From acc35889fee93e967f5edada6ba063c013923e51 Mon Sep 17 00:00:00 2001
From: Vigo Walker <vigopaul05@gmail.com>
Date: Sun, 21 Jun 2026 20:07:47 +0200
Subject: [PATCH] fix: update pyo3 to 0.29.0 and fix dependabot config

- Bump pyo3 from 0.28.3 to 0.29.0 to address security advisory (affected: < 0.29.0)
- Bump pyo3-async-runtimes from 0.28.0 to 0.29.0 to match pyo3 version
- Fix dependabot.yml: set package-ecosystem to "cargo", fix typo "dayli" -> "weekly",
  point to workspace root "/" so Dependabot can resolve workspace members correctly

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 .github/dependabot.yml          | 6 +++---
 crates/bindings_pyo3/Cargo.toml | 4 ++--
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 0d47034b..009e86f6 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -5,7 +5,7 @@
 
 version: 2
 updates:
-  - package-ecosystem: "" # See documentation for possible values
-    directory: "/" # Location of package manifests
+  - package-ecosystem: "cargo"
+    directory: "/"
     schedule:
-      interval: "dayli"
+      interval: "weekly"
diff --git a/crates/bindings_pyo3/Cargo.toml b/crates/bindings_pyo3/Cargo.toml
index e56faae8..5cf3cc7b 100644
--- a/crates/bindings_pyo3/Cargo.toml
+++ b/crates/bindings_pyo3/Cargo.toml
@@ -19,8 +19,8 @@ crate-type = ["cdylib"]
 test = false
 
 [dependencies]
-pyo3 = { version = "0.28.3", features = ["abi3-py39"] }
-pyo3-async-runtimes = { version = "0.28.0", features = ["tokio-runtime"] }
+pyo3 = { version = "0.29.0", features = ["abi3-py39"] }
+pyo3-async-runtimes = { version = "0.29.0", features = ["tokio-runtime"] }
 
 binary_options_tools = { path = "../binary_options_tools", version = "0.2.1" }