Skip to content

deps(pip): bump the pip-patch-minor group across 1 directory with 27 updates#184

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/pip-patch-minor-4ba5c42656
Closed

deps(pip): bump the pip-patch-minor group across 1 directory with 27 updates#184
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/pip-patch-minor-4ba5c42656

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 27, 2026
edited
Loading

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
deps(pip): bump the pip-patch-minor group across 1 directory with 27 …
9a5a862 
…updates

---
updated-dependencies:
- dependency-name: jsonschema
  dependency-version: 4.26.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-patch-minor
- dependency-name: aiohttp
  dependency-version: 3.13.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-patch-minor
- dependency-name: anthropic
  dependency-version: 0.97.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-patch-minor
- dependency-name: certifi
  dependency-version: 2026.4.22
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-patch-minor
- dependency-name: click
  dependency-version: 8.3.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-patch-minor
- dependency-name: docstring-parser
  dependency-version: 0.18.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-patch-minor
- dependency-name: fastapi
  dependency-version: 0.136.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-patch-minor
- dependency-name: filelock
  dependency-version: 3.29.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-patch-minor
- dependency-name: huggingface-hub
  dependency-version: 1.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-patch-minor
- dependency-name: idna
  dependency-version: '3.13'
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-patch-minor
- dependency-name: jiter
  dependency-version: 0.14.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-patch-minor
- dependency-name: magika
  dependency-version: 1.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-patch-minor
- dependency-name: mpmath
  dependency-version: 1.4.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-patch-minor
- dependency-name: onnxruntime
  dependency-version: 1.24.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-patch-minor
- dependency-name: openai
  dependency-version: 2.32.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-patch-minor
- dependency-name: packaging
  dependency-version: '26.2'
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-patch-minor
- dependency-name: platformdirs
  dependency-version: 4.9.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-patch-minor
- dependency-name: pydantic
  dependency-version: 2.13.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-patch-minor
- dependency-name: pydantic-core
  dependency-version: 2.46.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-patch-minor
- dependency-name: pydantic-settings
  dependency-version: 2.14.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-patch-minor
- dependency-name: python-multipart
  dependency-version: 0.0.27
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-patch-minor
- dependency-name: sse-starlette
  dependency-version: 3.4.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-patch-minor
- dependency-name: tabulate
  dependency-version: 0.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-patch-minor
- dependency-name: typer
  dependency-version: 0.25.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-patch-minor
- dependency-name: uvicorn
  dependency-version: 0.46.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-patch-minor
- dependency-name: yara-x
  dependency-version: 1.15.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-patch-minor
- dependency-name: zipp
  dependency-version: 3.23.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-patch-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Apr 27, 2026
@chatgpt-codex-connector
Copy link
Copy Markdown

chatgpt-codex-connector Bot commented Apr 27, 2026

Codex usage limits have been reached for code reviews. Please check with the admins of this repo to increase the limits by adding credits.
Repo admins can enable using credits for code reviews in their settings.

kilo-code-bot[bot]
kilo-code-bot Bot reviewed Apr 27, 2026
View reviewed changes
Copy link
Copy Markdown

@kilo-code-bot kilo-code-bot Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review Summary

Status: 2 Issues Found | Recommendation: Address before merge

Overview

Severity Count
CRITICAL 1
WARNING 1
SUGGESTION 0
Issue Details (click to expand)

CRITICAL

File Line Issue
pyproject.toml 54-60 UV override-dependencies pinning older versions conflicts with updated dependency versions in docker-requirements.txt

WARNING

File Line Issue
docker-requirements.txt 9-11 Anthropic version jumped from 0.76.0 to 0.97.0 (significant pre-1.0 change)
Other Observations (not in diff)
File Line Issue
docker-requirements.txt 4-127 Hash verification properly maintained for all updated packages (positive)
pyproject.toml 42 dev dependency jsonschema updated to 4.26.0 (matches uv override intent)
docker-requirements.txt 10-12 FastAPI update 0.128.0 → 0.136.1 may need compatibility verification
docker-requirements.txt 10-12 ONNX Runtime update 1.20.1 → 1.24.3 - verify model compatibility
Files Reviewed (2 files)
  • docker-requirements.txt - Multiple dependency version updates with proper hash verification
  • pyproject.toml - One dev dependency update, but UV overrides require urgent attention

Fix Link: Fix these issues in Kilo Cloud

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 1, 2026

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this May 1, 2026
@dependabot dependabot Bot deleted the dependabot/pip/pip-patch-minor-4ba5c42656 branch May 1, 2026 17:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kilo-code-bot kilo-code-bot[bot] kilo-code-bot[bot] left review comments

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants