Sourced from click's releases.

8.3.2

This is the Click 8.3.2 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/click/8.3.2/ Changes: https://click.palletsprojects.com/page/changes/#version-8-3-2 Milestone: https://github.com/pallets/click/milestone/29

• Fix handling of flag_value when is_flag=False to allow such options to be used without an explicit value. #3084 #3152
• Hide Sentinel.UNSET values as None when using lookup_default(). #3136 #3199 #3202 #3209 #3212 #3224
• Prevent _NamedTextIOWrapper from closing streams owned by StreamMixer. #824 #2991 #2993 #3110 #3139 #3140
• Add comprehensive tests for CliRunner stream lifecycle, covering logging interaction, multi-threaded safety, and sequential invocation isolation. Add high-iteration stress tests behind a stress marker with a dedicated CI job. #3139
• Fix callable flag_value being instantiated when used as a default via default=True. #3121 #3201 #3213 #3225

Sourced from click's changelog.

Version 8.3.2

Released 2026-04-02

• Fix handling of flag_value when is_flag=False to allow such options to be used without an explicit value. :issue:3084 :pr:3152
• Hide Sentinel.UNSET values as None when using lookup_default(). :issue:3136 :pr:3199 :pr:3202 :pr:3209 :pr:3212 :pr:3224
• Prevent _NamedTextIOWrapper from closing streams owned by StreamMixer. :issue:824 :issue:2991 :issue:2993 :issue:3110 :pr:3139 :pr:3140
• Add comprehensive tests for CliRunner stream lifecycle, covering logging interaction, multi-threaded safety, and sequential invocation isolation. Add high-iteration stress tests behind a stress marker with a dedicated CI job. :pr:3139
• Fix callable flag_value being instantiated when used as a default via default=True. :issue:3121 :pr:3201 :pr:3213 :pr:3225

Version 8.3.1

Released 2025-11-15

• Don't discard pager arguments by correctly using subprocess.Popen. :issue:3039 :pr:3055
• Replace Sentinel.UNSET default values by None as they're passed through the Context.invoke() method. :issue:3066 :issue:3065 :pr:3068
• Fix conversion of Sentinel.UNSET happening too early, which caused incorrect behavior for multiple parameters using the same name. :issue:3071 :pr:3079
• Hide Sentinel.UNSET values as None when looking up for other parameters through the context inside parameter callbacks. :issue:3136 :pr:3137
• Fix rendering when prompt and confirm parameter prompt_suffix is empty. :issue:3019 :pr:3021
• When Sentinel.UNSET is found during parsing, it will skip calls to type_cast_value. :issue:3069 :pr:3090

Version 8.3.0

Released 2025-09-17

• Improved flag option handling: Reworked the relationship between flag_value and default parameters for better consistency:

  • The default parameter value is now preserved as-is and passed directly to CLI functions (no more unexpected transformations)
  • Exception: flag options with default=True maintain backward compatibility by defaulting to their flag_value
  • The default parameter can now be any type (bool, None, etc.)
  • Fixes inconsistencies reported in: :issue:1992 :issue:2514 :issue:2610

... (truncated)

• 052c006 Change update release date.
• 502b7ce Merge branch 'stable' of https://github.com/pallets/click into release-8.3.2
• a0a37e4 Change publish to werkzeug latest. (#3301)
• 57be6fc Change publish to werkzeug latest.
• 781d6a8 Update publish workflows (#3266)
• ff795b6 Update precommit pins with tox
• dd87ef4 Update github action pins with tox
• 93d3f9d Release version 8.3.2
• 3299ba1 Add missing PR to changelog. (#3264)
• b7f62c4 Add missing PR to changelog.
• Additional commits viewable in compare view

Sourced from myst-parser's releases.

v5.0.0

MyST-Parser 5.0.0

Release Date: 2026-01-15

This release significantly bumps the supported versions of core dependencies:

‼️ Breaking Changes

This release updates the minimum supported versions:

• Python: >=3.11 (dropped Python 3.10, tests up to 3.14)
• Sphinx: >=8,<10 (dropped Sphinx 7, added Sphinx 9)
• Docutils: >=0.20,<0.23 (dropped docutils 0.19, added docutils 0.22)
• markdown-it-py: ~=4.0 (upgraded from v3)

⬆️ Dependency Upgrades

• ⬆️ Upgrade to markdown-it-py v4 by @​chrisjsewell in #1060
• ⬆️ Drop Python 3.10 and Sphinx 7 by @​chrisjsewell in #1059
• ⬆️ Drop docutils 0.19 by @​chrisjsewell in #1061
• ⬆️ Add support for Python 3.14 by @​chrisjsewell in #1075
• ⬆️ Support Sphinx v9 by @​chrisjsewell in #1076
• ⬆️ Allow docutils 0.22 by @​chrisjsewell in #1084

👌 Improvements

• 👌 Improve generation of meta nodes by @​AA-Turner in #1080

📚 Documentation

• 📚 Fix typo in tables.md by @​electricalgorithm in #1034
• 📚 Fix minor typo in cross-referencing.md by @​krassowski in #1036

🔧 Internal / Maintenance

• 🔧 Update pre-commit by @​chrisjsewell in #1058
• 🔧 Add AGENTS.md by @​chrisjsewell in #1083

Full Changelog: v4.0.1...v5.0.0

Sourced from myst-parser's changelog.

5.0.0 - 2026-01-15

This release significantly bumps the supported versions of core dependencies:

‼️ Breaking Changes

This release updates the minimum supported versions:

• Python: >=3.11 (dropped Python 3.10, tests up to 3.14)
• Sphinx: >=8,<10 (dropped Sphinx 7, added Sphinx 9)
• Docutils: >=0.20,<0.23 (dropped docutils 0.19, added docutils 0.22)
• markdown-it-py: ~=4.0 (upgraded from v3)

⬆️ Dependency Upgrades

• ⬆️ Upgrade to markdown-it-py v4 by gh-user:chrisjsewell in gh-pr:1060
• ⬆️ Drop Python 3.10 and Sphinx 7 by gh-user:chrisjsewell in gh-pr:1059
• ⬆️ Drop docutils 0.19 by gh-user:chrisjsewell in gh-pr:1061
• ⬆️ Add support for Python 3.14 by gh-user:chrisjsewell in gh-pr:1075
• ⬆️ Support Sphinx v9 by gh-user:chrisjsewell in gh-pr:1076
• ⬆️ Allow docutils 0.22 by gh-user:chrisjsewell in gh-pr:1084

👌 Improvements

• 👌 Improve generation of meta nodes by gh-user:AA-Turner in gh-pr:1080

📚 Documentation

• 📚 Fix typo in tables.md by gh-user:electricalgorithm in gh-pr:1034
• 📚 Fix minor typo in cross-referencing.md by gh-user:krassowski in gh-pr:1036

🔧 Internal / Maintenance

• 🔧 Update pre-commit by gh-user:chrisjsewell in gh-pr:1058
• 🔧 Add AGENTS.md by gh-user:chrisjsewell in gh-pr:1083

Full Changelog: v4.0.1...v5.0.0

4.0.1 - 2025-02-12

🔧 Minor fix for Sphinx 8.2 compatibility (in gh-pr:1013)

4.0.0 - 2024-08-05

This release bumps the supported versions of:

• Python to 3.10 and greater
• Sphinx to >=7,<9
• Docutils to >=0.19,<0.22

... (truncated)

• a139a1f 🚀 Release v5.0.0 (#1085)
• 5405110 [pre-commit.ci] pre-commit autoupdate (#1071)
• 19512c0 ⬆️ Allow docutils 0.22 (#1084)
• a9e529f ⬆️ Support Sphinx v9 (#1076)
• fcf78ca 👌 Improve generation of meta nodes (#1080)
• e0fc7a3 🔧 Add AGENTS.md (#1083)
• 59d5384 ⬆️ Add support for Python 3.14 (#1075)
• 7b7d961 ⬆️ Update pytest requirement from <9,>=8 to >=9,<10 (#1063)
• 3342a3c ⬆️ Update sphinxext-opengraph requirement from ~=0.9.0 to ~=0.13.0 (#1066)
• 2cf85de ⬆️ Update sphinxext-rediraffe requirement from ~=0.2.7 to ~=0.3.0 (#1064)
• Additional commits viewable in compare view

Sourced from pydantic's releases.

v2.13.0 2026-04-13

v2.13.0 (2026-04-13)

The highlights of the v2.13 release are available in the blog post. Several minor changes (considered non-breaking changes according to our versioning policy) are also included in this release. Make sure to look into them before upgrading.

This release contains the updated pydantic.v1 namespace, matching version 1.10.26 which includes support for Python 3.14.

What's Changed

See the beta releases for all changes sinces 2.12.

Packaging

• Add zizmor for GitHub Actions workflow linting by @​Viicos in #13039
• Update jiter to v0.14.0 to fix a segmentation fault on musl Linux by @​Viicos in #13064

New Features

• Allow default factories of private attributes to take validated model data by @​Viicos in #13013

Changes

• Warn when serializing fixed length tuples with too few items by @​arvindsaripalli in #13016

Fixes

• Change type of Any when synthesizing _build_sources for BaseSettings.__init__() signature in the mypy plugin by @​Viicos in #13049
• Fix model equality when using runtime extra configuration by @​Viicos in #13062

New Contributors

• @​arvindsaripalli made their first contribution in #13016

Full Changelog: pydantic/pydantic@v2.12.0...v2.13.0

Sourced from pydantic's changelog.

v2.13.0 (2026-04-13)

GitHub release

The highlights of the v2.13 release are available in the blog post. Several minor changes (considered non-breaking changes according to our versioning policy) are also included in this release. Make sure to look into them before upgrading.

This release contains the updated pydantic.v1 namespace, matching version 1.10.26 which includes support for Python 3.14.

What's Changed

See the beta releases for all changes sinces 2.12.

New Features

• Allow default factories of private attributes to take validated model data by @​Viicos in #13013

Changes

• Warn when serializing fixed length tuples with too few items by @​arvindsaripalli in #13016

Fixes

• Change type of Any when synthesizing _build_sources for BaseSettings.__init__() signature in the mypy plugin by @​Viicos in #13049
• Fix model equality when using runtime extra configuration by @​Viicos in #13062

Packaging

• Add zizmor for GitHub Actions workflow linting by @​Viicos in #13039
• Update jiter to v0.14.0 to fix a segmentation fault on musl Linux by @​Viicos in #13064

New Contributors

• @​arvindsaripalli made their first contribution in #13016

v2.13.0b3 (2026-03-31)

GitHub release

What's Changed

New Features

• Add ascii_only option to StringConstraints by @​ai-man-codes in #12907
• Support exclude_if in computed fields by @​andresliszt in #12748
• Push down constraints in unions involving MISSING sentinel by @​Viicos in #12908

Changes

... (truncated)

• 46bf4fa Fix Pydantic release workflow (#13067)
• 1b359ed Prepare release v2.13.0 (#13065)
• b1bf194 Fix model equality when using runtime extra configuration (#13062)
• 17a35e3 Update jiter to v0.14.0 (#13064)
• feea402 Use simulation mode in Codspeed CI (#13063)
• 671c9b0 Add basic benchmarks for model equality (#13061)
• d17d71e Bump cryptography from 46.0.6 to 46.0.7 (#13056)
• 919d61a 👥 Update Pydantic People (#13059)
• e7cf5dc Fix people workflow (#13047)
• 2a806ad Add regression test for MISSING sentinel serialization with subclasses (#13...
• Additional commits viewable in compare view

Sourced from requests's releases.

v2.33.1

2.33.1 (2026-03-30)

Bugfixes

• Fixed test cleanup for CVE-2026-25645 to avoid leaving unnecessary files in the tmp directory. (#7305)
• Fixed Content-Type header parsing for malformed values. (#7309)
• Improved error consistency for malformed header values. (#7308)

New Contributors

• @​ferdnyc made their first contribution in psf/requests#7277

Full Changelog: https://github.com/psf/requests/blob/main/HISTORY.md#2331-2026-03-30

Sourced from requests's changelog.

2.33.1 (2026-03-30)

Bugfixes

• Fixed test cleanup for CVE-2026-25645 to avoid leaving unnecessary files in the tmp directory. (#7305)
• Fixed Content-Type header parsing for malformed values. (#7309)
• Improved error consistency for malformed header values. (#7308)

2.33.0 (2026-03-25)

Announcements

• 📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at #7271. Give it a try, and report any gaps or feedback you may have in the issue. 📣

Security

• CVE-2026-25645 requests.utils.extract_zipped_paths now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.

Improvements

• Migrated to a PEP 517 build system using setuptools. (#7012)

Bugfixes

• Fixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+. (#7205)

Deprecations

• Dropped support for Python 3.9 following its end of support. (#7196)

Documentation

• Various typo fixes and doc improvements.

2.32.5 (2025-08-18)

Bugfixes

• The SSLContext caching feature originally introduced in 2.32.0 has created a new class of issues in Requests that have had negative impact across a number of use cases. The Requests team has decided to revert this feature as long term maintenance of it is proving to be unsustainable in its current iteration.

Deprecations

• Added support for Python 3.14.

... (truncated)

• 111d2b7 v2.33.1
• f0198e6 Fix malformed value parsing for Content-Type (#7309)
• bc7dd0f Fix cosmetic header validity parsing regex (#7308)
• 4443b1a Fix unintended test extra (#7306)
• 389eea5 Cleanup extracted file after extract_zipped_path test (#7305)
• 7407309 Packaging: DRY out extras definition (#7277)
• bc04dfd v2.33.0
• 66d21cb Merge commit from fork
• 8b9bc8f Move badges to top of README (#7293)
• e331a28 Remove unused extraction call (#7292)
• Additional commits viewable in compare view

Sourced from sphinx-rtd-theme's changelog.

3.1.0

• Added support for docutils 0.22
• Added support for Sphinx 9.x

.. _release-3.1.0rc2:

3.1.0rc2

• Added support for docutils 0.22

.. _release-3.1.0rc1:

3.1.0rc1

• Added support for Sphinx 9.x

.. _release-3.0.2:

3.0.2

• Show current translation when the flyout is attached
• Fix JavaScript issue that didn't allow users to disable selectors

.. _release-3.0.1:

3.0.1

• Use black color for text in selectors.

.. _release-3.0.0:

3.0.0

Final version.

.. _release-3.0.0rc4:

3.0.0rc4

Fixes

... (truncated)

• 795de79 Release 3.1.0 (#1676)
• 66d0fdd Add Python 3.14 to the test suite (#1668)
• fbe5e60 3.1.0rc2 with support for docutils 0.22 (#1674)
• a76174c Add support for docutils 0.22 (#1671)
• 20733c3 Add support for Sphinx 9.0.0 (#1666)
• 71aacd3 Update Code of Conduct URL (#1664)
• 5a26375 Run tests and build docs with Sphinx 8.2 (#1640)
• 8d4d394 Sidebar should not be floating on mobile (#1622)
• See full diff in compare view

• cb2f29e Bump version to 0.3.2
• 6230882 Avoid using a parser in post-transform
• See full diff in compare view

Sourced from pytest's releases.

9.0.3

pytest 9.0.3 (2026-04-07)

Bug fixes

• #12444: Fixed pytest.approx which now correctly takes into account ~collections.abc.Mapping keys order to compare them.

• #13634: Blocking a conftest.py file using the -p no: option is now explicitly disallowed.

  Previously this resulted in an internal assertion failure during plugin loading.

  Pytest now raises a clear UsageError explaining that conftest files are not plugins and cannot be disabled via -p.

• #13734: Fixed crash when a test raises an exceptiongroup with __tracebackhide__ = True.

• #14195: Fixed an issue where non-string messages passed to unittest.TestCase.subTest() were not printed.

• #14343: Fixed use of insecure temporary directory (CVE-2025-71176).

Improved documentation

• #13388: Clarified documentation for -p vs PYTEST_PLUGINS plugin loading and fixed an incorrect -p example.
• #13731: Clarified that capture fixtures (e.g. capsys and capfd) take precedence over the -s / --capture=no command-line options in Accessing captured output from a test function <accessing-captured-output>.
• #14088: Clarified that the default pytest_collection hook sets session.items before it calls pytest_collection_finish, not after.
• #14255: TOML integer log levels must be quoted: Updating reference documentation.

Contributor-facing changes

• #12689: The test reports are now published to Codecov from GitHub Actions. The test statistics is visible on the web interface.

  -- by aleguy02

• a7d58d7 Prepare release version 9.0.3
• 089d981 Merge pull request #14366 from bluetech/revert-14193-backport
• 8127eaf Revert "Fix: assertrepr_compare respects dict insertion order (#14050) (#14193)"
• 99a7e60 Merge pull request #14363 from pytest-dev/patchback/backports/9.0.x/95d8423bd...
• ddee02a Merge pull request #14343 from bluetech/cve-2025-71176-simple
• 74eac69 doc: Update training info (#14298) (#14301)
• f92dee7 Merge pull request #14267 from pytest-dev/patchback/backports/9.0.x/d6fa26c62...
• 7ee58ac Merge pull request #12378 from Pierre-Sassoulas/fix-implicit-str-concat-and-d...
• 37da870 Merge pull request #14259 from mitre88/patch-4 (#14268)
• c34bfa3 Add explanation for string context diffs (#14257) (#14266)
• Additional commits viewable in compare view

Sourced from uv-build's releases.

0.11.6

Release Notes

Released on 2026-04-09.

This release resolves a low severity security advisory in which wheels with malformed RECORD entries could delete arbitrary files on uninstall. See GHSA-pjjw-68hj-v9mw for details.

Bug fixes

• Do not remove files outside the venv on uninstall (#18942)
• Validate and heal wheel RECORD during installation (#18943)
• Avoid uv cache clean errors due to Win32 path normalization (#18856)

Install uv 0.11.6

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.6/uv-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/uv/releases/download/0.11.6/uv-installer.ps1 | iex"

Download uv 0.11.6

File	Platform	Checksum
uv-aarch64-apple-darwin.tar.gz	Apple Silicon macOS	checksum
uv-x86_64-apple-darwin.tar.gz	Intel macOS	checksum
uv-aarch64-pc-windows-msvc.zip	ARM64 Windows	checksum
uv-i686-pc-windows-msvc.zip	x86 Windows	checksum
uv-x86_64-pc-windows-msvc.zip	x64 Windows	checksum
uv-aarch64-unknown-linux-gnu.tar.gz	ARM64 Linux	checksum
uv-i686-unknown-linux-gnu.tar.gz	x86 Linux	checksum
uv-powerpc64le-unknown-linux-gnu.tar.gz	PPC64LE Linux	checksum
uv-riscv64gc-unknown-linux-gnu.tar.gz	RISCV Linux	checksum
uv-s390x-unknown-linux-gnu.tar.gz	S390x Linux	checksum
uv-x86_64-unknown-linux-gnu.tar.gz	x64 Linux	checksum
uv-armv7-unknown-linux-gnueabihf.tar.gz	ARMv7 Linux	checksum
uv-aarch64-unknown-linux-musl.tar.gz	ARM64 MUSL Linux	checksum
uv-i686-unknown-linux-musl.tar.gz	x86 MUSL Linux	checksum
uv-riscv64gc-unknown-linux-musl.tar.gz	RISCV MUSL Linux	checksum
uv-x86_64-unknown-linux-musl.tar.gz	x64 MUSL Linux	checksum
uv-arm-unknown-linux-musleabihf.tar.gz	ARMv6 MUSL Linux (Hardfloat)	checksum
uv-armv7-unknown-linux-musleabihf.tar.gz	ARMv7 MUSL Linux	checksum

... (truncated)

Sourced from uv-build's changelog.

0.11.6

Released on 2026-04-09.

This release resolves a low severity security advisory in which wheels with malformed RECORD entries could delete arbitrary files on uninstall. See GHSA-pjjw-68hj-v9mw for details.

Bug fixes

• Do not remove files outside the venv on uninstall (#18942)
• Validate and heal wheel RECORD during installation (#18943)
• Avoid uv cache clean errors due to Win32 path normalization (#18856)

0.11.5

Released on 2026-04-08.

Python

• Add CPython 3.13.13, 3.14.4, and 3.15.0a8 (#18908)

Enhancements

• Fix build_system.requires error message (#18911)
• Remove trailing path separators in path normalization (#18915)
• Improve error messages for unsupported or invalid TLS certificates (#18924)

Preview features

• Add exclude-newer to [[tool.uv.index]] (#18839)
• uv audit: add context/warnings for ignored vulnerabilities (#18905)

Bug fixes

• Normalize persisted fork markers before lock equality checks (#18612)
• Clear junction properly when uninstalling Python versions on Windows (#18815)
• Report error cleanly instead of panicking on TLS certificate error (#18904)

Documentation

• Remove the legacy PIP_COMPATIBILITY.md redirect file (#18928)
• Fix uv init example-bare --bare examples (#18822, #18925)

0.11.4

Released on 2026-04-07.

Enhancements

• Add support for --upgrade-group (#18266)
• Merge repeated archive URL hashes by version ID (#18841)

... (truncated)

• 6595080 Bump version to 0.11.6 (#18948)
• 7983c7a Validate and heal RECORD during installation (#18943)
• b38439b Avoid uv cache clean errors due to Win32 path normalization (#18856)
• a0e461a Do not remove files outside the venv on uninstall (#18942)
• 95eaa68 Bump version to 0.11.5 (#18930)
• f6d67d5 Improve certificate loading error messages (#18924)
• 39b83c3 Add exclude-newer to [[tool.uv.index]] (#18839)
• 7924ba5 uv audit: add context/warnings for ignored vulnerabilities (#18905)
• a352ce0 Remove the legacy PIP_COMPATIBILITY.md redirect file (#18928)
• 33b6338 Normalize persisted fork markers before lock equality checks (#18612)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions