Bump the minor group across 1 directory with 6 updates

[dependabot]

Bumps the minor group with 6 updates in the / directory:

Package	From	To
django	6.0.5	6.0.6
google-cloud-logging	3.15.0	3.16.0
icalendar	7.1.0	7.1.2
newrelic	13.0.0	13.1.0
requests	2.34.1	2.34.2
uvicorn	0.46.0	0.49.0

Updates django from 6.0.5 to 6.0.6

Commits

• ee93f65 [6.0.x] Bumped version for 6.0.6 release.
• 1721035 [6.0.x] Fixed CVE-2026-48587 -- Ignored whitespace padding when checking Vary...
• 664652f [6.0.x] Fixed CVE-2026-35193 -- Varied on Authorization when caching non-publ...
• b433025 [6.0.x] Fixed CVE-2026-8404 -- Used Cache-Control directives case-insensitive...
• 625a670 [6.0.x] Fixed CVE-2026-7666 -- Delayed setting SMTP connection until fully co...
• c807d9c [6.0.x] Fixed CVE-2026-6873 -- Prevented signed cookie salt namespace collisi...
• 98a75e3 [6.0.x] Included commit hash in checksum file when building artifacts for rel...
• dd895d6 [6.0.x] Updated translations from Transifex.
• 49ca2db [6.0.x] Updated links to severity levels in release notes.
• c9f32a2 [6.0.x] Added stub release notes and release date for 6.0.6 and 5.2.15.
• Additional commits viewable in compare view

Updates google-cloud-logging from 3.15.0 to 3.16.0

Release notes

Sourced from google-cloud-logging's releases.

google-cloud-logging: v3.16.0

v3.16.0 (2026-06-02)

Features

• drop support for Python 3.7, 3.8, and 3.9 runtimes (#17276) (014e951b)

Changelog

Sourced from google-cloud-logging's changelog.

Changelog

PyPI History

Commits

• 5accbb4 chore: librarian release pull request: 20260602T021047Z (#17336)
• 86e57cb fix(spanner_dbapi): replace insecure pickle with json for partition deseriali...
• 6b62cb6 feat(bigframes): Add ai_generate functions to the dataframe bq accessor (#17302)
• 54fd04b chore: librarian release pull request: 20260529T145921Z (#17312)
• c04f892 chore: update googleapis and regenerate (#17313)
• 1c2e24f chore: generate google-cloud-monitoring-dashboards (#17309)
• 06965d8 chore: generate google-cloud-containeranalysis (#17308)
• 2024224 chore: generate grafeas (#17307)
• 9f2ed92 chore(spanner): deprecate experimental host option/parameter to replace with ...
• 7813ca4 chore: add missing nox sessions and polish dependencies in sqlalchemy-spanner...
• Additional commits viewable in compare view

Updates icalendar from 7.1.0 to 7.1.2

Release notes

Sourced from icalendar's releases.

v7.1.2

To view the changes, please see the Changelog. This release can be installed from PyPI.

v7.1.1

To view the changes, please see the Changelog. This release can be installed from PyPI.

Changelog

Sourced from icalendar's changelog.

7.1.2 (2026-05-22)

Bug fixes

- Replaced the recursive :meth:`Component.__repr__ <icalendar.cal.component.Component.__repr__>` implementation with an iterative stack-based walk so that deeply nested calendars no longer raise :exc:`RecursionError` when formatted via ``repr()``, ``str()``, or f-strings. The output format is unchanged for normally-shaped calendars. @gistrec (`Issue [#1370](https://github.com/collective/icalendar/issues/1370) <https://github.com/collective/icalendar/issues/1370>`_)
Documentation

• Update maintenance documentation. Fix the version switcher on "stable" on Read the Docs. @​stevepiercy (Issue [#1352](https://github.com/collective/icalendar/issues/1352) <https://github.com/collective/icalendar/issues/1352>_)

7.1.1 (2026-05-18)

New features

- Created an :attr:`~icalendar.prop.dt.period.vPeriod.ical_value` property for the :class:`~icalendar.prop.dt.period.vPeriod` component. @ZairKSM (`Issue [#876](https://github.com/collective/icalendar/issues/876) <https://github.com/collective/icalendar/issues/876>`_)
- Created a :meth:`~icalendar.prop.recur.weekday.vWeekday.ical_value` property for the :class:`~icalendar.prop.recur.weekday.vWeekday` component, mirroring the existing pattern on :class:`~icalendar.prop.boolean.vBoolean`. @mvanhorn (`Issue [#1360](https://github.com/collective/icalendar/issues/1360) <https://github.com/collective/icalendar/issues/1360>`_)
Bug fixes

- Strictly validate BINARY property values in :attr:`vBinary.from_ical() &lt;icalendar.prop.binary.vBinary.from_ical&gt;` and reject malformed Base64 input instead of silently accepting invalid characters. @uwezkhan (`Issue [#1349](https://github.com/collective/icalendar/issues/1349) &lt;https://github.com/collective/icalendar/issues/1349&gt;`_)
Documentation

</code></pre>

<ul>

<li>Replace the RFC quotations in the docstrings for :attr:<code>Alarm.REPEAT &lt;icalendar.cal.alarm.Alarm.REPEAT&gt;</code> and :attr:<code>Alarm.DURATION &lt;icalendar.cal.alarm.Alarm.DURATION&gt;</code> with Pythonic descriptions, including parameter notes, conformance references, and worked examples. <a href="https://github.com/tmchow&quot;&gt;&lt;code&gt;@​tmchow&lt;/code&gt;&lt;/a> (<code>Issue #1244 &lt;collective/icalendar#1244>

<li>Edited contributor documentation for how to add a change log entry, and maintenance documentation for how to process news fragments. <a href="https://github.com/stevepiercy&quot;&gt;&lt;code&gt;@​stevepiercy&lt;/code&gt;&lt;/a> (<code>Issue #1256 &lt;collective/icalendar#1256>

<li>Updated release process documentation. <a href="https://github.com/niccokunzmann&quot;&gt;&lt;code&gt;@​niccokunzmann&lt;/code&gt;&lt;/a> <a href="https://github.com/stevepiercy&quot;&gt;&lt;code&gt;@​stevepiercy&lt;/code&gt;&lt;/a> <a href="https://github.com/SashankBhamidi&quot;&gt;&lt;code&gt;@​SashankBhamidi&lt;/code&gt;&lt;/a> (<code>Issue #1293 &lt;collective/icalendar#1293>

</ul>

<p>Dependency changes</p>

<pre><code>

Added towncrier &amp;lt;https://pypi.org/project/towncrier/&amp;gt;_ to development dependencies. @stevepiercy (Issue [#1256](https://github.com/collective/icalendar/issues/1256) &amp;lt;https://github.com/collective/icalendar/issues/1256&amp;gt;_)

Internal changes



Switched from manual change log management to towncrier &lt;https://pypi.org/project/towncrier/&gt;_ to automate the process. @​stevepiercy (Issue [#1256](https://github.com/collective/icalendar/issues/1256) &lt;https://github.com/collective/icalendar/issues/1256&gt;_)
Bump PyPy from 3.10 to 3.11 for testing. @​stevepiercy (Issue [#1383](https://github.com/collective/icalendar/issues/1383) &lt;https://github.com/collective/icalendar/issues/1383&gt;_)

Commits

• f5494e3 Merge branch 'main' into 7.x
• 6ddbd95 version 7.1.2
• 6efe639 Update maintenance docs and fix version switcher for "stable" (#1393)
• 67d6ab9 Fix RecursionError in Component.repr on deeply nested calendars (Closes #...
• 8705729 Restore version warning banner for 'latest' on Read the Docs
• 8fccb3a Update version switcher for 7.1.1
• 79ddc3e Merge branch 'main' into 7.x
• 465936b version 7.1.1
• 39b8db8 Update release process (#1350)
• c343662 Switch to towncrier to automatically manage the change log (#1389)
• Additional commits viewable in compare view

Updates newrelic from 13.0.0 to 13.1.0

Release notes

Sourced from newrelic's releases.

v13.1.0

Notes

This release of the Python agent adds support for multiple new Redis commands. fixes a bug in LangGraph instrumentation, and improves handling and logging of harvest limit settings.

Install the agent using easy_install/pip/distribute via the Python Package Index, using conda via the Conda-Forge Package Index, or download it directly from the New Relic download site.

Improved Features

• Add instrumentation for new Redis v8.8.0 commands

  • Add instrumentation for the following new Redis commands from redis-py v8.8.0:
    • Misc commands: INCREX, XNACK
    • Array commands: ARCOUNT, ARDEL, ARDELRANGE, ARGET, ARGETRANGE, ARGREP, ARINFO, ARINSERT, ARLASTITEMS, ARLEN, ARMGET, ARMSET, ARNEXT, AROP, ARRING, ARSCAN, ARSEEK, ARSET

Bugs

• Fix crash in LangGraph instrumentation

  • Previously, when using LangGraph instrumentation, the agent would crash due to an issue with context propagation to jobs in AsyncBackgroundExecutor. This has been fixed, and the agent should now work correctly with LangGraph.

• Improved handling and logging of harvest limit settings

  • The agent now more accurately reports the list of harvest methods and limits to the Environment tab in New Relic One.
  • The agent now has more consistent debug logging on startup for harvest limit settings.

Support statement

We recommend updating to the latest agent version as soon as it's available. If you can't upgrade to the latest version, update your agents to a version no more than 90 days old. Read more about keeping agents up to date.

See the New Relic Python agent EOL policy for information about agent releases and support dates.

v13.0.1

https://docs.newrelic.com/docs/release-notes/agent-release-notes/python-release-notes/python-agent-130001/

Commits

• c3c787c Correct LangGraph Wrapper Behavior (#1745)
• f5b0c8c Bump the github_actions group across 1 directory with 7 updates (#1740)
• 149b2e6 Fix inconsistencies around harvest limit config settings (#1737)
• 949339a Fix Nginx Testing (#1744)
• 9022f11 Instrument New Redis Methods (#1743)
• ef3afa0 Gemini Vertex Testing (#1719)
• 6e429d2 Fix LiteLLM OpenAI Streaming (#1738)
• 7faf2d9 Update trivyignore for CVEs in urllib3 (#1736)
• 2d92cd2 LangChain & LangGraph Transaction Context Propagation (#1733)
• cda82d1 OpenAI collect chat completion at done (#1727)
• See full diff in compare view

Updates requests from 2.34.1 to 2.34.2

Release notes

Sourced from requests's releases.

v2.34.2

2.34.2 (2026-05-14)

• Moved headers input type back to Mapping to avoid invariance issues with MutableMapping and inferred dict types. Users calling Request.headers.update() may need to narrow typing in their code. (#7441)

Full Changelog: https://github.com/psf/requests/blob/main/HISTORY.md#2342-2026-05-14

Changelog

Sourced from requests's changelog.

2.34.2 (2026-05-14)

• Moved headers input type back to Mapping to avoid invariance issues with MutableMapping and inferred dict types. Users calling Request.headers.update() may need to narrow typing in their code. (#7441)

Commits

• 6e83187 v2.34.2
• 84d10f0 Move Request.headers back to Mapping (#7441)
• See full diff in compare view

Updates uvicorn from 0.46.0 to 0.49.0

Release notes

Sourced from uvicorn's releases.

Version 0.49.0

What's Changed

• Bump httptools minimum version to 0.8.0 by @​Kludex in Kludex/uvicorn#2962
• Consume duplicate forwarding headers in ProxyHeadersMiddleware (reverses the 0.48.0 behavior of ignoring them) by @​Kludex in Kludex/uvicorn#2971

Full Changelog: Kludex/uvicorn@0.48.0...0.49.0

Version 0.48.0

What's Changed

• Default ssl_ciphers to None and use OpenSSL defaults by @​Kludex in Kludex/uvicorn#2940
• Ignore duplicate forwarding headers in ProxyHeadersMiddleware by @​Kludex in Kludex/uvicorn#2944

Full Changelog: Kludex/uvicorn@0.47.0...0.48.0

Version 0.47.0

What's Changed

• Eagerly import the ASGI app in the parent process by @​Kludex in Kludex/uvicorn#2919
• Add ssl_context_factory for custom SSLContext configuration by @​Kludex in Kludex/uvicorn#2920
• Treat fd=0 as a valid file descriptor with reload/workers by @​eltoder in Kludex/uvicorn#2927

Full Changelog: Kludex/uvicorn@0.46.0...0.47.0

Changelog

Sourced from uvicorn's changelog.

0.49.0 (June 3, 2026)

Changed

• Bump httptools minimum version to 0.8.0 (#2962)
• Consume duplicate forwarding headers in ProxyHeadersMiddleware (reverses the 0.48.0 behavior of ignoring them) (#2971)

0.48.0 (May 24, 2026)

Changed

• Default ssl_ciphers to None and use OpenSSL defaults (#2940)

Fixed

• Ignore duplicate forwarding headers in ProxyHeadersMiddleware (#2944)

0.47.0 (May 14, 2026)

Added

• Add ssl_context_factory for custom SSLContext configuration (#2920)

Changed

• Eagerly import the ASGI app in the parent process (#2919)

Fixed

• Treat fd=0 as a valid file descriptor with reload/workers (#2927)

Commits

• 3ef2e3e Version 0.49.0 (#2973)
• eeb64b1 Consume duplicate forwarding headers in ProxyHeadersMiddleware (#2971)
• 630f4ac Make the watchfiles reload tests deterministic (#2972)
• 9154922 chore(deps): bump the github-actions group across 1 directory with 6 updates ...
• 739727a Migrate docs deploy from Cloudflare Pages to Workers (#2967)
• be4a240 Gate docs preview deploy on Cloudflare token presence (#2966)
• c489d7e Bump httptools minimum version to 0.8.0 (#2962)
• 9f547bd Skip docs preview deploy for Dependabot PRs (#2961)
• 44446b8 Migrate documentation from MkDocs Material to Zensical (#2959)
• cfd659c Bump pymdown-extensions to 10.21.3 (#2958)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions