From 3e2ff6faaf1e1aa01bcefbabb2cd4900761c88b8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 19 May 2026 17:58:34 +0000 Subject: [PATCH 01/16] chore(deps-dev): bump idna from 3.10 to 3.15 Bumps [idna](https://github.com/kjd/idna) from 3.10 to 3.15. - [Release notes](https://github.com/kjd/idna/releases) - [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.md) - [Commits](https://github.com/kjd/idna/compare/v3.10...v3.15) --- updated-dependencies: - dependency-name: idna dependency-version: '3.15' dependency-type: direct:development ... Signed-off-by: dependabot[bot] --- requirements-dev.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-dev.txt b/requirements-dev.txt index 163ea8c8..0ad1574e 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -32,7 +32,7 @@ dill==0.4.0 ; python_version < '3.11' exceptiongroup==1.3.0 ; python_version < '3.11' -idna==3.10 ; python_version >= '3.5' +idna==3.15 ; python_version >= '3.5' importlib-metadata==7.1.0 ; python_version >= '3.7' From 4abefb25a49add32feb659fffea934593365406b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 19 May 2026 19:48:35 +0000 Subject: [PATCH 02/16] chore(deps): bump pypa/gh-action-pypi-publish from 1.13.0 to 1.14.0 Bumps [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish) from 1.13.0 to 1.14.0. - [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases) - [Commits](https://github.com/pypa/gh-action-pypi-publish/compare/ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e...cef221092ed1bacb1cc03d23a2d87d1d172e277b) --- updated-dependencies: - dependency-name: pypa/gh-action-pypi-publish dependency-version: 1.14.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/publish.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index abbdd556..75da478e 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -29,7 +29,7 @@ jobs: - name: Build package run: python -m build - name: Publish package - uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e + uses: pypa/gh-action-pypi-publish@cef221092ed1bacb1cc03d23a2d87d1d172e277b with: user: __token__ password: ${{ secrets.PYPI_TOKEN }} From 865521b35a061ee30e728b262319ac072d019cab Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 19 May 2026 19:48:39 +0000 Subject: [PATCH 03/16] chore(deps): bump actions/create-github-app-token from 2 to 3 Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 2 to 3. - [Release notes](https://github.com/actions/create-github-app-token/releases) - [Changelog](https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/create-github-app-token/compare/v2...v3) --- updated-dependencies: - dependency-name: actions/create-github-app-token dependency-version: '3' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/project-auto-add.yml | 2 +- .github/workflows/release-please-gha.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/project-auto-add.yml b/.github/workflows/project-auto-add.yml index 0ce738cb..fbd6f475 100644 --- a/.github/workflows/project-auto-add.yml +++ b/.github/workflows/project-auto-add.yml @@ -18,7 +18,7 @@ jobs: steps: - name: Generate token id: generate_token - uses: actions/create-github-app-token@v2 + uses: actions/create-github-app-token@v3 with: app-id: ${{ secrets.GRAPHBOT_APP_ID }} private-key: ${{ secrets.GRAPHBOT_APP_PEM }} diff --git a/.github/workflows/release-please-gha.yml b/.github/workflows/release-please-gha.yml index d4cf74c3..195010cc 100644 --- a/.github/workflows/release-please-gha.yml +++ b/.github/workflows/release-please-gha.yml @@ -23,7 +23,7 @@ jobs: - name: Generate GitHub App token id: app-token - uses: actions/create-github-app-token@v2 + uses: actions/create-github-app-token@v3 with: app-id: ${{ vars.RELEASE_PLEASE_TOKEN_PROVIDER_APP_ID }} private-key: ${{ secrets.RELEASE_PLEASE_TOKEN_PROVIDER_PEM }} From 621565190eeab5dac9516526549f7d7b9d43edeb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 19 May 2026 19:48:40 +0000 Subject: [PATCH 04/16] chore(deps): bump dependabot/fetch-metadata from 2.4.0 to 3.1.0 Bumps [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) from 2.4.0 to 3.1.0. - [Release notes](https://github.com/dependabot/fetch-metadata/releases) - [Commits](https://github.com/dependabot/fetch-metadata/compare/v2.4.0...v3.1.0) --- updated-dependencies: - dependency-name: dependabot/fetch-metadata dependency-version: 3.1.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/auto-merge-dependabot.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/auto-merge-dependabot.yml b/.github/workflows/auto-merge-dependabot.yml index 82876722..86539adf 100644 --- a/.github/workflows/auto-merge-dependabot.yml +++ b/.github/workflows/auto-merge-dependabot.yml @@ -17,7 +17,7 @@ jobs: steps: - name: Dependabot metadata id: metadata - uses: dependabot/fetch-metadata@v2.4.0 + uses: dependabot/fetch-metadata@v3.1.0 with: github-token: "${{ secrets.GITHUB_TOKEN }}" From 1cdb17f49116988ba2040a171689a8fedcf76d82 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 19 May 2026 19:48:41 +0000 Subject: [PATCH 05/16] chore(deps): bump googleapis/release-please-action from 4 to 5 Bumps [googleapis/release-please-action](https://github.com/googleapis/release-please-action) from 4 to 5. - [Release notes](https://github.com/googleapis/release-please-action/releases) - [Changelog](https://github.com/googleapis/release-please-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/googleapis/release-please-action/compare/v4...v5) --- updated-dependencies: - dependency-name: googleapis/release-please-action dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/release-please-gha.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release-please-gha.yml b/.github/workflows/release-please-gha.yml index d4cf74c3..b44eb705 100644 --- a/.github/workflows/release-please-gha.yml +++ b/.github/workflows/release-please-gha.yml @@ -29,7 +29,7 @@ jobs: private-key: ${{ secrets.RELEASE_PLEASE_TOKEN_PROVIDER_PEM }} - name: Release Please - uses: googleapis/release-please-action@v4 + uses: googleapis/release-please-action@v5 with: token: ${{ steps.app-token.outputs.token }} config-file: release-please-config.json From eeb2730079c96e633e37505a89a523673bc78e6b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 20 May 2026 00:26:49 +0000 Subject: [PATCH 06/16] chore(deps-dev): bump pyjwt from 2.9.0 to 2.12.0 Bumps [pyjwt](https://github.com/jpadilla/pyjwt) from 2.9.0 to 2.12.0. - [Release notes](https://github.com/jpadilla/pyjwt/releases) - [Changelog](https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst) - [Commits](https://github.com/jpadilla/pyjwt/compare/2.9.0...2.12.0) --- updated-dependencies: - dependency-name: pyjwt dependency-version: 2.12.0 dependency-type: direct:development ... Signed-off-by: dependabot[bot] --- requirements-dev.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-dev.txt b/requirements-dev.txt index d2fba17d..7c5d1293 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -72,7 +72,7 @@ portalocker==2.10.1 ; python_version >= '3.5' and platform_system == 'Windows' pycparser==2.23 -pyjwt[crypto]==2.9.0 ; python_version >= '3.7' +pyjwt[crypto]==2.12.0 ; python_version >= '3.7' pylint==3.3.8 From 843cbee3ecf08be1de89599f5b302a567d553e5b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 20 May 2026 00:26:50 +0000 Subject: [PATCH 07/16] chore(deps-dev): bump requests from 2.32.5 to 2.33.0 Bumps [requests](https://github.com/psf/requests) from 2.32.5 to 2.33.0. - [Release notes](https://github.com/psf/requests/releases) - [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md) - [Commits](https://github.com/psf/requests/compare/v2.32.5...v2.33.0) --- updated-dependencies: - dependency-name: requests dependency-version: 2.33.0 dependency-type: direct:development ... Signed-off-by: dependabot[bot] --- requirements-dev.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-dev.txt b/requirements-dev.txt index d2fba17d..3ff0755d 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -92,7 +92,7 @@ pytest-asyncio==1.3.0 pywin32==311 ; platform_system == 'Windows' -requests==2.32.5 ; python_version >= '3.7' +requests==2.33.0 ; python_version >= '3.7' setuptools==80.9.0 From beaea94754c3780fc55564b72e0b72c59ed2b859 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 20 May 2026 00:26:51 +0000 Subject: [PATCH 08/16] chore(deps-dev): bump iniconfig from 2.1.0 to 2.3.0 Bumps [iniconfig](https://github.com/pytest-dev/iniconfig) from 2.1.0 to 2.3.0. - [Release notes](https://github.com/pytest-dev/iniconfig/releases) - [Changelog](https://github.com/pytest-dev/iniconfig/blob/main/CHANGELOG) - [Commits](https://github.com/pytest-dev/iniconfig/compare/v2.1.0...v2.3.0) --- updated-dependencies: - dependency-name: iniconfig dependency-version: 2.3.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- requirements-dev.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-dev.txt b/requirements-dev.txt index d2fba17d..ecd584a6 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -36,7 +36,7 @@ idna==3.10 ; python_version >= '3.5' importlib-metadata==7.1.0 ; python_version >= '3.7' -iniconfig==2.1.0 ; python_version >= '3.7' +iniconfig==2.3.0 ; python_version >= '3.7' isort==6.0.1 From 14f003b5396a934ab6e740db489215db27381391 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 20 May 2026 00:26:52 +0000 Subject: [PATCH 09/16] chore(deps-dev): bump msal from 1.33.0 to 1.36.0 Bumps [msal](https://github.com/AzureAD/microsoft-authentication-library-for-python) from 1.33.0 to 1.36.0. - [Release notes](https://github.com/AzureAD/microsoft-authentication-library-for-python/releases) - [Changelog](https://github.com/AzureAD/microsoft-authentication-library-for-python/blob/dev/RELEASES.md) - [Commits](https://github.com/AzureAD/microsoft-authentication-library-for-python/compare/1.33.0...1.36.0) --- updated-dependencies: - dependency-name: msal dependency-version: 1.36.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- requirements-dev.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-dev.txt b/requirements-dev.txt index d2fba17d..5c86ad1b 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -50,7 +50,7 @@ mccabe==0.7.0 ; python_version >= '3.6' mock==5.2.0 ; python_version >= '3.6' -msal==1.33.0 +msal==1.36.0 msal-extensions==1.3.1 From 0269859ec3c57c8ae19a58fb8a5789772ff63a8c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 20 May 2026 00:26:52 +0000 Subject: [PATCH 10/16] chore(deps-dev): bump types-python-dateutil Bumps [types-python-dateutil](https://github.com/python/typeshed) from 2.9.0.20250822 to 2.9.0.20260518. - [Commits](https://github.com/python/typeshed/commits) --- updated-dependencies: - dependency-name: types-python-dateutil dependency-version: 2.9.0.20260518 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- requirements-dev.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-dev.txt b/requirements-dev.txt index d2fba17d..4eb92ad2 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -110,7 +110,7 @@ tomlkit==0.13.3 ; python_version >= '3.7' trio==0.31.0 -types-python-dateutil==2.9.0.20250822 +types-python-dateutil==2.9.0.20260518 types-requests==2.32.4.20250809; python_version >= '3.7' urllib3==2.7.0 ; python_version >= '3.7' From c12a7e9f137a021baf3134210ca0cc9bcd8dfed0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 20 May 2026 00:26:52 +0000 Subject: [PATCH 11/16] chore(deps-dev): bump frozenlist from 1.7.0 to 1.8.0 Bumps [frozenlist](https://github.com/aio-libs/frozenlist) from 1.7.0 to 1.8.0. - [Release notes](https://github.com/aio-libs/frozenlist/releases) - [Changelog](https://github.com/aio-libs/frozenlist/blob/master/CHANGES.rst) - [Commits](https://github.com/aio-libs/frozenlist/compare/v1.7.0...v1.8.0) --- updated-dependencies: - dependency-name: frozenlist dependency-version: 1.8.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- requirements-dev.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-dev.txt b/requirements-dev.txt index d2fba17d..1acd22b8 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -131,7 +131,7 @@ anyio==4.10.0 ; python_version >= '3.7' async-timeout==5.0.1 ; python_version >= '3.6' -frozenlist==1.7.0 ; python_version >= '3.7' +frozenlist==1.8.0 ; python_version >= '3.7' h11==0.16.0 ; python_version >= '3.7' From fa12d60eba5fe6a42db5774a5080b70395949aa6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 20 May 2026 00:26:54 +0000 Subject: [PATCH 12/16] chore(deps-dev): bump types-deprecated Bumps [types-deprecated](https://github.com/python/typeshed) from 1.2.15.20250304 to 1.3.1.20260519. - [Commits](https://github.com/python/typeshed/commits) --- updated-dependencies: - dependency-name: types-deprecated dependency-version: 1.3.1.20260519 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- requirements-dev.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-dev.txt b/requirements-dev.txt index d2fba17d..56cc6583 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -161,4 +161,4 @@ yarl==1.20.1 ; python_version >= '3.7' deprecated==1.2.18 -types-Deprecated==1.2.15.20250304 +types-Deprecated==1.3.1.20260519 From 3a51b9124178d63e103e3bef68e1b16d09b2816a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 20 May 2026 00:26:55 +0000 Subject: [PATCH 13/16] chore(deps-dev): bump zipp from 3.23.0 to 4.1.0 Bumps [zipp](https://github.com/jaraco/zipp) from 3.23.0 to 4.1.0. - [Release notes](https://github.com/jaraco/zipp/releases) - [Changelog](https://github.com/jaraco/zipp/blob/main/NEWS.rst) - [Commits](https://github.com/jaraco/zipp/compare/v3.23.0...v4.1.0) --- updated-dependencies: - dependency-name: zipp dependency-version: 4.1.0 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- requirements-dev.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-dev.txt b/requirements-dev.txt index d2fba17d..d7929bd6 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -121,7 +121,7 @@ wrapt==1.17.3 ; python_version < '3.11' yapf==0.43.0 -zipp==3.23.0 ; python_version >= '3.7' +zipp==4.1.0 ; python_version >= '3.7' aiohttp==3.13.4 ; python_version >= '3.6' From 0cb858d7d2dc438216cbee808be98a553c3008d0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 20 May 2026 00:27:02 +0000 Subject: [PATCH 14/16] chore(deps-dev): bump aiohttp from 3.13.4 to 3.13.5 --- updated-dependencies: - dependency-name: aiohttp dependency-version: 3.13.5 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- requirements-dev.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-dev.txt b/requirements-dev.txt index d2fba17d..7ec8c580 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -123,7 +123,7 @@ yapf==0.43.0 zipp==3.23.0 ; python_version >= '3.7' -aiohttp==3.13.4 ; python_version >= '3.6' +aiohttp==3.13.5 ; python_version >= '3.6' aiosignal==1.4.0 ; python_version >= '3.7' From 07b19b0b73dd7fbf04a37e8a354a984b7549b4ff Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 20 May 2026 00:27:03 +0000 Subject: [PATCH 15/16] chore(deps-dev): bump pylint in the pylint group across 1 directory Bumps the pylint group with 1 update in the / directory: [pylint](https://github.com/pylint-dev/pylint). Updates `pylint` from 3.3.8 to 4.0.5 - [Release notes](https://github.com/pylint-dev/pylint/releases) - [Commits](https://github.com/pylint-dev/pylint/compare/v3.3.8...v4.0.5) --- updated-dependencies: - dependency-name: pylint dependency-version: 4.0.5 dependency-type: direct:development update-type: version-update:semver-major dependency-group: pylint ... Signed-off-by: dependabot[bot] --- requirements-dev.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-dev.txt b/requirements-dev.txt index d2fba17d..b51b8da9 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -74,7 +74,7 @@ pycparser==2.23 pyjwt[crypto]==2.9.0 ; python_version >= '3.7' -pylint==3.3.8 +pylint==4.0.5 pyproject-hooks==1.2.0 ; python_version >= '3.7' From 523d70a6e527f5b91acc5fd4ba67119fe06bf325 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 20 May 2026 00:27:11 +0000 Subject: [PATCH 16/16] chore(deps-dev): bump yarl from 1.20.1 to 1.24.2 Bumps [yarl](https://github.com/aio-libs/yarl) from 1.20.1 to 1.24.2. - [Release notes](https://github.com/aio-libs/yarl/releases) - [Changelog](https://github.com/aio-libs/yarl/blob/master/CHANGES.rst) - [Commits](https://github.com/aio-libs/yarl/compare/v1.20.1...v1.24.2) --- updated-dependencies: - dependency-name: yarl dependency-version: 1.23.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- requirements-dev.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-dev.txt b/requirements-dev.txt index d2fba17d..8b6aee39 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -157,7 +157,7 @@ multidict==6.6.4 ; python_version >= '3.7' uritemplate==4.2.0 ; python_version >= '3.6' -yarl==1.20.1 ; python_version >= '3.7' +yarl==1.24.2 ; python_version >= '3.7' deprecated==1.2.18