Chore(deps): Bump the utilities-minor group across 1 directory with 18 updates

[dependabot]

Bumps the utilities-minor group with 18 updates in the / directory:

Package	From	To
dateparser	1.3.0	1.4.0
djangorestframework	3.16.1	3.17.1
gotenberg-client	0.13.1	0.14.0
llama-index-embeddings-huggingface	0.6.1	0.7.0
llama-index-embeddings-openai	0.5.2	0.6.0
llama-index-llms-ollama	0.9.1	0.10.1
llama-index-llms-openai	0.6.26	0.7.3
llama-index-vector-stores-faiss	0.5.3	0.6.0
ocrmypdf	17.3.0	17.4.0
openai	2.26.0	2.30.0
sentence-transformers	5.2.3	5.3.0
tika-client	0.10.0	0.11.0
torch	2.10.0	2.11.0
faker	40.8.0	40.11.1
pytest-cov	7.0.0	7.1.0
pytest-env	1.5.0	1.6.0
celery-types	0.24.0	0.26.0
pyrefly	0.55.0	0.58.0

Updates dateparser from 1.3.0 to 1.4.0

Release notes

Sourced from dateparser's releases.

1.4.0

Security fixes:

• Remove import-time loading of timezone offset data from pickle to prevent unsafe deserialization from packaged data
• Replace eval() use when parsing no_word_spacing with strict boolean parsing to prevent code execution from locale metadata (#1056)

New features:

• Add support for expressions like "N {interval} from now" in English (#1271)
• Add support for the en-US locale (#1222)

Fixes:

• Honor REQUIRE_PARTS for ambiguous month-number inputs by retrying with a year-biased DATE_ORDER (#1298)
• Fix parsing word-number relative phrases such as "two days later" (#1316)
• Allow md5hash to work in FIPS environments (#1267)

Improvements:

• Add Bosnian Cyrillic (ijekavica) date translations (#1293)
• Add a new browser-based demo to the project documentation (#1306)
• Update installation documentation to replace setup.py install guidance (#1310)
• Add a project security policy (#1318)

Changelog

Sourced from dateparser's changelog.

1.4.0 (2026-03-26)

Security fixes:

• Remove import-time loading of timezone offset data from pickle to prevent unsafe deserialization from packaged data
• Replace eval() use when parsing no_word_spacing with strict boolean parsing to prevent code execution from locale metadata (#1056)

New features:

• Add support for expressions like "N {interval} from now" in English (#1271)
• Add support for the en-US locale (#1222)

Fixes:

• Honor REQUIRE_PARTS for ambiguous month-number inputs by retrying with a year-biased DATE_ORDER (#1298)
• Fix parsing word-number relative phrases such as "two days later" (#1316)
• Allow md5hash to work in FIPS environments (#1267)

Improvements:

• Add Bosnian Cyrillic (ijekavica) date translations (#1293)
• Add a new browser-based demo to the project documentation (#1306)
• Update installation documentation to replace setup.py install guidance (#1310)
• Add a project security policy (#1318)

Commits

• 60b8a75 Bump version: 1.3.0 → 1.4.0
• d405657 1.4.0 release notes and fixes (#1319)
• 7a3113e Add the en-US locale (#1222)
• 62710c0 Add a security policy (#1318)
• 341d308 Fix deployment
• 5add61c Use official publish GitHub action in CI (#1309)
• e22e62e Fix word-number phrases parsing (e.g., 'two days later') (#1316)
• 8cdcf80 Make logo more translucent (#1312)
• e0939ec Replace 'setup.py install' (#1310)
• cd5f226 Honor REQUIRE_PARTS for ambiguous month-number inputs by retrying year-bias...
• Additional commits viewable in compare view

Updates djangorestframework from 3.16.1 to 3.17.1

Release notes

Sourced from djangorestframework's releases.

3.17.1

What's Changed

Bug fixes

• Fix HTMLFormRenderer with empty datetime values by @​p-r-a-v-i-n in encode/django-rest-framework#9928

Full Changelog: encode/django-rest-framework@3.17.0...3.17.1

3.17.0

What's Changed

Breaking changes

• Drop support for Python 3.9 by @​auvipy in encode/django-rest-framework#9781
• Drop deprecated coreapi support by @​browniebroke in encode/django-rest-framework#9895

Features

• Add ability to specify output format for DurationField by @​sevdog in encode/django-rest-framework#8532
• Add missing decorators: @versioning_class(), @content_negotiation_class(), @metadata_class() for function-based views by @​qqii in encode/django-rest-framework#9719
• Add support for Python 3.14 by @​cclauss in encode/django-rest-framework#9780
• Support violation_error_code and violation_error_message from UniqueConstraint in UniqueTogetherValidator by @​s-aleshin in encode/django-rest-framework#9766
• Add support for ipaddress objects in JSONEncoder by @​corenting in encode/django-rest-framework#9087
• Add optional support to serialize BigInteger to string by @​HoodyH in encode/django-rest-framework#9775
• Add Django 6.0 support by @​MehrazRumman in encode/django-rest-framework#9819

Bug fixes

• Prevent small risk of Token overwrite by @​mahdirahimi1999 in encode/django-rest-framework#9754
• Fix UniqueTogetherValidator validation when condition references a read-only field by @​ticosax in encode/django-rest-framework#9764
• Fix validation on many to many field when default=None by @​Genarito in encode/django-rest-framework#9790
• Fix invalid SPDX license expression in __init__.py by @​TheFunctionalGuy in encode/django-rest-framework#9799
• Fix HTMLFormRenderer to ensure a valid datetime-local format by @​mgaligniana in encode/django-rest-framework#9365
• Fix mutable default arguments in OrderingFilter methods by @​killerdevildog in encode/django-rest-framework#9742
• Update TokenAdmin to respect USERNAME_FIELD of the user model by @​m000 in encode/django-rest-framework#9836
• Preserve ordering in MultipleChoiceField by @​fbozhang in encode/django-rest-framework#9735

Translations

• Update French translation by @​SebCorbin in encode/django-rest-framework#9770
• Update Brazilian Portuguese translations by @​JVPinheiroReis in encode/django-rest-framework#9828
• Fix and improve French translations by @​deronnax in encode/django-rest-framework#9896
• Add missing Russian translation by @​minorytanaka in encode/django-rest-framework#9903

Packaging

• Migrate packaging to pyproject.toml by @​deronnax in encode/django-rest-framework#9056
• Move package data rules from MANIFEST.in to pyproject.toml by @​p-r-a-v-i-n in encode/django-rest-framework#9825
• Set up release workflow with trusted publisher by @​browniebroke in encode/django-rest-framework#9852

Other changes

• Refactor token generation to use the secrets module by @​mahdirahimi1999 in encode/django-rest-framework#9760
• Add validation for decorator out-of-order with @api_view by @​kernelshard in encode/django-rest-framework#9821
• Switch to mkdocs material theme for documentation by @​browniebroke in encode/django-rest-framework#9849

New Contributors

• @​khaledsukkar2 made their first contribution in encode/django-rest-framework#9717

... (truncated)

Commits

• 22e231c Prepare bug fix release 3.17.1 (#9931)
• 8e99b53 Add condition to skip pushed tags from forks (#9924)
• c0407de Fix HTMLFormRenderer with empty datetime values (#9928)
• 30d58a7 Fix the book sizing in the documentation (#9926)
• 6f03b79 Tweak order of changes in release notes
• 021ab56 Bump version and update release notes for 3.17.0 (#9921)
• 19ebad7 Bump mkdocs-material[imaging] from 9.7.4 to 9.7.5 (#9923)
• f222c55 Correct requires-python key in pyproject.toml
• 7e7de6f Remove code fences from release checklist
• c599d30 Update release process
• Additional commits viewable in compare view

Updates gotenberg-client from 0.13.1 to 0.14.0

Release notes

Sourced from gotenberg-client's releases.

0.14.0

Changed

• [BREAKING]: Drop support for Python 3.9
  • This modernizes typing annotations and allows adding slots to all dataclasses

Fixed

• A bug in the retry logic which would have raised almost immediately
• Minor internal class names were spelled incorrectly
• PDF/A-1b was missing as a PDF output option

Changelog

Sourced from gotenberg-client's changelog.

[0.14.0] - 2023-03-11

Changed

• [BREAKING]: Drop support for Python 3.9
  • This modernizes typing annotations and allows adding slots to all dataclasses

Fixed

• A bug in the retry logic which would have raised almost immediately
• Minor internal class names were spelled incorrectly
• PDF/A-1b was missing as a PDF output option

Commits

• adf65d3 Merge branch 'release/0.14.0'
• 05ad02b Bumps version to 0.14.0
• d2b41f0 Updates hooks and resolves zizmor
• c27040d Resolves the cached_property
• e90c4bd Adds slots=True to the dataclasses
• d06b72d Dropping Python 3.9 support
• 3522ca0 Bump the actions group with 2 updates (#88)
• 3bdcaef Fixes a typo in the universal access mixin
• d560579 AI generated review for some tasks that might be nice
• 7833b99 Transitions away from the Codecov test results action
• Additional commits viewable in compare view

Updates llama-index-embeddings-huggingface from 0.6.1 to 0.7.0

Updates llama-index-embeddings-openai from 0.5.2 to 0.6.0

Updates llama-index-llms-ollama from 0.9.1 to 0.10.1

Updates llama-index-llms-openai from 0.6.26 to 0.7.3

Updates llama-index-vector-stores-faiss from 0.5.3 to 0.6.0

Updates ocrmypdf from 17.3.0 to 17.4.0

Release notes

Sourced from ocrmypdf's releases.

v17.4.0

• Added --no-overwrite / -n option to prevent overwriting output files. If the destination file already exists, OCRmyPDF exits with code 5 (OutputFileAccessError). {issue}1642
• Fixed text layer stretching in the fpdf2 renderer for widely-spaced words. The horizontal scaling (Tz) was incorrectly stretched to fill inter-word gaps instead of relying on Td positioning, causing text selection to highlight far beyond the actual word boundaries. {issue}1635
• Fixed optimize=2 or optimize=3 crash when using the Python API without explicitly setting jpg_quality or png_quality. {issue}1641
• Fixed verapdf availability check crashing with NotADirectoryError on some platforms. {issue}1638

Commits

• 6f2b840 v17.4.0 release notes
• See full diff in compare view

Updates openai from 2.26.0 to 2.30.0

Release notes

Sourced from openai's releases.

v2.30.0

2.30.0 (2026-03-25)

Full Changelog: v2.29.0...v2.30.0

Features

• api: add keys field to Click/DoubleClick/Drag/Move/Scroll computer actions (ee1bbed)

Bug Fixes

• api: align SDK response types with expanded item schemas (f3f258a)
• sanitize endpoint path params (89f6698)
• types: make type required in ResponseInputMessageItem (cfdb167)

Chores

• ci: skip lint on metadata-only changes (faa93e1)
• internal: update gitignore (c468477)
• tests: bump steady to v0.19.4 (f350af8)
• tests: bump steady to v0.19.5 (5c03401)
• tests: bump steady to v0.19.6 (b6353b8)
• tests: bump steady to v0.19.7 (1d654be)

Refactors

• tests: switch from prism to steady (4a82035)

v2.29.0

2.29.0 (2026-03-17)

Full Changelog: v2.28.0...v2.29.0

Features

• api: 5.4 nano and mini model slugs (3b45666)
• api: add /v1/videos endpoint to batches create method (c0e7a16)
• api: add defer_loading field to ToolFunction (3167595)
• api: add in and nin operators to ComparisonFilter type (664f02b)

Bug Fixes

• deps: bump minimum typing-extensions version (a2fb2ca)
• pydantic: do not pass by_alias unless set (8ebe8fb)

... (truncated)

Changelog

Sourced from openai's changelog.

2.30.0 (2026-03-25)

Full Changelog: v2.29.0...v2.30.0

Features

• api: add keys field to Click/DoubleClick/Drag/Move/Scroll computer actions (ee1bbed)

Bug Fixes

• api: align SDK response types with expanded item schemas (f3f258a)
• sanitize endpoint path params (89f6698)
• types: make type required in ResponseInputMessageItem (cfdb167)

Chores

• ci: skip lint on metadata-only changes (faa93e1)
• internal: update gitignore (c468477)
• tests: bump steady to v0.19.4 (f350af8)
• tests: bump steady to v0.19.5 (5c03401)
• tests: bump steady to v0.19.6 (b6353b8)
• tests: bump steady to v0.19.7 (1d654be)

Refactors

• tests: switch from prism to steady (4a82035)

2.29.0 (2026-03-17)

Full Changelog: v2.28.0...v2.29.0

Features

• api: 5.4 nano and mini model slugs (3b45666)
• api: add /v1/videos endpoint to batches create method (c0e7a16)
• api: add defer_loading field to ToolFunction (3167595)
• api: add in and nin operators to ComparisonFilter type (664f02b)

Bug Fixes

• deps: bump minimum typing-extensions version (a2fb2ca)
• pydantic: do not pass by_alias unless set (8ebe8fb)

Chores

... (truncated)

Commits

• 5ae2cc1 release: 2.30.0
• 6e772ae fix(api): align SDK response types with expanded item schemas
• cd72fba feat(api): add keys field to Click/DoubleClick/Drag/Move/Scroll computer actions
• 4f43fe3 chore(tests): bump steady to v0.19.7
• 23bc027 chore(ci): skip lint on metadata-only changes
• e3c59bf chore(tests): bump steady to v0.19.6
• 56ad9ca fix(types): make type required in ResponseInputMessageItem
• 78c764b chore(internal): update gitignore
• 634b74e chore(tests): bump steady to v0.19.5
• c8c9508 chore(tests): bump steady to v0.19.4
• Additional commits viewable in compare view

Updates sentence-transformers from 5.2.3 to 5.3.0

Release notes

Sourced from sentence-transformers's releases.

v5.3.0 - Improved Contrastive Learning, New Losses, and Transformers v5 Compatibility

This minor version brings several improvements to contrastive learning: MultipleNegativesRankingLoss now supports alternative InfoNCE formulations (symmetric, GTE-style) and optional hardness weighting for harder negatives. Two new losses are introduced, GlobalOrthogonalRegularizationLoss for embedding space regularization and CachedSpladeLoss for memory-efficient SPLADE training. The release also adds a faster hashed batch sampler, fixes GroupByLabelBatchSampler for triplet losses, and ensures full compatibility with the latest Transformers v5 versions.

Install this version with

# Training + Inference
pip install sentence-transformers[train]==5.3.0
Inference only, use one of:
pip install sentence-transformers==5.3.0
pip install sentence-transformers[onnx-gpu]==5.3.0
pip install sentence-transformers[onnx]==5.3.0
pip install sentence-transformers[openvino]==5.3.0

Updated MultipleNegativesRankingLoss (a.k.a. InfoNCE)

MultipleNegativesRankingLoss received two major upgrades: support for alternative InfoNCE formulations from the literature, and optional hardness weighting to up-weight harder negatives.

Support other InfoNCE variants (#3607)

MultipleNegativesRankingLoss now supports several well-known contrastive loss variants from the literature through new directions and partition_mode parameters. Previously, this loss only supported the standard forward direction (query → doc). You can now configure which similarity interactions are included in the loss:

• "query_to_doc" (default): For each query, its matched document should score higher than all other documents.
• "doc_to_query": The symmetric reverse — for each document, its matched query should score higher than all other queries.
• "query_to_query": For each query, all other queries should score lower than its matched document.
• "doc_to_doc": For each document, all other documents should score lower than its matched query.

The partition_mode controls how scores are normalized: "joint" computes a single softmax over all directions, while "per_direction" computes a separate softmax per direction and averages the losses.

These combine to reproduce several loss formulations from the literature:

Standard InfoNCE (default, unchanged behavior):

loss = MultipleNegativesRankingLoss(model)
# equivalent to directions=("query_to_doc",), partition_mode="joint"

Symmetric InfoNCE (Günther et al. 2024) — adds the reverse direction so both queries and documents are trained to find their match:

loss = MultipleNegativesRankingLoss(
    model,
    directions=("query_to_doc", "doc_to_query"),
    partition_mode="per_direction",
)

GTE improved contrastive loss (Li et al. 2023) — adds same-type negatives (query <-> query, doc <-> doc) for a stronger training signal, especially useful with pairs-only data:

loss = MultipleNegativesRankingLoss(
</tr></table> 

... (truncated)

Commits

• ce48ecc Merge branch 'main' into v5.3-release
• cec08f8 Fix citation for EmbeddingGemma paper (#3687)
• c29b3a6 Release v5.3.0
• 55c13de Prep docs main page for v5.3.0 (#3686)
• 72e75f7 [tests] Add slow reproduction tests for most common models (#3681)
• 237e441 [fix] Fix model card generation with set_transform with new column names (#...
• 7f180b4 [feat] Add hardness-weighted contrastive learning to losses (#3667)
• 5890086 Disallow query_to_query/doc_to_doc with partition_mode="per_direction" due to...
• 6518c36 CE trainer: Removed IterableDataset from train and eval dataset type hints (#...
• 1e0e84c Add tips for adjusting batch size to improve processing speed (#3672)
• Additional commits viewable in compare view

Updates tika-client from 0.10.0 to 0.11.0

Release notes

Sourced from tika-client's releases.

0.11.0

Removed

• Support for EoL Python 3.9 has been removed

Changed

• Various GitHub action dependency updates
• Applies yamlfmt to all files
• ruff rule maintenance and additional rules enabled
• Resolved additional zizmor reports

Added

• Validates the changelog format is correct during CI linting job
• Enables zizmor for action linting
• Transitions to prek over pre-commit
• Testing and official support for Python 3.14

Changelog

Sourced from tika-client's changelog.

[0.11.0] - 2026-03-11

Removed

• Support for EoL Python 3.9 has been removed

Changed

• Various GitHub action dependency updates
• Applies yamlfmt to all files
• ruff rule maintenance and additional rules enabled
• Resolved additional zizmor reports

Added

• Validates the changelog format is correct during CI linting job
• Enables zizmor for action linting
• Transitions to prek over pre-commit
• Testing and official support for Python 3.14

Commits

• 392473c Merge branch 'release/0.11.0'
• 527667f Bumps version to 0.11.0
• 8a59ed8 Merge tag '0.11.0' into develop
• 8815b9e Merge branch 'release/0.11.0'
• 64989cc Resolves additional zizmor reported issues
• b967eae Fixes linting errors
• 751f8b9 Merge branch 'main' into develop
• 2f82c24 Bumps the version to 0.11.0
• 128df09 Upgrades CI uv to use 0.10.x
• a1ccc0a Bump the actions group across 1 directory with 7 updates (#64)
• Additional commits viewable in compare view

Updates torch from 2.10.0 to 2.11.0

Release notes

Sourced from torch's releases.

PyTorch 2.11.0 Release Notes

• Highlights
• Backwards Incompatible Changes
• Deprecations
• New Features
• Improvements
• Bug fixes
• Performance
• Documentation
• Developers
• Security

Highlights

For more details about these highlighted features, you can look at the release blogpost. Below are the full release notes for this release.

Backwards Incompatible Changes

Release Engineering

... (truncated)

Commits

• 70d99e9 [release only] Increase timeout for rocm libtorch and manywheel builds (#178006)
• 3e05c5a [MPS] Properly handle conjugated tensors in bmm (#178010)
• db741c7 [MPS] fix compiling of SDPA producing nan results (#178009)
• 483b55d Update pytorch_sphinx_theme2 version to 0.4.6 (#177616)
• 7f2cdeb [windows][smoke test] Add an option to install cuda if required cuda/cudnn on...
• 76fd078 [release-only] Fix libtorch builds. Fix lint (#177299)
• fa384de [Inductor][MPS] Fix half-precision type mismatches in Metal shader codegen (#...
• 036b25f Let stable::from_blob accept a lambda as deleter (cherry-pick) (#176440)
• 41f8e3e [CI] Stop using G3 runners (#177161)
• e2fa295 [CD] Unpin cuda-bindings dependencies (#177159)
• Additional commits viewable in compare view

Updates faker from 40.8.0 to 40.11.1

Release notes

Sourced from faker's releases.

Release v40.11.1

See CHANGELOG.md.

Release v40.11.0

See CHANGELOG.md.

Release v40.10.0

See CHANGELOG.md.

Release v40.9.0

See CHANGELOG.md.

Release v40.8.1

See CHANGELOG.md.

Changelog

Sourced from faker's changelog.

v40.11.1 - 2026-03-23

• Fix: rebind deepcopy proxies to copied Faker instances. Thanks @​SunS1eep1ng.

v40.11.0 - 2026-03-13

• Add major Swiss banks to de_CH bank provider. Thanks @​raphael-s.

v40.10.0 - 2026-03-13

• Fix: mixed-gender names in es_MX locale. Thanks @​rodrigobnogueira.

v40.9.0 - 2026-03-13

• Fix pt_PT postalcode format in address provider. Thanks @​filipemattar.

v40.8.1 - 2026-03-13

• Fix mutable default providers. Thanks @​Dhi13man.

Commits

• db42f64 Bump version: 40.11.0 → 40.11.1
• a5b9f98 📝 Update CHANGELOG.md
• 01cb8d0 fix: rebind deepcopy proxies to copied Faker instances (#2340)
• 53314fc Bump version: 40.10.0 → 40.11.0
• 4b47329 📝 Update CHANGELOG.md
• 4a3341a Add major Swiss banks to de_CH bank provider (#2337)
• c571a92 Bump version: 40.9.0 → 40.10.0
• ec660a4 📝 Update CHANGELOG.md
• db8b86b Fix: mixed-gender names in es_MX locale (#2324)
• 1ebfd5f Bump version: 40.8.1 → 40.9.0
• Additional commits viewable in compare view

Updates pytest-cov from 7.0.0 to 7.1.0

Changelog

Sourced from pytest-cov's changelog.

7.1.0 (2026-03-21)

• Fixed total coverage computation to always be consistent, regardless of reporting settings. Previously some reports could produce different total counts, and consequently can make --cov-fail-under behave different depending on reporting options. See [#641](https://github.com/pytest-dev/pytest-cov/issues/641) <https://github.com/pytest-dev/pytest-cov/issues/641>_.

• Improve handling of ResourceWarning from sqlite3.

  The plugin adds warning filter for sqlite3 ResourceWarning unclosed database (since 6.2.0). It checks if there is already existing plugin for this message by comparing filter regular expression. When filter is specified on command line the message is escaped and does not match an expected message. A check for an escaped regular expression is added to handle this case.

  With this fix one can suppress ResourceWarning from sqlite3 from command line::

  pytest -W "ignore:unclosed database in <sqlite3.Connection object at:ResourceWarning" ...

• Various improvements to documentation. Contributed by Art Pelling in [#718](https://github.com/pytest-dev/pytest-cov/issues/718) <https://github.com/pytest-dev/pytest-cov/pull/718>_ and "vivodi" in [#738](https://github.com/pytest-dev/pytest-cov/issues/738) <https://github.com/pytest-dev/pytest-cov/pull/738>. Also closed [#736](https://github.com/pytest-dev/pytest-cov/issues/736) <https://github.com/pytest-dev/pytest-cov/issues/736>.

• Fixed some assertions in tests. Contributed by in Markéta Machová in [#722](https://github.com/pytest-dev/pytest-cov/issues/722) <https://github.com/pytest-dev/pytest-cov/pull/722>_.

• Removed unnecessary coverage configuration copying (meant as a backup because reporting commands had configuration side-effects before coverage 5.0).

Commits

• 66c8a52 Bump version: 7.0.0 → 7.1.0
• f707662 Make the examples use pypy 3.11.
• 6049a78 Make context test use the old ctracer (seems the new sysmon tracer behaves di...
• 8ebf20b Update changelog.
• 861d30e Remove the backup context manager - shouldn't be needed since coverage 5.0, ...
• fd4c956 Pass the precision on the nulled total (seems that there's some caching goion...
• 78c9c4e Only run the 3.9 on older deps.
• 4849a92 Punctuation.
• 197c35e Update changelog and hopefully I don't forget to publish release again :))
• 14dc1c9 Update examples to use 3.11 and make the adhoc layout example look a bit more...
• Additional commits viewable in compare view

Updates pytest-env from 1.5.0 to 1.6.0

Release notes

Sourced from pytest-env's releases.

1.6.0

What's Changed

• ✨ feat(env): preserve existing env values by @​gaborbernat in pytest-dev/pytest-env#213

Full Changelog: pytest-dev/pytest-env@1.5.1...1.6.0

1.5.1

What's Changed

• Add permissions to workflows by @​gaborbernat in pytest-dev/pytest-env#203
• Add SECURITY.md to .github/ by @​gaborbernat in pytest-dev/pytest-env#206
• Add missing .github config files by @​gaborbernat in pytest-dev/pytest-env#207
• Standardize .github files to .yaml suffix by @​gaborbernat in pytest-dev/pytest-env#208
• Fix verbose source attribution when falling back to INI env by @​shuofengzhang in pytest-dev/pytest-env#211

New Contributors

• @​shuofengzhang made their first contribution in pytest-dev/pytest-env#211

Full Changelog: pytest-dev/pytest-env@1.5.0...1.5.1

Commits

• 8bd22d1 ✨ feat(env): preserve existing env values (#213)
• 81f9e0e Fix verbose source attribution when falling back to INI env (#211)
• 81dc95d [pre-commit.ci] pre-commit autoupdate (#210)
• 439cc76 [pre-commit.ci] pre-commit autoupdate (#209)
• b1b498e Standardize .github files to .yaml suffix
• 066dadc Add missing .github config files
• 7d01327 Add SECURITY.md to .github/
• 04259c9 build(deps): bump actions/download-artifact from 7 to 8 (#205)
• 4fdb9d8 build(deps): bump actions/upload-artifact from 6 to 7 (#204)
• 672e44f Add permissions to workflows (#203)
• Additional commits viewable in compare view

Updates celery-types from 0.24.0 to 0.26.0

Commits

• See full diff in compare view

Updates pyrefly from 0.55.0 to 0.58.0

Release notes

Sourced from pyrefly's releases.

Pyrefly v0.57.1

Fixed a bug that could cause Pyrefly to hang.

Pyrefly v0.57.0

Status: Beta
Release date: March 16, 2026

Pyrefly 0.57.0 bundles 116 commits from 17 contributors.

---

✨ New & Improved

Area	What’s new
Type Checking	- Improved type narrowing for hasattr inside loops - pyrefly suppress no longer corrupts multiline f-strings/t-strings by inserting suppression comments inside the string; it now places comments above the string and also matches suppressions correctly for errors inside multiline f/t-strings - Improved namedtuple support with * field unpacking - Fewer false-positive “variable is not initialized” errors
Language Server	- if a nested pyproject.toml contains [tool.ruff] / [tool.mypy] / [tool.pyright], it’s treated as a strong “this is a Python project root” marker, preventing parent pyrefly.toml from incorrectly shadowing it (notably improving go-to-def accuracy on some repos)
Performance	- Typechecking speed has improved, making it now ~20% faster to type check Pytorch on recent benchmarks

---

🐛 bug fixes

We closed 24 bug issues this release 👏

• #2696: Fixed an issue where Pyrefly’s LSP incorrectly flagged from typing import NewType as unused, even when NewType(...) was referenced.
• #2743: Fixed an issue where TypedDict fields named items/values prevented access to the corresponding dict.items() / dict.values() methods via attribute lookup.
• #2745: Fixed an issue where chained/nested narrowing expressions (e.g. multi-clause and conditions) failed to narrow correctly when using negative subscript indices.
• #27...

  Description has been truncated