Skip to content

chore: bump the all group with 2 updates#942

Merged
Aureliolo merged 2 commits intomainfrom
dependabot/uv/all-e435ebe403
Mar 31, 2026
Merged

chore: bump the all group with 2 updates#942
Aureliolo merged 2 commits intomainfrom
dependabot/uv/all-e435ebe403

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Mar 31, 2026

Bumps the all group with 2 updates: faker and litellm.

Updates faker from 40.11.1 to 40.12.0

Release notes

Sourced from faker's releases.

Release v40.12.0

See CHANGELOG.md.

Changelog

Sourced from faker's changelog.

v40.12.0 - 2026-03-30

Commits
  • fb98b61 Bump version: 40.11.1 → 40.12.0
  • 00b920f 📝 Update CHANGELOG.md
  • bd75873 Restore parameters stripped out by the AI
  • f4bb94a exclude the scripts directory from the MANIFEST.in file
  • ebfd067 Sort test cases alphabetically
  • a5d09c0 Add address providers for ar_DZ and fr_DZ locales (#2341)
  • See full diff in compare view

Updates litellm from 1.82.6 to 1.83.0

Release notes

Sourced from litellm's releases.

litellm-v1.81.14.pre-call-hook-fix.dev

What's Changed

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore: bump the all group with 2 updates
8b88604 
Bumps the all group with 2 updates: [faker](https://github.com/joke2k/faker) and [litellm](https://github.com/BerriAI/litellm).


Updates `faker` from 40.11.1 to 40.12.0
- [Release notes](https://github.com/joke2k/faker/releases)
- [Changelog](https://github.com/joke2k/faker/blob/master/CHANGELOG.md)
- [Commits](joke2k/faker@v40.11.1...v40.12.0)

Updates `litellm` from 1.82.6 to 1.83.0
- [Release notes](https://github.com/BerriAI/litellm/releases)
- [Commits](https://github.com/BerriAI/litellm/commits)

---
updated-dependencies:
- dependency-name: faker
  dependency-version: 40.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: litellm
  dependency-version: 1.83.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file type:chore Maintenance, cleanup, dependency updates labels Mar 31, 2026
@dependabot dependabot bot requested a review from Aureliolo as a code owner March 31, 2026 06:23
@dependabot dependabot bot added type:chore Maintenance, cleanup, dependency updates dependencies Pull requests that update a dependency file labels Mar 31, 2026
@dependabot dependabot bot had a problem deploying to cloudflare-preview March 31, 2026 06:24 Failure
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Mar 31, 2026
edited
Loading

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 1 package(s) with unknown licenses.
See the Details below.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA ab58ad2.
Ensure that dependencies are being submitted on PR branches. Re-running this action after a short time may resolve the issue. See the documentation for more information and troubleshooting advice.

License Issues

uv.lock

PackageVersionLicenseIssue Type
litellm1.83.0NullUnknown License
Allowed Licenses: MIT, MIT-0, Apache-2.0, BSD-2-Clause, BSD-3-Clause, ISC, MPL-2.0, PSF-2.0, Unlicense, 0BSD, CC0-1.0, CC-BY-3.0, CC-BY-4.0, Python-2.0, Python-2.0.1, LicenseRef-scancode-free-unknown, LicenseRef-scancode-protobuf, LicenseRef-scancode-google-patent-license-golang, ZPL-2.1, LGPL-2.0-only, LGPL-2.1-only, LGPL-3.0-only, LGPL-3.0-or-later, BlueOak-1.0.0, OFL-1.1
Excluded from license check: pkg:pypi/mem0ai@1.0.5, pkg:pypi/numpy@2.4.3, pkg:pypi/qdrant-client@1.17.0, pkg:pypi/posthog@7.9.12, pkg:npm/@img/sharp-wasm32@0.33.5, pkg:npm/@img/sharp-win32-ia32@0.33.5, pkg:npm/@img/sharp-win32-x64@0.33.5, pkg:golang/github.com/golangci/golangci-lint/v2@2.11.3, pkg:golang/github.com/denis-tingaikin/go-header@0.5.0, pkg:golang/github.com/ldez/structtags@0.6.1, pkg:golang/github.com/leonklingele/grouper@1.1.2, pkg:golang/github.com/xen0n/gosmopolitan@1.3.0, pkg:golang/github.com/alfatraining/structtag@1.0.0, pkg:golang/github.com/fatih/structtag@1.2.0, pkg:npm/json-schema-typed@8.0.2, pkg:npm/victory-vendor@37.3.6

OpenSSF Scorecard

PackageVersionScoreDetails
pip/faker 40.12.0 🟢 4.9
Details
CheckScoreReason
Code-Review⚠️ 2Found 7/30 approved changesets -- score normalized to 2
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Maintained🟢 1030 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Token-Permissions🟢 9detected GitHub workflow tokens with excessive permissions
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts🟢 10no binaries found in the repo
Security-Policy⚠️ 0security policy file not detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Signed-Releases⚠️ -1no releases found
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
pip/litellm 1.83.0 UnknownUnknown

Scanned Files

  • uv.lock

Aureliolo
Aureliolo approved these changes Mar 31, 2026
View reviewed changes
Copy link
Copy Markdown
Owner

@Aureliolo Aureliolo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changelog reviewed: faker 40.12.0 adds ar_DZ/fr_DZ address locales (irrelevant -- we use name generation). litellm 1.83.0 is mostly proxy/guardrail features we don't use + bugfixes for cost map and dict mutation. Clean minor bumps.

@Aureliolo Aureliolo temporarily deployed to cloudflare-preview March 31, 2026 07:36 — with GitHub Actions Inactive
@codecov
Copy link
Copy Markdown

codecov bot commented Mar 31, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 92.21%. Comparing base (c0234ad) to head (ab58ad2).
⚠️ Report is 3 commits behind head on main.
✅ All tests successful. No failed tests found.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main     #942   +/-   ##
=======================================
  Coverage   92.21%   92.21%           
=======================================
  Files         600      600           
  Lines       31940    31940           
  Branches     3108     3108           
=======================================
  Hits        29454    29454           
  Misses       1957     1957           
  Partials      529      529

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@Aureliolo Aureliolo merged commit aea37f8 into main Mar 31, 2026
33 checks passed
@Aureliolo Aureliolo deleted the dependabot/uv/all-e435ebe403 branch March 31, 2026 07:52
@Aureliolo Aureliolo temporarily deployed to cloudflare-preview March 31, 2026 07:52 — with GitHub Actions Inactive
@Aureliolo Aureliolo mentioned this pull request Mar 31, 2026
Merged
Aureliolo added a commit that referenced this pull request Mar 31, 2026
@Aureliolo @github-actions
chore(main): release 0.5.2 (#933)
6a5088c 
🤖 I have created a release *beep* *boop*
---


##
[0.5.2](v0.5.1...v0.5.2)
(2026-03-31)


### Features

* harden activity feed API
([#838](#838),
[#839](#839),
[#840](#840))
([#937](#937))
([c0234ad](c0234ad))
* provider usage metrics, model capabilities, and active health probing
([#935](#935))
([1434c9c](1434c9c))
* runtime sink configuration via SettingsService
([#934](#934))
([16c3f23](16c3f23))
* Settings page comprehensive redesign
([#936](#936))
([#939](#939))
([6d9ac8b](6d9ac8b))


### Maintenance

* bump astro from 6.1.1 to 6.1.2 in /site in the all group
([#940](#940))
([ffa24f0](ffa24f0))
* bump pygments from 2.19.2 to 2.20.0
([#931](#931))
([9993088](9993088))
* bump the all group with 2 updates
([#942](#942))
([aea37f8](aea37f8))
* bump typescript-eslint from 8.57.2 to 8.58.0 in /web in the all group
([#941](#941))
([24f024c](24f024c))
* split CLAUDE.md into subdirectory files for cli/ and web/
([#932](#932))
([f5cfe07](f5cfe07))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

---------

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Aureliolo Aureliolo Aureliolo approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file type:chore Maintenance, cleanup, dependency updates

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Aureliolo