Skip to content

chore(deps-dev): bump djangorestframework-stubs from 3.16.9 to 3.17.0#3095

Closed
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/pip/djangorestframework-stubs-3.17.0
Closed

chore(deps-dev): bump djangorestframework-stubs from 3.16.9 to 3.17.0#3095
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/pip/djangorestframework-stubs-3.17.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 25, 2026

Copy link
Copy Markdown
Contributor

Bumps djangorestframework-stubs from 3.16.9 to 3.17.0.

Release notes

Sourced from djangorestframework-stubs's releases.

3.17.0

Versioning

This is the first version targeting djangorestframework v3.17 and django-stubs v6.0. However, not all stubs have been updated yet for 3.17:

What's Changed

Housekeeping

New Contributors

Full Changelog: typeddjango/djangorestframework-stubs@3.16.9...3.17.0

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [djangorestframework-stubs](https://github.com/typeddjango/djangorestframework-stubs) from 3.16.9 to 3.17.0.
- [Release notes](https://github.com/typeddjango/djangorestframework-stubs/releases)
- [Commits](typeddjango/djangorestframework-stubs@3.16.9...3.17.0)

---
updated-dependencies:
- dependency-name: djangorestframework-stubs
  dependency-version: 3.17.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Jun 25, 2026
@dependabot dependabot Bot requested a review from a team as a code owner June 25, 2026 05:52
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Jun 25, 2026
@sonarqubecloud

Copy link
Copy Markdown

@vpetersson

Copy link
Copy Markdown
Contributor

Superseded by #3108, which consolidates this and the other open Dependabot bumps into a single PR (with both lockfiles regenerated together).

@vpetersson vpetersson closed this Jul 2, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jul 2, 2026

Copy link
Copy Markdown
Contributor Author

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot Bot deleted the dependabot/pip/djangorestframework-stubs-3.17.0 branch July 2, 2026 10:31
vpetersson added a commit that referenced this pull request Jul 2, 2026
* chore(deps): consolidated dependency bump

Combine six open Dependabot PRs into one bump and regenerate both
lockfiles so they resolve together:

- requests 2.33.1 -> 2.34.2 (#3098)
- ansible-core 2.21.0 -> 2.21.1 (#3097)
- redis 7.4.0 -> 8.0.1 (#3096)
- djangorestframework-stubs 3.16.9 -> 3.17.0 (#3095)
- django-stubs-ext 6.0.5 -> 6.0.6 (#3094)
- tailwindcss + @tailwindcss/cli 4.3.1 -> 4.3.2 (#3104)

redis is a major bump. kombu 5.6.2 caps its optional redis extra at
<6.5, but we depend on redis-py directly, so the cap is not enforced.
Verified against a live redis that the direct client API (get/set/
rpush/blpop/pubsub), the celery->redis broker enqueue path, and the
channels-redis channel layer all work with redis-py 8.0.1.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

* chore(deps): sync workflow requests pin, drop redundant types-requests

Address Copilot review on the consolidated bump:

- Bump the hardcoded requests pin in build-balena-disk-image.yaml
  (rpi-imager.json generation) to 2.34.2 to match pyproject.
- requests 2.34.2 now ships py.typed, so the types-requests stub in
  the dev-host group is redundant; remove it and relock. The inline
  types are stricter and surfaced a latent bytes/str inconsistency in
  handle_github_error's errdesc, now annotated as bytes | str.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

* ci: build rpi-imager.json via uv + lockfile instead of an ad-hoc pin

The build-rpi-imager-json job installed requests with a hardcoded
`pip install 'requests==X'`, a pin that had to be hand-synced with
pyproject.toml (and had already drifted). Replace it with the pinned
astral-sh/setup-uv action and `uv run --locked --group local`, which
resolves requests from uv.lock and fails the job if pyproject and the
lockfile ever diverge. Removes the drift source permanently.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

* ci: validate rpi-imager.json with jq empty instead of jq .

jq empty asserts the file is well-formed JSON and exits non-zero on
failure without dumping the payload to the build log; jq . only
pretty-printed it as a side effect of parsing.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

* fix(github): log decoded response text, not raw bytes

handle_github_error logged exc.response.content (bytes), which renders
as a b'...' repr in the log line. Use .text so the GitHub error body
reads as the server's actual message and errdesc stays a plain str.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant