Skip to content

deps(py)(deps): bump the python-non-major group across 1 directory with 4 updates#38

Open
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/pip/backend/develop/python-non-major-a546c1d062
Open

deps(py)(deps): bump the python-non-major group across 1 directory with 4 updates#38
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/pip/backend/develop/python-non-major-a546c1d062

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 7, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Bumps the python-non-major group with 4 updates in the /backend directory: django, sentry-sdk, django-timezone-field and wcwidth.

Updates django from 5.1.4 to 5.1.15

Commits
  • 6ef1f6f [5.1.x] Bumped version for 5.1.15 release.
  • 0db9ea4 [5.1.x] Fixed CVE-2025-64460 -- Corrected quadratic inner text accumulation i...
  • 9c6a5bd [5.1.x] Fixed CVE-2025-13372 -- Protected FilteredRelation against SQL inject...
  • e419ad8 [5.1.x] Added script to archive EOL stable branches.
  • ca4251d [5.1.x] Refs #36743 -- Added missing release notes for 5.1.15 and 4.2.27.
  • f354296 [5.1.x] Fixed #36743 -- Increased URL max length enforced in HttpResponseRedi...
  • cae6f5c [5.1.x] Added timeout-minutes directive to all GitHub Actions workflows.
  • 6f35c2e [5.1.x] Added stub release notes and release date for 5.1.15 and 4.2.27.
  • a9311fc [5.1.x] Configured dangerous-triggers zizmor rule.
  • dc29fe1 [5.1.x] Addressed unpinned-uses zizmor finding.
  • Additional commits viewable in compare view

Updates sentry-sdk from 2.60.0 to 2.61.1

Release notes

Sourced from sentry-sdk's releases.

2.61.1

Internal Changes 🔧

Rq

Other

2.61.0

New Features ✨

  • Add server.address to transformed spans when stream_gen_ai_spans=True by @​alexander-alderman-webb in #6307

  • Allow integrations to define control flow exceptions by @​sentrivana in #6425

  • Disable string truncation for events by default by @​alexander-alderman-webb in #6290

    Following a previous significant increase of the string truncation limit, we've now completely removed the limit by default. In case you have large strings in your events, you should now be able to see them.

    In rare cases, if you have really long strings (or a lot of them), you might see envelopes being dropped because of their size. If that happens, you can set the max_value_length init option to the previous value of 100_000:

    sentry_sdk.init(
    ...,
    max_value_length=100_000,
)

Bug Fixes 🐛

Langchain

Openai Agents

Pydantic AI

... (truncated)

Changelog

Sourced from sentry-sdk's changelog.

2.61.1

Internal Changes 🔧

Rq

Other

2.61.0

New Features ✨

  • Add server.address to transformed spans when stream_gen_ai_spans=True by @​alexander-alderman-webb in #6307

  • Allow integrations to define control flow exceptions by @​sentrivana in #6425

  • Disable string truncation for events by default by @​alexander-alderman-webb in #6290

    Following a previous significant increase of the string truncation limit, we've now completely removed the limit by default. In case you have large strings in your events, you should now be able to see them.

    In rare cases, if you have really long strings (or a lot of them), you might see envelopes being dropped because of their size. If that happens, you can set the max_value_length init option to the previous value of 100_000:

    sentry_sdk.init(
    ...,
    max_value_length=100_000,
)

Bug Fixes 🐛

Langchain

Openai Agents

... (truncated)

Commits
  • 5c95559 Update CHANGELOG.md
  • b98bcb1 release: 2.61.1
  • 504cbe9 ci(rq): Pin fakeredis<2.36.0 in tests (#6454)
  • 1f3f3eb fix(sampling): Attribute backpressure as unsampling reason more accurately ...
  • 2ce26d1 ci(tox): migrate from pip to uv via tox-uv (#6390)
  • 8a4062b ci(rq): Unpin redis and fakeredis for tests (#6443)
  • 8d442df fix(span-first): Set user.ip_address on all streamed spans (#6434)
  • e8d67d8 feat(rust-tracing): Support span streaming (#6433)
  • 0749d3e feat(litellm): Support span streaming (#6317)
  • b4e0367 test(aiohttp): Unfurl spans explicitly instead of using pop() (#6435)
  • Additional commits viewable in compare view

Updates django-timezone-field from 7.2.1 to 7.2.2

Commits

Updates wcwidth from 0.7.0 to 0.8.0

Release notes

Sourced from wcwidth's releases.

0.8.0: new terminal-aware wcstwidth() function

  • New support for Variation Selector 15 Emojis as narrow, #211.
  • New argument, term_program for wcstwidth(), width(), clip(), wrap(), ljust(), rjust(), and center(). False disables corrections; True auto-detects by TERM_PROGRAM or TERM; string values accept canonical names matching list_term_programs(). wcstwidth()_ defaults to True; all other functions default to False.
  • Improved performance on Python 3.15 using standard library iter_graphemes() #206.
  • Improved memory usage and import time for Python 3.15 using lazy imports #221.
  • Bugfix Invisible_Stacker viramas now form conjuncts (Burmese, Khmer, etc.) and change some Virama width calculations to match jacobsandlund/uucode_ (ghostty) #223.
  • Updated graphemes width maximum now 2, matching Ghostty, foot, and Windows Terminal #224.

Full Changelog: jquast/wcwidth@0.7.0...0.8.0

Commits
  • 9df7261 more docs
  • be0fdb2 document better
  • 2d9925b wcstwidth(term_program=True) default argument
  • 169c846 Terminal software identity-assisted wcswidth() (#220)
  • e4f76d5 bugfix virama with mc width is capped at 2, also (#225)
  • 99e538b Cap grapheme final width at 2 (foot, ghostty, terminal.exe) (#224)
  • c7fc868 Bugfix Virama, matching uucode (ghostty) (#222)
  • e7673ff document upcoming 0.8.0 release so far
  • d26bfb6 Enable lazy imports for Python 3.15 (#221)
  • f984073 Python 3.15 unicodedata.iter_graphemes() integration (#206)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
deps(py)(deps): bump the python-non-major group across 1 directory wi…
7b38f6b 
…th 4 updates

Bumps the python-non-major group with 4 updates in the /backend directory: [django](https://github.com/django/django), [sentry-sdk](https://github.com/getsentry/sentry-python), [django-timezone-field](https://github.com/mfogel/django-timezone-field) and [wcwidth](https://github.com/jquast/wcwidth).


Updates `django` from 5.1.4 to 5.1.15
- [Commits](django/django@5.1.4...5.1.15)

Updates `sentry-sdk` from 2.60.0 to 2.61.1
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](getsentry/sentry-python@2.60.0...2.61.1)

Updates `django-timezone-field` from 7.2.1 to 7.2.2
- [Commits](mfogel/django-timezone-field@7.2.1...7.2.2)

Updates `wcwidth` from 0.7.0 to 0.8.0
- [Release notes](https://github.com/jquast/wcwidth/releases)
- [Commits](jquast/wcwidth@0.7.0...0.8.0)

---
updated-dependencies:
- dependency-name: django
  dependency-version: 5.1.15
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-non-major
- dependency-name: sentry-sdk
  dependency-version: 2.61.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-non-major
- dependency-name: django-timezone-field
  dependency-version: 7.2.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-non-major
- dependency-name: wcwidth
  dependency-version: 0.8.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-non-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github

dependabot Bot commented on behalf of github Jun 7, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: backend, dependencies. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants