Skip to content

build(deps): bump json-repair from 0.25.2 to 0.60.1 in the uv group across 1 directory#1

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/uv/uv-9a98d80813
Open

build(deps): bump json-repair from 0.25.2 to 0.60.1 in the uv group across 1 directory#1
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/uv/uv-9a98d80813

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 13, 2026

Copy link
Copy Markdown

Bumps the uv group with 1 update in the / directory: json-repair.

Updates json-repair from 0.25.2 to 0.60.1

Release notes

Sourced from json-repair's releases.

Release 0.60.1

Added

  • A potential infinite loop in schema resolution could cause an application using the library to crash if the schema was self referential

Support this project

json_repair is maintained as a side project and stays free for everyone.

If it saves you debugging time, helps you handle LLM-generated JSON, or is part of your production workflow, please consider:

Sponsorship helps justify the time spent fixing edge cases, improving performance, and keeping the library reliable.

Release 0.60.0

Added

  • Support for repairing string values that contain low smart quote spans like „... when the closing quote is emitted as ASCII " instead of Unicode ”. Issue #198

Support this project

json_repair is maintained as a side project and stays free for everyone.

If it saves you debugging time, helps you handle LLM-generated JSON, or is part of your production workflow, please consider:

Sponsorship helps justify the time spent fixing edge cases, improving performance, and keeping the library reliable.

Release 0.59.10

Fixed

  • Fixed a parser-path repair bug where balanced brace groups inside string values, such as LaTeX fragments like \frac{x^2}{m}, could be mistaken for object structure when a later inline JSON-like snippet appeared in the same string.
  • Improved preservation of malformed-but-string-intended explanations containing inline literals such as {"blank_1": "5"} without splitting the surrounding object.

Support this project

json_repair is maintained as a side project and stays free for everyone.

If it saves you debugging time, helps you handle LLM-generated JSON, or is part of your production workflow, please consider:

Sponsorship helps justify the time spent fixing edge cases, improving performance, and keeping the library reliable.

Release 0.59.9

Fixed

-Fix #196, a regression introduced to fix #170 caused issue with top-level object duplication.

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps the uv group with 1 update in the / directory: [json-repair](https://github.com/mangiucugna/json_repair).


Updates `json-repair` from 0.25.2 to 0.60.1
- [Release notes](https://github.com/mangiucugna/json_repair/releases)
- [Commits](mangiucugna/json_repair@0.25.2...v0.60.1)

---
updated-dependencies:
- dependency-name: json-repair
  dependency-version: 0.60.1
  dependency-type: direct:production
  dependency-group: uv
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Jul 13, 2026
@cloudflare-workers-and-pages

cloudflare-workers-and-pages Bot commented Jul 13, 2026

Copy link
Copy Markdown

Deploying crewai with  Cloudflare Pages  Cloudflare Pages

Latest commit: 4abcda6
Status: ✅  Deploy successful!
Preview URL: https://89b60f68.crewai-8e2.pages.dev
Branch Preview URL: https://dependabot-uv-uv-9a98d80813.crewai-8e2.pages.dev

View logs

@netlify

netlify Bot commented Jul 13, 2026

Copy link
Copy Markdown

Deploy Preview for crewai-constellation-codex-guardians failed. Why did it fail? →

Name Link
🔨 Latest commit 4abcda6
🔍 Latest deploy log https://app.netlify.com/projects/crewai-constellation-codex-guardians/deploys/6a557826dec3840007bc7d57

@netlify

netlify Bot commented Jul 13, 2026

Copy link
Copy Markdown

Deploy Preview for exquisite-chaja-ea727d failed. Why did it fail? →

Name Link
🔨 Latest commit 4abcda6
🔍 Latest deploy log https://app.netlify.com/projects/exquisite-chaja-ea727d/deploys/6a557826f2fcbc00076f9777

@netlify

netlify Bot commented Jul 13, 2026

Copy link
Copy Markdown

Deploy Preview for crewai-constellation-codex failed. Why did it fail? →

Name Link
🔨 Latest commit 4abcda6
🔍 Latest deploy log https://app.netlify.com/projects/crewai-constellation-codex/deploys/6a557826daaa0100084938ca

@entelligence-ai-pr-reviews

Copy link
Copy Markdown

EntelligenceAI PR Summary

Upgrades the json-repair library from 0.25.2 to 0.60.1 across project configuration and lock file.

  • pyproject.toml: Bumped json-repair version constraint to 0.60.1
  • uv.lock: Resolved json-repair to 0.60.1 (released 2026-06-03), lock file revision incremented from 2 to 3
  • New wheel size is ~48KB compared to ~12KB previously, indicating substantial expansion in repair capabilities or new features

Confidence Score: 5/5 - Safe to Merge

Safe to merge — this is a routine automated dependency bump of json-repair from 0.25.2 to 0.60.1, touching only pyproject.toml and uv.lock with no application logic changes. The version jump is substantial (35 minor versions) and the wheel size has grown from ~12KB to ~48KB, suggesting significant upstream feature additions, but as a repair utility library this is unlikely to introduce breaking behavioral changes for typical usage. No review comments were generated and all changed files were covered in analysis.

Key Findings:

  • Only pyproject.toml and uv.lock are modified — no application source code, tests, or configuration logic is touched, making this a low-risk mechanical change.
  • The uv.lock revision increment from 2 to 3 and the resolved version 0.60.1 (released 2026-06-03) are consistent with each other, indicating a well-formed lock file update with no dependency conflicts introduced.
  • The ~4x wheel size increase from ~12KB to ~48KB warrants awareness that json-repair has expanded substantially upstream, but since no heuristic analysis flagged API-breaking changes or CVEs, the risk remains low for a library used for JSON repair utilities.
Files requiring special attention
  • uv.lock
  • pyproject.toml

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants