Skip to content

chore(deps): Bump the minor-and-patch group across 1 directory with 3 updates#639

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/uv/a2a/cheerup_agent/minor-and-patch-48a0d55004
Open

chore(deps): Bump the minor-and-patch group across 1 directory with 3 updates#639
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/uv/a2a/cheerup_agent/minor-and-patch-48a0d55004

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 26, 2026

Copy link
Copy Markdown
Contributor

Bumps the minor-and-patch group with 3 updates in the /a2a/cheerup_agent directory: openai, pydantic-settings and opentelemetry-exporter-otlp.

Updates openai from 2.42.0 to 2.44.0

Release notes

Sourced from openai's releases.

v2.44.0

2.44.0 (2026-06-24)

Full Changelog: v2.43.0...v2.44.0

Bug Fixes

  • auth: prioritize first auth header (797e336)

v2.43.0

2.43.0 (2026-06-17)

Full Changelog: v2.42.0...v2.43.0

Features

  • api: update OpenAPI spec or Stainless config (2254235)
Changelog

Sourced from openai's changelog.

2.44.0 (2026-06-24)

Full Changelog: v2.43.0...v2.44.0

Bug Fixes

  • auth: prioritize first auth header (797e336)

2.43.0 (2026-06-17)

Full Changelog: v2.42.0...v2.43.0

Features

  • api: update OpenAPI spec or Stainless config (2254235)
Commits

Updates pydantic-settings from 2.14.1 to 2.14.2

Release notes

Sourced from pydantic-settings's releases.

v2.14.2

What's Changed

This is a security patch release.

Security

Fixes GHSA-4xgf-cpjx-pc3j: NestedSecretsSettingsSource with secrets_nested_subdir=True could follow a symbolic link inside secrets_dir pointing outside it, reading out-of-tree files into settings values and bypassing the secrets_dir_max_size cap. Affected versions: >= 2.12.0, < 2.14.2.

Full Changelog: pydantic/pydantic-settings@v2.14.1...v2.14.2

Commits

Updates opentelemetry-exporter-otlp from 1.42.1 to 1.43.0

Changelog

Sourced from opentelemetry-exporter-otlp's changelog.

Version 1.43.0/0.64b0 (2026-06-24)

Added

  • opentelemetry-sdk: add add_metric_reader / remove_metric_reader public APIs to register / unregister metric readers at runtime. (#4863)
  • opentelemetry-exporter-prometheus: add support for configuring metric scope labels (#5123)
  • opentelemetry-exporter-otlp-proto-grpc: Add grpc error details to the log message that's written when the grpc call fails. (#5143)
  • opentelemetry-exporter-http-transport: add 'opentelemetry-exporter-http-transport' package for HTTP exporters (#5194)
  • opentelemetry-sdk: Add composite/development samplers support to declarative file configuration (#5201)
  • opentelemetry-exporter-otlp-json-file: Add OTLP JSON File exporter implementation (#5207)
  • opentelemetry-sdk: add _resolve_component shared utility for declarative config plugin loading, reducing boilerplate in exporter factory functions (#5215)
  • opentelemetry-sdk: add pull metric reader support to declarative file configuration, including Prometheus metric reader via the prometheus_development config field (#5216)
  • opentelemetry-proto-json: update to use opentelemetry-proto v1.10.0 (#5224)
  • opentelemetry-proto: bump maximum supported protobuf version to 7.x.x (#5251)
  • opentelemetry-sdk: add ServiceInstanceIdResourceDetector for populating service.instance.id (#5259)
  • opentelemetry-sdk: declarative config loader now recursively converts parsed dicts into typed dataclass instances, including nested dataclasses, lists of dataclasses, and enum values. End-to-end YAML/JSON → SDK configuration now works via the factory functions. (#5269)
  • opentelemetry-sdk: add configure_sdk(config) to the declarative configuration API. Single entry point that takes a parsed OpenTelemetryConfiguration, builds the resource, and applies the tracer/meter/logger providers and propagator globally. Honors the top-level disabled flag. (#5270)
  • opentelemetry-sdk: the SDK configurator now honors the OTEL_CONFIG_FILE environment variable. When set, the SDK loads and applies the referenced declarative configuration file (YAML or JSON) in place of the env-var-based

... (truncated)

Commits
  • fcbbeb8 [release/v1.43.x-0.64bx] Prepare release 1.43.0/0.64b0 (#5349)
  • b40dcbc opentelemetry-exporter-http-transport: enable entry-point loading of transpor...
  • 10e8577 update to Sphinx to 8.1.3 in order to support Python 3.14 (#5278)
  • 6ac6895 docs: add declarative configuration guide and example (#5309)
  • 13ad4d5 opentelemetry-api: normalize empty environment propagation names to "_" in En...
  • 6a0ab84 opentelemetry-sdk: merge doesn't need a copy, dict already does this (#5326)
  • ac7a3df feat(config): support OTEL_CONFIG_FILE in the SDK configurator (#5271)
  • fa75422 Add support for composite samplers in declarative config (#5201)
  • 43f079f Update json and proto encoder to always accept None type, cleanup code / test...
  • 53c9d96 chore: cleanup typo found in test (#5324)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

… updates

Bumps the minor-and-patch group with 3 updates in the /a2a/cheerup_agent directory: [openai](https://github.com/openai/openai-python), [pydantic-settings](https://github.com/pydantic/pydantic-settings) and [opentelemetry-exporter-otlp](https://github.com/open-telemetry/opentelemetry-python).


Updates `openai` from 2.42.0 to 2.44.0
- [Release notes](https://github.com/openai/openai-python/releases)
- [Changelog](https://github.com/openai/openai-python/blob/main/CHANGELOG.md)
- [Commits](openai/openai-python@v2.42.0...v2.44.0)

Updates `pydantic-settings` from 2.14.1 to 2.14.2
- [Release notes](https://github.com/pydantic/pydantic-settings/releases)
- [Commits](pydantic/pydantic-settings@v2.14.1...v2.14.2)

Updates `opentelemetry-exporter-otlp` from 1.42.1 to 1.43.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-python/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-python/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-python@v1.42.1...v1.43.0)

---
updated-dependencies:
- dependency-name: openai
  dependency-version: 2.44.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: pydantic-settings
  dependency-version: 2.14.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: opentelemetry-exporter-otlp
  dependency-version: 1.43.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Jun 26, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code

Projects

Status: New/ToDo

Development

Successfully merging this pull request may close these issues.

1 participant