Nerdberg/Nerdlock
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

chore(deps): bump the python-dependencies group across 1 directory with 3 updates #4

Closed
dependabot[bot] wants to merge 2 commits from dependabot/pip/python-dependencies-3ea9fedbb2 into main
pull from: dependabot/pip/python-dependencies-3ea9fedbb2
merge into: Nerdberg:main
Conversation 1 Commits 2 Files changed 9 +5 -5
dependabot[bot] commented 2026-01-05 07:34:14 +01:00 (Migrated from github.com)
Copy link

Bumps the python-dependencies group with 3 updates in the / directory: bleak, pynacl and cbor2.

Updates bleak from 2.0.0 to 2.1.1

Release notes

Sourced from bleak's releases.

v2.1.1

Changed

  • Changed default connect timeout for BleakClient from 10 to 30 seconds.

Fixed

  • Fixed some cases of BleakError: Could not get GATT services: Unreachable in WinRT backend by adding a retry when getting GATT services.

v2.1.0

Added

  • Added bluez parameter to BleakClient.start_notify() to allow forcing using "StartNotify" instead of "AcquireNotify" on BlueZ backend. Fixes #1885.
  • Added bleak.args.SizedBuffer type for better type hinting of buffer protocol parameters.

Fixed

  • Fixed calling logging.debug() in WinRT backend. Fixes #1882.
  • Fixed calling logging.warning() in BlueZ backend.
Changelog

Sourced from bleak's changelog.

2.1.1_ (2025-12-31)

Changed

  • Changed default connect timeout for BleakClient from 10 to 30 seconds.

Fixed

  • Fixed some cases of BleakError: Could not get GATT services: Unreachable in WinRT backend by adding a retry when getting GATT services.

2.1.0_ (2025-12-28)

Added

  • Added bluez parameter to BleakClient.start_notify() to allow forcing using "StartNotify" instead of "AcquireNotify" on BlueZ backend. Fixes #1885.
  • Added bleak.args.SizedBuffer type for better type hinting of buffer protocol parameters.

Fixed

  • Fixed calling logging.debug() in WinRT backend. Fixes #1882.
  • Fixed calling logging.warning() in BlueZ backend.
Commits
  • 5d76a62 v2.1.1
  • 1f002b8 backends: clean up client timeout comments
  • b5490e8 tests: add services arg to BleakClient in some tests
  • ba9410f backends/winrt/client: add retry when getting GATT services
  • f14a30d bleak: change default BleakClient timeout to 30 seconds
  • 848b511 backends/corebluetooth: add helper function for call_soon_threadsafe()
  • 6af24ae tests/integration: fix logging.info()
  • 66f0b20 tests: Basic integrationtests for BleakClient
  • 8a40874 tests/integration: remove add_default_services()
  • ede4a03 github: build_and_test if pyproject.toml changes
  • Additional commits viewable in compare view

Updates pynacl from 1.6.1 to 1.6.2

Changelog

Sourced from pynacl's changelog.

1.6.2 (2026-01-01)

  • Updated libsodium to 1.0.20-stable (2025-12-31 build) to resolve CVE-2025-69277.
Commits

Updates cbor2 from 5.7.1 to 5.8.0

Release notes

Sourced from cbor2's releases.

5.8.0

  • Added readahead buffering to C decoder for improved performance. The decoder now uses a 4 KB buffer by default to reduce the number of read calls. Benchmarks show 20-140% performance improvements for decoding operations. (#268; PR by @​andreer)
  • Fixed Python decoder not preserving share index when decoding array items containing nested shareable tags, causing shared references to resolve to wrong objects (#267; PR by @​andreer)
  • Reset shared reference state at the start of each top-level encode/decode operation (#266; PR by @​andreer)
Commits
  • c77cea8 Removed macos-13 from the OS matrix
  • 2320d95 Bumped up the version
  • 9ff48e3 Updated pre-commit modules
  • 22acea4 Updated the version history entry for #268
  • c368bb3 Fixed the links and the semver declaration
  • fb4ee16 Added a read-ahead buffer to the C decoder (#268)
  • 0bcf400 Bump the github-actions group with 5 updates (#269)
  • 7aa6cad Added dependabot config for GitHub actions
  • 6409f6a Added a security policy
  • 403c2ce Fixed nested shareable in arrays (python decoder only) (#267)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
Bumps the python-dependencies group with 3 updates in the / directory: [bleak](https://github.com/hbldh/bleak), [pynacl](https://github.com/pyca/pynacl) and [cbor2](https://github.com/agronholm/cbor2). Updates `bleak` from 2.0.0 to 2.1.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/hbldh/bleak/releases">bleak's releases</a>.</em></p> <blockquote> <h2>v2.1.1</h2> <h2>Changed</h2> <ul> <li>Changed default connect timeout for <code>BleakClient</code> from 10 to 30 seconds.</li> </ul> <h2>Fixed</h2> <ul> <li>Fixed some cases of <code>BleakError: Could not get GATT services: Unreachable</code> in WinRT backend by adding a retry when getting GATT services.</li> </ul> <h2>v2.1.0</h2> <h2>Added</h2> <ul> <li>Added <code>bluez</code> parameter to <code>BleakClient.start_notify()</code> to allow forcing using &quot;StartNotify&quot; instead of &quot;AcquireNotify&quot; on BlueZ backend. Fixes <a href="https://redirect.github.com/hbldh/bleak/issues/1885">#1885</a>.</li> <li>Added <code>bleak.args.SizedBuffer</code> type for better type hinting of buffer protocol parameters.</li> </ul> <h2>Fixed</h2> <ul> <li>Fixed calling <code>logging.debug()</code> in WinRT backend. Fixes <a href="https://redirect.github.com/hbldh/bleak/issues/1882">#1882</a>.</li> <li>Fixed calling <code>logging.warning()</code> in BlueZ backend.</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/hbldh/bleak/blob/develop/CHANGELOG.rst">bleak's changelog</a>.</em></p> <blockquote> <h1><code>2.1.1</code>_ (2025-12-31)</h1> <h2>Changed</h2> <ul> <li>Changed default connect timeout for <code>BleakClient</code> from 10 to 30 seconds.</li> </ul> <h2>Fixed</h2> <ul> <li>Fixed some cases of <code>BleakError: Could not get GATT services: Unreachable</code> in WinRT backend by adding a retry when getting GATT services.</li> </ul> <h1><code>2.1.0</code>_ (2025-12-28)</h1> <h2>Added</h2> <ul> <li>Added <code>bluez</code> parameter to <code>BleakClient.start_notify()</code> to allow forcing using &quot;StartNotify&quot; instead of &quot;AcquireNotify&quot; on BlueZ backend. Fixes <a href="https://redirect.github.com/hbldh/bleak/issues/1885">#1885</a>.</li> <li>Added <code>bleak.args.SizedBuffer</code> type for better type hinting of buffer protocol parameters.</li> </ul> <h2>Fixed</h2> <ul> <li>Fixed calling <code>logging.debug()</code> in WinRT backend. Fixes <a href="https://redirect.github.com/hbldh/bleak/issues/1882">#1882</a>.</li> <li>Fixed calling <code>logging.warning()</code> in BlueZ backend.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/hbldh/bleak/commit/5d76a62a549a4674c64ee151d38e2339e8ba948a"><code>5d76a62</code></a> v2.1.1</li> <li><a href="https://github.com/hbldh/bleak/commit/1f002b8b58206625562c5d568291096225555890"><code>1f002b8</code></a> backends: clean up client timeout comments</li> <li><a href="https://github.com/hbldh/bleak/commit/b5490e8e5810095e91abacb8eb3321b952604d72"><code>b5490e8</code></a> tests: add services arg to BleakClient in some tests</li> <li><a href="https://github.com/hbldh/bleak/commit/ba9410fc3e1637ae3be91fa8b937daffba624b36"><code>ba9410f</code></a> backends/winrt/client: add retry when getting GATT services</li> <li><a href="https://github.com/hbldh/bleak/commit/f14a30d5db031e69d52035314d48432ef89306d3"><code>f14a30d</code></a> bleak: change default BleakClient timeout to 30 seconds</li> <li><a href="https://github.com/hbldh/bleak/commit/848b51122c6b4308e90c5e907b7ebb6e08833863"><code>848b511</code></a> backends/corebluetooth: add helper function for call_soon_threadsafe()</li> <li><a href="https://github.com/hbldh/bleak/commit/6af24ae5b54a376b0dcc6432c943058107ec27a6"><code>6af24ae</code></a> tests/integration: fix logging.info()</li> <li><a href="https://github.com/hbldh/bleak/commit/66f0b209b22d05c6704ffea9d31e6c01d6fa2e69"><code>66f0b20</code></a> tests: Basic integrationtests for <code>BleakClient</code></li> <li><a href="https://github.com/hbldh/bleak/commit/8a408749f6cb8881cc6ca733cc211d94ad7b54a5"><code>8a40874</code></a> tests/integration: remove add_default_services()</li> <li><a href="https://github.com/hbldh/bleak/commit/ede4a033347be9eeb79a43cdbf1ca9b075ac62c3"><code>ede4a03</code></a> github: build_and_test if pyproject.toml changes</li> <li>Additional commits viewable in <a href="https://github.com/hbldh/bleak/compare/v2.0.0...v2.1.1">compare view</a></li> </ul> </details> <br /> Updates `pynacl` from 1.6.1 to 1.6.2 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pyca/pynacl/blob/main/CHANGELOG.rst">pynacl's changelog</a>.</em></p> <blockquote> <h2>1.6.2 (2026-01-01)</h2> <ul> <li>Updated <code>libsodium</code> to 1.0.20-stable (2025-12-31 build) to resolve <code>CVE-2025-69277</code>.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pyca/pynacl/commit/ecf41f55a3d8f1e10ce89c61c4b4d67f3f4467cf"><code>ecf41f5</code></a> changelog and version bump for 1.6.2 (<a href="https://redirect.github.com/pyca/pynacl/issues/923">#923</a>)</li> <li><a href="https://github.com/pyca/pynacl/commit/685a5e727772c2df81cfce61fb8768122102fa89"><code>685a5e7</code></a> Switch to PyPI trusted publishing (<a href="https://redirect.github.com/pyca/pynacl/issues/925">#925</a>)</li> <li><a href="https://github.com/pyca/pynacl/commit/78e0aa32b1a0acdd51e2b3bf394e7cb911fc1e68"><code>78e0aa3</code></a> missed adding these files as part of the libsodium update (<a href="https://redirect.github.com/pyca/pynacl/issues/924">#924</a>)</li> <li><a href="https://github.com/pyca/pynacl/commit/96314884d88d1089ff5f336dba61d7abbcddbbf7"><code>9631488</code></a> Bump libsodium to the latest 1.0.20 (<a href="https://redirect.github.com/pyca/pynacl/issues/922">#922</a>)</li> <li><a href="https://github.com/pyca/pynacl/commit/563b25bdedf666e86f0cc2a95321cd23a960260e"><code>563b25b</code></a> Add script to update vendored libsodium (<a href="https://redirect.github.com/pyca/pynacl/issues/921">#921</a>)</li> <li><a href="https://github.com/pyca/pynacl/commit/d23310561899d1ca4fd4026a646893b2af6b6c21"><code>d233105</code></a> Include libsodium license in wheels (<a href="https://redirect.github.com/pyca/pynacl/issues/917">#917</a>)</li> <li><a href="https://github.com/pyca/pynacl/commit/cabc3a879d142e62f7503a632e62e706ef5eccbb"><code>cabc3a8</code></a> Bump dessant/lock-threads from 5 to 6 (<a href="https://redirect.github.com/pyca/pynacl/issues/914">#914</a>)</li> <li><a href="https://github.com/pyca/pynacl/commit/f3596177b3a43a49b211ff2a3f9ea133f1cf8f23"><code>f359617</code></a> Bump actions/download-artifact from 6.0.0 to 7.0.0 (<a href="https://redirect.github.com/pyca/pynacl/issues/915">#915</a>)</li> <li><a href="https://github.com/pyca/pynacl/commit/fb6e37f76dcf9f93d3f65bb31abdb548816126b6"><code>fb6e37f</code></a> Bump actions/upload-artifact from 5 to 6 (<a href="https://redirect.github.com/pyca/pynacl/issues/916">#916</a>)</li> <li><a href="https://github.com/pyca/pynacl/commit/526f99278383ffda906bec9d08288191dcbbc3b3"><code>526f992</code></a> Bump actions/checkout from 6.0.0 to 6.0.1 (<a href="https://redirect.github.com/pyca/pynacl/issues/911">#911</a>)</li> <li>Additional commits viewable in <a href="https://github.com/pyca/pynacl/compare/1.6.1...1.6.2">compare view</a></li> </ul> </details> <br /> Updates `cbor2` from 5.7.1 to 5.8.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/agronholm/cbor2/releases">cbor2's releases</a>.</em></p> <blockquote> <h2>5.8.0</h2> <ul> <li>Added readahead buffering to C decoder for improved performance. The decoder now uses a 4 KB buffer by default to reduce the number of read calls. Benchmarks show 20-140% performance improvements for decoding operations. (<a href="https://redirect.github.com/agronholm/cbor2/issues/268">#268</a>; PR by <a href="https://github.com/andreer"><code>@​andreer</code></a>)</li> <li>Fixed Python decoder not preserving share index when decoding array items containing nested shareable tags, causing shared references to resolve to wrong objects (<a href="https://redirect.github.com/agronholm/cbor2/issues/267">#267</a>; PR by <a href="https://github.com/andreer"><code>@​andreer</code></a>)</li> <li>Reset shared reference state at the start of each top-level encode/decode operation (<a href="https://redirect.github.com/agronholm/cbor2/issues/266">#266</a>; PR by <a href="https://github.com/andreer"><code>@​andreer</code></a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/agronholm/cbor2/commit/c77cea8e0d77aebdb6eea051433352a1de824ff1"><code>c77cea8</code></a> Removed macos-13 from the OS matrix</li> <li><a href="https://github.com/agronholm/cbor2/commit/2320d95d93dbd1da5926a90351ccbfa78dfb70bc"><code>2320d95</code></a> Bumped up the version</li> <li><a href="https://github.com/agronholm/cbor2/commit/9ff48e3ce4ec3f0f2db8752558756b9e95dbc3d0"><code>9ff48e3</code></a> Updated pre-commit modules</li> <li><a href="https://github.com/agronholm/cbor2/commit/22acea4740f244e2d2f500a62501be08fb9506b1"><code>22acea4</code></a> Updated the version history entry for <a href="https://redirect.github.com/agronholm/cbor2/issues/268">#268</a></li> <li><a href="https://github.com/agronholm/cbor2/commit/c368bb394e8c8dd73669fdfa4cba633728ca20ae"><code>c368bb3</code></a> Fixed the links and the semver declaration</li> <li><a href="https://github.com/agronholm/cbor2/commit/fb4ee1612a8a1ac0dbd8cf2f2f6f931a4e06d824"><code>fb4ee16</code></a> Added a read-ahead buffer to the C decoder (<a href="https://redirect.github.com/agronholm/cbor2/issues/268">#268</a>)</li> <li><a href="https://github.com/agronholm/cbor2/commit/0bcf400a4575edce046ecdd2f9ab73ee606d8863"><code>0bcf400</code></a> Bump the github-actions group with 5 updates (<a href="https://redirect.github.com/agronholm/cbor2/issues/269">#269</a>)</li> <li><a href="https://github.com/agronholm/cbor2/commit/7aa6cad1840176affdbee97568cabfb2ef9ff566"><code>7aa6cad</code></a> Added dependabot config for GitHub actions</li> <li><a href="https://github.com/agronholm/cbor2/commit/6409f6aa994969333fd69c2688996d3e7aad9fc3"><code>6409f6a</code></a> Added a security policy</li> <li><a href="https://github.com/agronholm/cbor2/commit/403c2ce3d61ce5ddc2d2143127baf31b7ab4a75c"><code>403c2ce</code></a> Fixed nested shareable in arrays (python decoder only) (<a href="https://redirect.github.com/agronholm/cbor2/issues/267">#267</a>)</li> <li>Additional commits viewable in <a href="https://github.com/agronholm/cbor2/compare/5.7.1...5.8.0">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details>
dependabot[bot] commented 2026-01-12 07:56:08 +01:00 (Migrated from github.com)
Copy link

Looks like these dependencies are updatable in another way, so this is no longer needed.

Looks like these dependencies are updatable in another way, so this is no longer needed.

Pull request closed

This pull request cannot be reopened because the branch was deleted.
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels   
bug

Something isn't working

  
dependencies

   
documentation

Improvements or additions to documentation

  
duplicate

This issue or pull request already exists

  
enhancement

New feature or request

  
good first issue

Good for newcomers

  
help wanted

Extra attention is needed

  
invalid

This doesn't seem right

  
python

   
question

Further information is requested

  
wontfix

This will not be worked on

No labels
bug
dependencies
documentation
duplicate
enhancement
good first issue
help wanted
invalid
python
question
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
Nerdberg/Nerdlock!4
No description provided.