Bump the pip group across 5 directories with 3 updates#2090
Merged
tsmathis merged 1 commit intoJun 29, 2026
Merged
Conversation
Bumps the pip group with 1 update in the /mpcontribs-api/requirements directory: [tornado](https://github.com/tornadoweb/tornado). Bumps the pip group with 2 updates in the /mpcontribs-kernel-gateway/requirements directory: [tornado](https://github.com/tornadoweb/tornado) and [ujson](https://github.com/ultrajson/ultrajson). Bumps the pip group with 1 update in the /mpcontribs-lux directory: [pyarrow](https://github.com/apache/arrow). Bumps the pip group with 1 update in the /mpcontribs-lux/requirements directory: [pyarrow](https://github.com/apache/arrow). Bumps the pip group with 1 update in the /mpcontribs-portal/requirements directory: [tornado](https://github.com/tornadoweb/tornado). Updates `tornado` from 6.5.5 to 6.5.7 - [Changelog](https://github.com/tornadoweb/tornado/blob/master/docs/releases.rst) - [Commits](tornadoweb/tornado@v6.5.5...v6.5.7) Updates `tornado` from 6.5.5 to 6.5.7 - [Changelog](https://github.com/tornadoweb/tornado/blob/master/docs/releases.rst) - [Commits](tornadoweb/tornado@v6.5.5...v6.5.7) Updates `tornado` from 6.5.5 to 6.5.7 - [Changelog](https://github.com/tornadoweb/tornado/blob/master/docs/releases.rst) - [Commits](tornadoweb/tornado@v6.5.5...v6.5.7) Updates `tornado` from 6.5.5 to 6.5.7 - [Changelog](https://github.com/tornadoweb/tornado/blob/master/docs/releases.rst) - [Commits](tornadoweb/tornado@v6.5.5...v6.5.7) Updates `tornado` from 6.5.5 to 6.5.7 - [Changelog](https://github.com/tornadoweb/tornado/blob/master/docs/releases.rst) - [Commits](tornadoweb/tornado@v6.5.5...v6.5.7) Updates `ujson` from 5.12.1 to 5.13.0 - [Release notes](https://github.com/ultrajson/ultrajson/releases) - [Commits](ultrajson/ultrajson@5.12.1...5.13.0) Updates `tornado` from 6.5.5 to 6.5.7 - [Changelog](https://github.com/tornadoweb/tornado/blob/master/docs/releases.rst) - [Commits](tornadoweb/tornado@v6.5.5...v6.5.7) Updates `ujson` from 5.12.1 to 5.13.0 - [Release notes](https://github.com/ultrajson/ultrajson/releases) - [Commits](ultrajson/ultrajson@5.12.1...5.13.0) Updates `ujson` from 5.12.1 to 5.13.0 - [Release notes](https://github.com/ultrajson/ultrajson/releases) - [Commits](ultrajson/ultrajson@5.12.1...5.13.0) Updates `pyarrow` from 22.0.0 to 23.0.1 - [Release notes](https://github.com/apache/arrow/releases) - [Commits](apache/arrow@apache-arrow-22.0.0...apache-arrow-23.0.1) Updates `pyarrow` from 22.0.0 to 23.0.1 - [Release notes](https://github.com/apache/arrow/releases) - [Commits](apache/arrow@apache-arrow-22.0.0...apache-arrow-23.0.1) Updates `pyarrow` from 22.0.0 to 23.0.1 - [Release notes](https://github.com/apache/arrow/releases) - [Commits](apache/arrow@apache-arrow-22.0.0...apache-arrow-23.0.1) Updates `pyarrow` from 22.0.0 to 23.0.1 - [Release notes](https://github.com/apache/arrow/releases) - [Commits](apache/arrow@apache-arrow-22.0.0...apache-arrow-23.0.1) Updates `tornado` from 6.5.5 to 6.5.7 - [Changelog](https://github.com/tornadoweb/tornado/blob/master/docs/releases.rst) - [Commits](tornadoweb/tornado@v6.5.5...v6.5.7) Updates `tornado` from 6.5.5 to 6.5.7 - [Changelog](https://github.com/tornadoweb/tornado/blob/master/docs/releases.rst) - [Commits](tornadoweb/tornado@v6.5.5...v6.5.7) Updates `tornado` from 6.5.5 to 6.5.7 - [Changelog](https://github.com/tornadoweb/tornado/blob/master/docs/releases.rst) - [Commits](tornadoweb/tornado@v6.5.5...v6.5.7) --- updated-dependencies: - dependency-name: tornado dependency-version: 6.5.7 dependency-type: direct:production dependency-group: pip - dependency-name: tornado dependency-version: 6.5.7 dependency-type: direct:production dependency-group: pip - dependency-name: tornado dependency-version: 6.5.7 dependency-type: direct:production dependency-group: pip - dependency-name: tornado dependency-version: 6.5.7 dependency-type: direct:production dependency-group: pip - dependency-name: tornado dependency-version: 6.5.7 dependency-type: direct:production dependency-group: pip - dependency-name: ujson dependency-version: 5.13.0 dependency-type: direct:production dependency-group: pip - dependency-name: tornado dependency-version: 6.5.7 dependency-type: direct:production dependency-group: pip - dependency-name: ujson dependency-version: 5.13.0 dependency-type: direct:production dependency-group: pip - dependency-name: ujson dependency-version: 5.13.0 dependency-type: direct:production dependency-group: pip - dependency-name: pyarrow dependency-version: 23.0.1 dependency-type: direct:production dependency-group: pip - dependency-name: pyarrow dependency-version: 23.0.1 dependency-type: direct:production dependency-group: pip - dependency-name: pyarrow dependency-version: 23.0.1 dependency-type: direct:production dependency-group: pip - dependency-name: pyarrow dependency-version: 23.0.1 dependency-type: direct:production dependency-group: pip - dependency-name: tornado dependency-version: 6.5.7 dependency-type: direct:production dependency-group: pip - dependency-name: tornado dependency-version: 6.5.7 dependency-type: direct:production dependency-group: pip - dependency-name: tornado dependency-version: 6.5.7 dependency-type: direct:production dependency-group: pip ... Signed-off-by: dependabot[bot] <support@github.com>
de5ebd7 to
c0117e2
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Rebasing might not happen immediately, so don't worry if this takes some time.
Note: if you make any changes to this PR yourself, they will take precedence over the rebase.
Bumps the pip group with 1 update in the /mpcontribs-api/requirements directory: tornado.
Bumps the pip group with 2 updates in the /mpcontribs-kernel-gateway/requirements directory: tornado and ujson.
Bumps the pip group with 1 update in the /mpcontribs-lux directory: pyarrow.
Bumps the pip group with 1 update in the /mpcontribs-lux/requirements directory: pyarrow.
Bumps the pip group with 1 update in the /mpcontribs-portal/requirements directory: tornado.
Updates
tornadofrom 6.5.5 to 6.5.7Changelog
Sourced from tornado's changelog.
... (truncated)
Commits
48fc2d4Merge pull request #3633 from bdarnell/curl-reset-654ae1dddRelease notes and version bump for 6.5.73154caacurl_httpclient: Reset the curl object before putting it on the freelist7d869c0Merge pull request #3631 from bdarnell/cve-links288241fdocs: Use the correct link syntax8da981cdocs: Add CVE links to 6.5.6 release notesaba2569Merge pull request #3626 from bdarnell/fixes-656a24b260httpclient_test: Accept an additional error message varianta74240aRelease notes and version bump for 6.5.6.e8fc7edsimple_httpclient: Strip auth headers on cross-origin redirectsUpdates
tornadofrom 6.5.5 to 6.5.7Changelog
Sourced from tornado's changelog.
... (truncated)
Commits
48fc2d4Merge pull request #3633 from bdarnell/curl-reset-654ae1dddRelease notes and version bump for 6.5.73154caacurl_httpclient: Reset the curl object before putting it on the freelist7d869c0Merge pull request #3631 from bdarnell/cve-links288241fdocs: Use the correct link syntax8da981cdocs: Add CVE links to 6.5.6 release notesaba2569Merge pull request #3626 from bdarnell/fixes-656a24b260httpclient_test: Accept an additional error message varianta74240aRelease notes and version bump for 6.5.6.e8fc7edsimple_httpclient: Strip auth headers on cross-origin redirectsUpdates
tornadofrom 6.5.5 to 6.5.7Changelog
Sourced from tornado's changelog.
... (truncated)
Commits
48fc2d4Merge pull request #3633 from bdarnell/curl-reset-654ae1dddRelease notes and version bump for 6.5.73154caacurl_httpclient: Reset the curl object before putting it on the freelist7d869c0Merge pull request #3631 from bdarnell/cve-links288241fdocs: Use the correct link syntax8da981cdocs: Add CVE links to 6.5.6 release notesaba2569Merge pull request #3626 from bdarnell/fixes-656a24b260httpclient_test: Accept an additional error message varianta74240aRelease notes and version bump for 6.5.6.e8fc7edsimple_httpclient: Strip auth headers on cross-origin redirectsUpdates
tornadofrom 6.5.5 to 6.5.7Changelog
Sourced from tornado's changelog.
... (truncated)
Commits
48fc2d4Merge pull request #3633 from bdarnell/curl-reset-654ae1dddRelease notes and version bump for 6.5.73154caacurl_httpclient: Reset the curl object before putting it on the freelist7d869c0Merge pull request #3631 from bdarnell/cve-links288241fdocs: Use the correct link syntax8da981cdocs: Add CVE links to 6.5.6 release notesaba2569Merge pull request #3626 from bdarnell/fixes-656a24b260httpclient_test: Accept an additional error message varianta74240aRelease notes and version bump for 6.5.6.e8fc7edsimple_httpclient: Strip auth headers on cross-origin redirectsUpdates
tornadofrom 6.5.5 to 6.5.7Changelog
Sourced from tornado's changelog.
... (truncated)
Commits
48fc2d4Merge pull request #3633 from bdarnell/curl-reset-654ae1dddRelease notes and version bump for 6.5.73154caacurl_httpclient: Reset the curl object before putting it on the freelist7d869c0Merge pull request #3631 from bdarnell/cve-links288241fdocs: Use the correct link syntax8da981cdocs: Add CVE links to 6.5.6 release notesaba2569Merge pull request #3626 from bdarnell/fixes-656a24b260httpclient_test: Accept an additional error message varianta74240aRelease notes and version bump for 6.5.6.e8fc7edsimple_httpclient: Strip auth headers on cross-origin redirectsUpdates
ujsonfrom 5.12.1 to 5.13.0Release notes
Sourced from ujson's releases.
Commits
1a23a68Create manylinux2014 wheels (#745)bd943e8Build separate manylinux2014 + modern wheels87ae2dfCreate manylinux2014 wheels209371eVerify expected number of dists (#743)6392258Also check SHA of wheels in case manylinux version changesa00edeaVerify expected number of distse24aeb7Fix utf-8 test for graalpy9122ebeReplace pre-commit with prek to fix deprecation warning (#744)0bbf9a3Add support for Python 3.15 (#742)90ddea2Replace pre-commit with prek to fix deprecation warningUpdates
tornadofrom 6.5.5 to 6.5.7Changelog
Sourced from tornado's changelog.
... (truncated)
Commits
48fc2d4Merge pull request #3633 from bdarnell/curl-reset-654ae1dddRelease notes and version bump for 6.5.73154caacurl_httpclient: Reset the curl object before putting it on the freelist7d869c0Merge pull request #3631 from bdarnell/cve-links288241fdocs: Use the correct link syntax8da981cdocs: Add CVE links to 6.5.6 release notesaba2569Merge pull request #3626 from bdarnell/fixes-656a24b260httpclient_test: Accept an additional error message varianta74240aRelease notes and version bump for 6.5.6.e8fc7edsimple_httpclient: Strip auth headers on cross-origin redirectsUpdates
ujsonfrom 5.12.1 to 5.13.0Release notes
Sourced from ujson's releases.
Commits
1a23a68Create manylinux2014 wheels (#745)bd943e8Build separate manylinux2014 + modern wheels87ae2dfCreate manylinux2014 wheels209371eVerify expected number of dists (#743)6392258Also check SHA of wheels in case manylinux version changesa00edeaVerify expected number of distse24aeb7Fix utf-8 test for graalpy9122ebeReplace pre-commit with prek to fix deprecation warning (#744)0bbf9a3Add support for Python 3.15 (#742)90ddea2Replace pre-commit with prek to fix deprecation warningUpdates
ujsonfrom 5.12.1 to 5.13.0Release notes
Sourced from ujson's releases.
Commits
1a23a68Create manylinux2014 wheels (#745)bd943e8Build separate manylinux2014 + modern wheels87ae2dfCreate manylinux2014 wheels209371eVerify expected number of dists (#743)6392258Also check SHA of wheels in case manylinux version changesa00edeaVerify expected number of distse24aeb7Fix utf-8 test for graalpy9122ebeReplace pre-commit with prek to fix deprecation warning (#744)0bbf9a3Add support for Python 3.15 (#742)90ddea2Replace pre-commit with prek to fix deprecation warningUpdates
pyarrowfrom 22.0.0 to 23.0.1Release notes
Sourced from pyarrow's releases.
Commits
82a374eMINOR: [Release] Update versions for 23.0.1c1ae37cMINOR: [Release] Update .deb/.rpm changelogs for 23.0.18f6e557MINOR: [Release] Update CHANGELOG.md for 23.0.14e16a1aGH-49159: [C++][Gandiva] Detect overflow in repeat() (#49160)985621dGH-48817 [R][C++] Bump C++20 in R build infrastructure (#48819)1bea06aGH-49024: [CI] Update Debian version in.env(#49032)147bcd6GH-49156: [Python] Require GIL for string comparison (#49161)e4f922bGH-49138: [Packaging][Python] Remove nightly cython install from manylinux wh...f9376e4GH-49003: [C++] Don't considerout_of_rangean error in float parsing (#49095)ab2c0adGH-49044: [CI][Python] Fix test_download_tzdata_on_windows by adding required...Updates
pyarrowfrom 22.0.0 to 23.0.1Release notes
Sourced from pyarrow's releases.
Commits
82a374eMINOR: [Release] Update versions for 23.0.1c1ae37cMINOR: [Release] Update .deb/.rpm changelogs for 23.0.18f6e557MINOR: [Release] Update CHANGELOG.md for 23.0.14e16a1aGH-49159: [C++][Gandiva] Detect overflow in repeat() (#49160)985621dGH-48817 [R][C++] Bump C++20 in R build infrastructure (#48819)1bea06aGH-49024: [CI] Update Debian version in.env(#49032)147bcd6GH-49156: [Python] Require GIL for string comparison (#49161)e4f922bGH-49138: [Packaging][Python] Remove nightly cython install from manylinux wh...f9376e4GH-49003: [C++] Don't considerout_of_rangean error in float parsing (#49095)ab2c0adGH-49044: [CI][Python] Fix test_download_tzdata_on_windows by adding required...Updates
pyarrowfrom 22.0.0 to 23.0.1Release notes
Sourced from pyarrow's releases.
Commits
82a374eMINOR: [Release] Update versions for 23.0.1c1ae37cMINOR: [Release] Update .deb/.rpm changelogs for 23.0.18f6e557MINOR: [Release] Update CHANGELOG.md for 23.0.14e16a1aGH-49159: [C++][Gandiva] Detect overflow in repeat() (#49160)985621dGH-48817 [R][C++] Bump C++20 in R build infrastructure (#48819)1bea06aGH-49024: [CI] Update Debian version in.env(#49032)147bcd6GH-49156: [Python] Require GIL for string comparison (#49161)e4f922bGH-49138: [Packaging][Python] Remove nightly cython install from manylinux wh...f9376e4GH-49003: [C++] Don't considerout_of_rangean error in float parsing (#49095)ab2c0adGH-49044: [CI][Python] Fix test_download_tzdata_on_windows by adding required...Updates
pyarrowfrom 22.0.0 to 23.0.1Release notes
Sourced from pyarrow's releases.
Commits
82a374eMINOR: [Release] Update versions for 23.0.1c1ae37cMINOR: [Release] Update .deb/.rpm changelogs for 23.0.18f6e557MINOR: [Release] Update CHANGELOG.md for 23.0.14e16a1aGH-49159: [C++][Gandiva] Detect overflow in repeat() (#49160)985621dGH-48817 [R][C++] Bump C++20 in R build infrastructure (#48819)1bea06aGH-49024: [CI] Update Debian version in.env(#49032)147bcd6GH-49156: [Python] Require GIL for string comparison (#49161)e4f922bGH-49138: [Packaging][Python] Remove nightly cython install from manylinux wh...f9376e4GH-49003: [C++] Don't considerout_of_rangean error in float parsing (#49095)ab2c0adGH-49044: [CI][Python] Fix test_download_tzdata_on_windows by adding required...Updates
tornadofrom 6.5.5 to 6.5.7Changelog
Sourced from tornado's changelog.
... (truncated)
Commits
48fc2d4Merge pull request #3633 from bdarnell/curl-reset-654ae1dddRelease notes and version bump for 6.5.73154caacurl_httpclient: Reset the curl object before putting it on the freelist7d869c0Merge pull request #3631 from bdarnell/cve-links288241fdocs: Use the correct link syntax8da981cdocs: Add CVE links to 6.5.6 release notesaba2569Merge pull request #3626 from bdarnell/fixes-656a24b260httpclient_test: Accept an additional error message varianta74240aRelease notes and version bump for 6.5.6.e8fc7edsimple_httpclient: Strip auth headers on cross-origin redirectsUpdates
tornadofrom 6.5.5 to 6.5.7Changelog
Sourced from tornado's changelog.
... (truncated)
Commits
48fc2d4Merge pull request #3633 from bdarnell/curl-reset-654ae1dddRelease notes and version bump for 6.5.73154caacurl_httpclient: Reset the curl object before putting it on the freelist7d869c0Merge pull request #3631 from bdarnell/cve-links288241fdocs: Use the correct link syntax8da981cdocs: Add CVE links to 6.5.6 release notesaba2569Merge pull request #3626 from bdarnell/fixes-656a24b260httpclient_test: Accept an additional error message varianta74240aRelease notes and version bump for 6.5.6.e8fc7edsimple_httpclient: Strip auth headers on cross-origin redirectsUpdates
tornadofrom 6.5.5 to 6.5.7Changelog
Sourced from tornado's changelog.
... (truncated)
Commits
48fc2d4Merge pull request #3633 from bdarnell/curl-reset-654ae1dddRelease notes and version bump for 6.5.73154caacurl_httpclient: Reset the curl object before putting it on the freelist7d869c0Merge pull request #3631 from bdarnell/cve-links288241fdocs: Use the correct link syntax8da981cdocs: Add CVE links to 6.5.6 release notesaba2569Merge pull request #3626 from bdarnell/fixes-656a24b260httpclient_test: Accept an additional error message varianta74240aRelease notes and version bump for 6.5.6.e8fc7edsimple_httpclient: Strip auth headers on cross-origin redirectsDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditionsYou can disable automated security fix PRs for this repo from the Security Alerts page.