixes

  • 🐛 Use docname instead of source path in warning locations by gh-user:chrisjsewell in gh-pr:1114
  • 🐛 Correctly encode & in Markdown URLs by not HTML-escaping refuri by gh-user:chrisjsewell in gh-pr:1126
  • 🐛 Fix RemovedInSphinx10Warning for inventory item iteration by gh-user:chrisjsewell in gh-pr:1129
  • 🐛 Pin mdit-py-plugins>=0.6.1 for nested field list fix by gh-user:chrisjsewell in gh-pr:1134

⬆️ Dependency Upgrades

  • ⬆️ Upgrade to markdown-it-py~=4.2 and mdit-py-plugins~=0.6 by gh-user:chrisjsewell in gh-pr:1128
  • ⬆️ Update pygments requirement from <2.20 to <2.21 by gh-user:chrisjsewell in gh-pr:1117

Full Changelog: v5.0.0...v5.1.0

Commits
  • 2871eb9 🚀 Release v5.1.0 (#1135)
  • cc5db37 🐛 FIX: Pin mdit-py-plugins>=0.6.1 for nested field list fix (#1134)
  • 4ce57f9 👌 Stop directive-option parsing at colon fences (#1133)
  • cfcc327 ⬆️ Bump mypy from 2.0.0 to 2.1.0 (#1131)
  • 691738c ⬆️ Bump ruff from 0.15.10 to 0.15.12 (#1132)
  • 0fb1ae9 👌 IMPROVE: MathJax 4 compatibility (Sphinx 9) (#1110)
  • f153b4b ⬆️ Bump actions/setup-python from 5 to 6 (#1092)
  • 93acf8d [pre-commit.ci] pre-commit autoupdate (#1095)
  • a5f1d69 ⬆️ Update pygments requirement from <2.20 to <2.21 (#1117)
  • 8381296 🐛 FIX: Use docname instead of source path in warning locations (#1114)
  • Additional commits viewable in compare view

Updates sphinxcontrib-bibtex from 2.6.5 to 2.7.0

Changelog

Sourced from sphinxcontrib-bibtex's changelog.

2.7.0 (6 May 2026)

  • BACKWARD INCOMPATIBLE A new warning category, duplicate_local_citation, has been introduced. It is triggered when a duplicate citation appears within the same document. The existing duplicate_citation warning continues to report duplicates but now only across different documents.

    In many cases, users maintain a separate bibliography for each document (often using a docname in docnames filter). In such setups, duplicate citations across documents are usually acceptable, while duplicates within a single document are not. This distinction allows users to suppress duplicate_citation warnings while still receiving duplicate_local_citation warnings.

  • When there are duplicate citations, resolve locally first (reported by drbenvincent, see issue #385).

  • The usage section of the documentation now starts with in-depth general considerations to guide users towards best practice for the most common use cases.

  • Citation reference wrapper nodes now have a bibtex-citation CSS class, to enable Sphinx themes to style citation elements separately from other content (contributed by mmcky, see pull request #383).

  • Increase required pybtex-docutils version to 1.0.2 (reported by ego-thales).

  • Fix test suite for docutils 0.22 (fixed by mitya57, see pull request #377).

  • Dropped Python 3.9 support (EOL), added Python 3.14 support.

  • Fixed various deprecation warnings in Sphinx and docutils.

  • Improved header parsing.

  • Minimum required Sphinx version increased to 7.4.

  • Minimum required Docutils version increased to 0.20.

Commits

Updates snakemake from 9.19.0 to 9.20.0

Release notes

Sourced from snakemake's releases.

v9.20.0

9.20.0 (2026-05-02)

Features

  • add a helper function that translate Python script names into corresponding module names (#4065) (c74c0a0)
  • add with_suffix argument to subpath helper function, allowing low-code suffix extensions and replacements for input and output files and params (#4156) (4dab300)
  • enable caching for named multi-output rules (#4151) (c921575)

Bug Fixes

  • CLI/profile runtime override is interpreted as minutes not as seconds (#4053) (0fc5fd1)
  • docs: remove misleading "touch" example and explain checksum behaviour (#4173) (a5dfa28)
  • ensure that also storage plugins without settings are auto-deployed (#4178) (5427ffa)
  • issue 3958 relative path for storage prefix breaks apptainer (#3962) (87d7e35)
  • suppress duplicate SpawnedJobError tracebacks in local executor (#4150) (40a46cf)
  • turn binding path to absolute path for singularity/apptainer (#4142) (48602f0)

Documentation

Changelog

Sourced from snakemake's changelog.

9.20.0 (2026-05-02)

Features

  • add a helper function that translate Python script names into corresponding module names (#4065) (c74c0a0)
  • add with_suffix argument to subpath helper function, allowing low-code suffix extensions and replacements for input and output files and params (#4156) (4dab300)
  • enable caching for named multi-output rules (#4151) (c921575)

Bug Fixes

  • CLI/profile runtime override is interpreted as minutes not as seconds (#4053) (0fc5fd1)
  • docs: remove misleading "touch" example and explain checksum behaviour (#4173) (a5dfa28)
  • ensure that also storage plugins without settings are auto-deployed (#4178) (5427ffa)
  • issue 3958 relative path for storage prefix breaks apptainer (#3962) (87d7e35)
  • suppress duplicate SpawnedJobError tracebacks in local executor (#4150) (40a46cf)
  • turn binding path to absolute path for singularity/apptainer (#4142) (48602f0)

Documentation

Commits
  • 8a1a90d chore(main): release 9.20.0 (#4146)
  • 87d7e35 fix: issue 3958 relative path for storage prefix breaks apptainer (#3962)
  • 48602f0 fix: turn binding path to absolute path for singularity/apptainer (#4142)
  • c921575 feat: enable caching for named multi-output rules (#4151)
  • 4c1ae6a build: replace appdirs with platformdirs (#4170)
  • 410414a build(deps): bump prefix-dev/setup-pixi from 0.9.3 to 0.9.5 (#4144)
  • 40a46cf fix: suppress duplicate SpawnedJobError tracebacks in local executor (#4150)
  • b370572 ci: Bump actions/upload-artifact from v5 to v7 (#4169)
  • 4dab300 feat: add with_suffix argument to subpath helper function, allowing low-code ...
  • d3c4d68 docs: Use raw string for bwa_map RG parameter example (#4174)
  • Additional commits viewable in compare view

Updates build from 1.4.4 to 1.5.0

Release notes

Sourced from build's releases.

1.5.0

What's Changed

Full Changelog: pypa/build@1.4.4...1.5.0

Changelog

Sourced from build's changelog.

#################### 1.5.0 (2026-04-30) ####################

Features

  • Drop Python 3.9 support - by :user:henryiii (:issue:1036)

Bugfixes

  • Make --ignore-installed opt-in from the API via fresh=True - by :user:henryiii (:issue:1056)

Miscellaneous

  • :issue:1033

#################### 1.4.4 (2026-04-22) ####################

Bugfixes

  • Fix release pipeline generating CHANGELOG.rst entries with inconsistent heading levels, which broke sphinx -W and pinned Read the Docs stable at 1.4.0 - by :user:gaborbernat. (:issue:1031)
  • Revert :pr:1039 from build 1.4.3, no longer check direct_url (for now) - by :user:henryiii (:issue:1039)
  • Add --ignore-installed to pip install command to prevent issues with packages already present in the isolated build environment - by :user:henryiii (:issue:1037) (:issue:1040)
  • Partial revert of :pr:973, keeping log messages in one entry, multiple lines. (:issue:1044)

Miscellaneous

  • :issue:1048, :issue:1049

#################### 1.4.3 (2026-04-10) ####################

Features

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the lockfile-minor-patch group with 6 updates
417c2d2 
Bumps the lockfile-minor-patch group with 6 updates:

| Package | From | To |
| --- | --- | --- |
| [canfar](https://github.com/opencadc/canfar) | `1.3.4` | `1.3.5` |
| [pandas](https://github.com/pandas-dev/pandas) | `3.0.2` | `3.0.3` |
| [myst-parser](https://github.com/executablebooks/MyST-Parser) | `5.0.0` | `5.1.0` |
| [sphinxcontrib-bibtex](https://github.com/mcmtroffaes/sphinxcontrib-bibtex) | `2.6.5` | `2.7.0` |
| [snakemake](https://github.com/snakemake/snakemake) | `9.19.0` | `9.20.0` |
| [build](https://github.com/pypa/build) | `1.4.4` | `1.5.0` |


Updates `canfar` from 1.3.4 to 1.3.5
- [Release notes](https://github.com/opencadc/canfar/releases)
- [Changelog](https://github.com/opencadc/canfar/blob/main/CHANGELOG.md)
- [Commits](opencadc/canfar@v1.3.4...v1.3.5)

Updates `pandas` from 3.0.2 to 3.0.3
- [Release notes](https://github.com/pandas-dev/pandas/releases)
- [Commits](pandas-dev/pandas@v3.0.2...v3.0.3)

Updates `myst-parser` from 5.0.0 to 5.1.0
- [Release notes](https://github.com/executablebooks/MyST-Parser/releases)
- [Changelog](https://github.com/executablebooks/MyST-Parser/blob/master/CHANGELOG.md)
- [Commits](executablebooks/MyST-Parser@v5.0.0...v5.1.0)

Updates `sphinxcontrib-bibtex` from 2.6.5 to 2.7.0
- [Changelog](https://github.com/mcmtroffaes/sphinxcontrib-bibtex/blob/develop/CHANGELOG.rst)
- [Commits](mcmtroffaes/sphinxcontrib-bibtex@2.6.5...2.7.0)

Updates `snakemake` from 9.19.0 to 9.20.0
- [Release notes](https://github.com/snakemake/snakemake/releases)
- [Changelog](https://github.com/snakemake/snakemake/blob/main/CHANGELOG.md)
- [Commits](snakemake/snakemake@v9.19.0...v9.20.0)

Updates `build` from 1.4.4 to 1.5.0
- [Release notes](https://github.com/pypa/build/releases)
- [Changelog](https://github.com/pypa/build/blob/main/CHANGELOG.rst)
- [Commits](pypa/build@1.4.4...1.5.0)

---
updated-dependencies:
- dependency-name: canfar
  dependency-version: 1.3.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: lockfile-minor-patch
- dependency-name: pandas
  dependency-version: 3.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: lockfile-minor-patch
- dependency-name: myst-parser
  dependency-version: 5.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: lockfile-minor-patch
- dependency-name: sphinxcontrib-bibtex
  dependency-version: 2.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: lockfile-minor-patch
- dependency-name: snakemake
  dependency-version: 9.20.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: lockfile-minor-patch
- dependency-name: build
  dependency-version: 1.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: lockfile-minor-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label May 28, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants