Skip to content

chore(deps): bump the all-dependencies group across 1 directory with 7 updates#179

Merged
mehmetcanay merged 1 commit intomainfrom
dependabot/uv/all-dependencies-c1318d3023
Feb 3, 2026
Merged

chore(deps): bump the all-dependencies group across 1 directory with 7 updates#179
mehmetcanay merged 1 commit intomainfrom
dependabot/uv/all-dependencies-c1318d3023

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 2, 2026

Bumps the all-dependencies group with 7 updates in the / directory:

Package From To
openai 2.15.0 2.16.0
plotly 6.5.1 6.5.2
sentence-transformers 5.2.0 5.2.2
wheel 0.45.1 0.46.3
sqlalchemy 2.0.45 2.0.46
cachetools 6.2.4 7.0.0
torch 2.9.1 2.10.0

Updates openai from 2.15.0 to 2.16.0

Release notes

Sourced from openai's releases.

v2.16.0

2.16.0 (2026-01-27)

Full Changelog: v2.15.0...v2.16.0

Features

  • api: api update (b97f9f2)
  • api: api updates (9debcc0)
  • client: add support for binary request streaming (49561d8)

Bug Fixes

  • api: mark assistants as deprecated (0419cbc)

Chores

  • ci: upgrade actions/github-script (5139f13)
  • internal: update actions/checkout version (f276714)

Documentation

  • examples: update Azure Realtime sample to use v1 API (#2829) (3b31981)
Changelog

Sourced from openai's changelog.

2.16.0 (2026-01-27)

Full Changelog: v2.15.0...v2.16.0

Features

  • api: api update (b97f9f2)
  • api: api updates (9debcc0)
  • client: add support for binary request streaming (49561d8)

Bug Fixes

  • api: mark assistants as deprecated (0419cbc)

Chores

  • ci: upgrade actions/github-script (5139f13)
  • internal: update actions/checkout version (f276714)

Documentation

  • examples: update Azure Realtime sample to use v1 API (#2829) (3b31981)
Commits

Updates plotly from 6.5.1 to 6.5.2

Release notes

Sourced from plotly's releases.

v6.5.2

Fixed

  • Fix issue where pie trace legend, showlegend attributes don't accept array values [#5464 and #5465], with thanks to @​my-tien for the contribution!
Changelog

Sourced from plotly's changelog.

[6.5.2] - 2026-01-14

Fixed

  • Fix issue where pie trace legend, showlegend attributes don't accept array values [#5464 and #5465], with thanks to @​my-tien for the contribution!
Commits
  • 36d8bf8 Version changes for v6.5.2
  • 1f45fa5 Merge pull request #5467 from plotly/cam/update-graph-objs
  • 7f57ccb fix: Update graph_objs per recent bug fixes
  • 3293f4d Merge pull request #5466 from plotly/merge-doc-prod-to-main
  • 61c9f6f Merge branch 'main' into merge-doc-prod-to-main
  • dad2520 Merge pull request #5465 from my-tien/legend-arrayok
  • b587428 Merge branch 'main' into legend-arrayok
  • 5a0440c Merge pull request #5464 from plotly/cam/5463/handle-arrays-booleanvalidator
  • fff298c Simplify test
  • cef18a9 Separate test for coercion of geo1 to geo and legend1 to legend
  • Additional commits viewable in compare view

Updates sentence-transformers from 5.2.0 to 5.2.2

Release notes

Sourced from sentence-transformers's releases.

v5.2.2 - Replace mandatory requests dependency with optional httpx dependency

This patch release replaces mandatory requests dependency with an optional httpx dependency.

Install this version with

# Training + Inference
pip install sentence-transformers[train]==5.2.2
Inference only, use one of:
pip install sentence-transformers==5.2.2
pip install sentence-transformers[onnx-gpu]==5.2.2
pip install sentence-transformers[onnx]==5.2.2
pip install sentence-transformers[openvino]==5.2.2

Transformers v5 Support

Transformers v5.0 and its required huggingface_hub versions have dropped support of requests in favor of httpx. The former was also used in sentence-transformers, but not listed explicitly as a dependency. This patch removes the use of requests in favor of httpx, although it's now optional and not automatically imported. This should also save some import time.

Importing Sentence Transformers should now not crash if requests is not installed.

All Changes

Full Changelog: huggingface/sentence-transformers@v5.2.1...v5.2.2

v5.2.1 - Joint Transformers v4 and v5 compatibility

This patch release adds support for the full Transformers v5 release.

Install this version with

# Training + Inference
pip install sentence-transformers[train]==5.2.1
Inference only, use one of:
pip install sentence-transformers==5.2.1
pip install sentence-transformers[onnx-gpu]==5.2.1
pip install sentence-transformers[onnx]==5.2.1
pip install sentence-transformers[openvino]==5.2.1

Transformers v5 Support

Sentence Transformers v5.2.0 already introduced support for the Transformers v5.0 release candidates, but this release is adding support for the full release. The intention is to maintain backward compatibility with v4.x. The library includes dual CI testing for both version for now, allowing users to upgrade to the newest Transformers features when ready. In future versions, Sentence Transformers may start requiring Transformers v5.0 or higher.

All Changes

... (truncated)

Commits
  • f7f7506 Release v5.2.2
  • c78ecf3 [deps] Replace requests dependency with optional httpx dependency (#3618)
  • 18ec0d6 Release v5.2.1
  • 9db10fe [compat] Expand test suite to full transformers v5 (#3615)
  • a1ed1ef Specify numpy manually in dependencies, as it's directly used/imported (#3608)
  • 08cada0 docs: fix typo in custom models: reemain -> remain (#3596)
  • 2366203 Introduce compatibility with transformers 5.0.0rc01 (#3597)
  • 631b085 Merge branch 'main' into v5.2-release
  • 0277f4b Turn mine_hard_negatives into a clickable link in index.rst (#3593)
  • See full diff in compare view

Updates wheel from 0.45.1 to 0.46.3

Release notes

Sourced from wheel's releases.

0.46.3

  • Fixed ImportError: cannot import name '_setuptools_logging' from 'wheel' when installed alongside an old version of setuptools and running the bdist_wheel command (#676)

0.46.2

  • Restored the bdist_wheel command for compatibility with setuptools older than v70.1
  • Importing wheel.bdist_wheel now emits a FutureWarning instead of a DeprecationWarning
  • Fixed wheel unpack potentially altering the permissions of files outside of the destination tree with maliciously crafted wheels (CVE-2026-24049)

0.46.1

  • Temporarily restored the wheel.macosx_libfile module (#659)

0.46.0

  • Dropped support for Python 3.8
  • Removed the bdist_wheel setuptools command implementation and entry point. The wheel.bdist_wheel module is now just an alias to setuptools.command.bdist_wheel, emitting a deprecation warning on import.
  • Removed vendored packaging in favor of a run-time dependency on it
  • Made the wheel.metadata module private (with a deprecation warning if it's imported
  • Made the wheel.cli package private (no deprecation warning)
  • Fixed an exception when calling the convert command with an empty description field
Changelog

Sourced from wheel's changelog.

Release Notes

0.46.3 (2026-01-22)

  • Fixed ImportError: cannot import name '_setuptools_logging' from 'wheel' when installed alongside an old version of setuptools and running the bdist_wheel command ([#676](https://github.com/pypa/wheel/issues/676) <https://github.com/pypa/wheel/issues/676>_)

0.46.2 (2026-01-22)

  • Restored the bdist_wheel command for compatibility with setuptools older than v70.1
  • Importing wheel.bdist_wheel now emits a FutureWarning instead of a DeprecationWarning
  • Fixed wheel unpack potentially altering the permissions of files outside of the destination tree with maliciously crafted wheels (CVE-2026-24049)

0.46.1 (2025-04-08)

  • Temporarily restored the wheel.macosx_libfile module ([#659](https://github.com/pypa/wheel/issues/659) <https://github.com/pypa/wheel/issues/659>_)

0.46.0 (2025-04-03)

  • Dropped support for Python 3.8
  • Removed the bdist_wheel setuptools command implementation and entry point. The wheel.bdist_wheel module is now just an alias to setuptools.command.bdist_wheel, emitting a deprecation warning on import.
  • Removed vendored packaging in favor of a run-time dependency on it
  • Made the wheel.metadata module private (with a deprecation warning if it's imported
  • Made the wheel.cli package private (no deprecation warning)
  • Fixed an exception when calling the convert command with an empty description field

0.45.1 (2024-11-23)

  • Fixed pure Python wheels converted from eggs and wininst files having the ABI tag in the file name

0.45.0 (2024-11-08)

  • Refactored the convert command to not need setuptools to be installed

  • Don't configure setuptools logging unless running bdist_wheel

  • Added a redirection from wheel.bdist_wheel.bdist_wheel to setuptools.command.bdist_wheel.bdist_wheel to improve compatibility with setuptools' latest fixes.

    Projects are still advised to migrate away from the deprecated module and import

... (truncated)

Commits
  • 8b6fa74 Created a new release
  • 7445fb5 Fixed an import of a removed module
  • eba4036 Updated the version number for v0.46.2
  • 557fb54 Created a new release
  • 7a7d2de Fixed security issue around wheel unpack (#675)
  • 41418fa Fixed test failures due to metadata normalization changes
  • c1d442b [pre-commit.ci] pre-commit autoupdate (#674)
  • 0bac882 Update github actions environments (#673)
  • be9f45b [pre-commit.ci] pre-commit autoupdate (#667)
  • 6244f08 Update pre-commit ruff legacy alias (#668)
  • Additional commits viewable in compare view

Updates sqlalchemy from 2.0.45 to 2.0.46

Release notes

Sourced from sqlalchemy's releases.

2.0.46

Released: January 21, 2026

typing

  • [typing] [bug] Fixed typing issues where ORM mapped classes and aliased entities could not be used as keys in result row mappings or as join targets in select statements. Patterns such as row._mapping[User], row._mapping[aliased(User)], row._mapping[with_polymorphic(...)] (rejected by both mypy and Pylance), and .join(aliased(User)) (rejected by Pylance) are documented and fully supported at runtime but were previously rejected by type checkers. The type definitions for _KeyType and _FromClauseArgument have been updated to accept these ORM entity types.

    References: #13075

postgresql

  • [postgresql] [bug] Fixed issue where PostgreSQL JSONB operators _postgresql.JSONB.Comparator.path_match() and _postgresql.JSONB.Comparator.path_exists() were applying incorrect VARCHAR casts to the right-hand side operand when used with newer PostgreSQL drivers such as psycopg. The operators now indicate the right-hand type as JSONPATH, which currently results in no casting taking place, but is also compatible with explicit casts if the implementation were require it at a later point.

    References: #13059

  • [postgresql] [bug] Fixed regression in PostgreSQL dialect where JSONB subscription syntax would generate incorrect SQL for cast() expressions returning JSONB, causing syntax errors. The dialect now properly wraps cast expressions in parentheses when using the [] subscription syntax, generating (CAST(...))[index] instead of CAST(...)[index] to comply with PostgreSQL syntax requirements. This extends the fix from #12778 which addressed the same issue for function calls.

    References: #13067

  • [postgresql] [bug] Improved the foreign key reflection regular expression pattern used by the PostgreSQL dialect to be more permissive in matching identifier characters, allowing it to correctly handle unicode characters in table and column names. This change improves compatibility with PostgreSQL variants such as CockroachDB that may use different quoting patterns in combination with unicode characters in their identifiers. Pull request courtesy Gord Thompson.

... (truncated)

Commits

Updates cachetools from 6.2.4 to 7.0.0

Changelog

Sourced from cachetools's changelog.

v7.0.0 (2026-02-01)

  • Require Python 3.10 or later (breaking change).

  • Drop support for passing info as fourth positional parameter to @cached (breaking change).

  • Drop support for cache(self) returning None with @cachedmethod (breaking change).

  • Convert the @cachedmethod wrappers to descriptors, deprecating its use with class methods and instances that do not provide a mutable __dict__ attribute (potentially breaking change).

  • Convert the previously undocumented @cachedmethod attributes (cache, cache_lock, etc.) to properties for instance methods, providing official support and documentation (potentially breaking change).

  • Add an optional info parameter to the @cachedmethod decorator for reporting per-instance cache statistics. Note that this requires the instance's __dict__ attribute to be a mutable mapping.

v6.2.6 (2026-01-27)

  • Improve typedkey performance.

  • Minor documentation improvements.

  • Minor testing improvements.

  • Minor code readability improvements.

v6.2.5 (2026-01-25)

  • Improve documentation regarding @cachedmethod with lock parameter.

  • Add test cases for cache stampede scenarios.

  • Update CI environment.

Commits

Updates torch from 2.9.1 to 2.10.0

Release notes

Sourced from torch's releases.

PyTorch 2.10.0 Release Notes

Highlights

For more details about these highlighted features, you can look at the release blogpost. Below are the full release notes for this release.

Backwards Incompatible Changes

Dataloader Frontend

  • Removed unused data_source argument from Sampler (#163134). This is a no-op, unless you have a custom sampler that uses this argument. Please update your custom sampler accordingly.
  • Removed deprecated imports for torch.utils.data.datapipes.iter.grouping (#163438). from torch.utils.data.datapipes.iter.grouping import SHARDING_PRIORITIES, ShardingFilterIterDataPipe is no longer supported. Please import from torch.utils.data.datapipes.iter.sharding instead.

torch.nn

  • Remove Nested Jagged Tensor support from nn.attention.flex_attention (#161734)

... (truncated)

Commits
  • 449b176 Add Joe Spisak to Core maintainers list (#172585)
  • f6e6c0a [Graph Partition] Improve support for mutation ops (#172577)
  • 99cb424 Revert "[CI] Add IoU-based accuracy checking for inductor tests segmentation ...
  • 1f74c10 [CI] Add IoU-based accuracy checking for inductor tests segmentation models (...
  • e43b5bf Bump fbgemm and torchrec pinned commit (#172179)
  • 2c9af43 Skip modded_nanogpt model in TorchInductor benchmark (#172141)
  • 0e2459f A few weights_only unpickler fixes (#172105)
  • a266b60 Touch __init__.py in vendored_templates for CuTeDSL Grouped MM template (...
  • f3b5d8b [MPS] Remove error-checking sync point from MaxUnpool (#172111)
  • 3a5fb54 Fix MPS mul performance regression (#172106)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the all-dependencies group across 1 directory with …
79eddc7 
…7 updates

Bumps the all-dependencies group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [openai](https://github.com/openai/openai-python) | `2.15.0` | `2.16.0` |
| [plotly](https://github.com/plotly/plotly.py) | `6.5.1` | `6.5.2` |
| [sentence-transformers](https://github.com/huggingface/sentence-transformers) | `5.2.0` | `5.2.2` |
| [wheel](https://github.com/pypa/wheel) | `0.45.1` | `0.46.3` |
| [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) | `2.0.45` | `2.0.46` |
| [cachetools](https://github.com/tkem/cachetools) | `6.2.4` | `7.0.0` |
| [torch](https://github.com/pytorch/pytorch) | `2.9.1` | `2.10.0` |



Updates `openai` from 2.15.0 to 2.16.0
- [Release notes](https://github.com/openai/openai-python/releases)
- [Changelog](https://github.com/openai/openai-python/blob/main/CHANGELOG.md)
- [Commits](openai/openai-python@v2.15.0...v2.16.0)

Updates `plotly` from 6.5.1 to 6.5.2
- [Release notes](https://github.com/plotly/plotly.py/releases)
- [Changelog](https://github.com/plotly/plotly.py/blob/main/CHANGELOG.md)
- [Commits](plotly/plotly.py@v6.5.1...v6.5.2)

Updates `sentence-transformers` from 5.2.0 to 5.2.2
- [Release notes](https://github.com/huggingface/sentence-transformers/releases)
- [Commits](huggingface/sentence-transformers@v5.2.0...v5.2.2)

Updates `wheel` from 0.45.1 to 0.46.3
- [Release notes](https://github.com/pypa/wheel/releases)
- [Changelog](https://github.com/pypa/wheel/blob/main/docs/news.rst)
- [Commits](pypa/wheel@0.45.1...0.46.3)

Updates `sqlalchemy` from 2.0.45 to 2.0.46
- [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases)
- [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst)
- [Commits](https://github.com/sqlalchemy/sqlalchemy/commits)

Updates `cachetools` from 6.2.4 to 7.0.0
- [Changelog](https://github.com/tkem/cachetools/blob/master/CHANGELOG.rst)
- [Commits](tkem/cachetools@v6.2.4...v7.0.0)

Updates `torch` from 2.9.1 to 2.10.0
- [Release notes](https://github.com/pytorch/pytorch/releases)
- [Changelog](https://github.com/pytorch/pytorch/blob/main/RELEASE.md)
- [Commits](pytorch/pytorch@v2.9.1...v2.10.0)

---
updated-dependencies:
- dependency-name: openai
  dependency-version: 2.16.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: plotly
  dependency-version: 6.5.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: sentence-transformers
  dependency-version: 5.2.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: wheel
  dependency-version: 0.46.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: sqlalchemy
  dependency-version: 2.0.46
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: cachetools
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all-dependencies
- dependency-name: torch
  dependency-version: 2.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Feb 2, 2026
@mehmetcanay mehmetcanay merged commit d8a9552 into main Feb 3, 2026
7 checks passed
@mehmetcanay mehmetcanay deleted the dependabot/uv/all-dependencies-c1318d3023 branch February 3, 2026 18:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@mehmetcanay