Skip to content

Comments

Bump pip-tools from 7.5.2 to 7.5.3 in /{{ cookiecutter.project_slug }}/.github/utils in the packages group across 1 directory#441

Merged
TEAM4-0 merged 3 commits intomasterfrom
dependabot/pip/{{-cookiecutter.project_slug-}}/dot-github/utils/master/packages-de6a534eb5
Feb 16, 2026
Merged

Bump pip-tools from 7.5.2 to 7.5.3 in /{{ cookiecutter.project_slug }}/.github/utils in the packages group across 1 directory#441
TEAM4-0 merged 3 commits intomasterfrom
dependabot/pip/{{-cookiecutter.project_slug-}}/dot-github/utils/master/packages-de6a534eb5

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 16, 2026

Bumps the packages group with 1 update in the /{{ cookiecutter.project_slug }}/.github/utils directory: pip-tools.

Updates pip-tools from 7.5.2 to 7.5.3

Release notes

Sourced from pip-tools's releases.

v7.5.3

2026-02-11

Bug fixes

  • The option --unsafe-package is now normalized -- by @​shifqu.

    PRs and issues: #2150

  • Fixed a bug in which pip-compile lost any index URL options when looking up hashes -- by @​sirosen.

    This caused errors when a package was only available from an extra index, and caused pip-compile to incorrectly drop index URL options from output, even when they were present in the input requirements.

    PRs and issues: #2220, #2294, #2305

  • Fixed removal of temporary files used when reading requirements from stdin -- by @​sirosen.

Features

  • pip-tools is now tested against Python 3.14 and 3.14t in CI, and marks them as supported in the core packaging metadata -- by @​webknjaz.

    PRs and issues: #2255

  • pip-tools is now compatible with pip 26.0 -- by @​sirosen.

    PRs and issues: #2319, #2320

Removals and backward incompatible breaking changes

Improved documentation

  • The change log management infra now allows the maintainers to add notes before and after the regular categories -- by @​webknjaz.

    PRs and issues: #2287, #2322

  • Added documentation clarifying that pip-compile reads the existing output file as a constraint source, and how to use --upgrade to refresh dependencies -- by @​maliktafheem.

    PRs and issues: #2307

... (truncated)

Changelog

Sourced from pip-tools's changelog.

v7.5.3

2026-02-09

Bug fixes

  • The option --unsafe-package is now normalized -- by {user}shifqu.

    PRs and issues: {issue}2150

  • Fixed a bug in which pip-compile lost any index URL options when looking up hashes -- by {user}sirosen.

    This caused errors when a package was only available from an extra index, and caused pip-compile to incorrectly drop index URL options from output, even when they were present in the input requirements.

    PRs and issues: {issue}2220, {issue}2294, {issue}2305

  • Fixed removal of temporary files used when reading requirements from stdin -- by {user}sirosen.

Features

  • pip-tools is now tested against Python 3.14 and 3.14t in CI, and marks them as supported in the core packaging metadata -- by {user}webknjaz.

    PRs and issues: {issue}2255

  • pip-tools is now compatible with pip 26.0 -- by {user}sirosen.

    PRs and issues: {issue}2319, {issue}2320

Removals and backward incompatible breaking changes

  • Removed support for Python 3.8 -- by {user}sirosen.

Improved documentation

  • The change log management infra now allows the maintainers to add notes before and after the regular categories -- by {user}webknjaz.

    PRs and issues: {issue}2287, {issue}2322

  • Added documentation clarifying that pip-compile reads the existing output file as a constraint source, and how to use --upgrade to refresh dependencies -- by {user}maliktafheem.

    PRs and issues: {issue}2307

... (truncated)

Commits
  • 5f31d8a Merge pull request #2332 from sirosen/fix-release-version-normalization
  • 106f1d6 Fix CI workflow to normalize versions (for release)
  • 3a0f5ed Merge pull request #2329 from sirosen/release/v7.5.3
  • e4bd31d Merge pull request #2328 from jazzband/pre-commit-ci-update-config
  • 08107ab Update changelog for version 7.5.3
  • 5b4d130 Merge pull request #2325 from sirosen/ensure-tmpfile-cleanup
  • cc6a2b9 Apply feedback/suggestions from review
  • fc53265 [pre-commit.ci] pre-commit autoupdate
  • 6c27507 Add 'tempfile_compat' to handle windows tmp files
  • 9ac94db Fix leak of temp files when reading from stdin
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump pip-tools
6ceef27 
Bumps the packages group with 1 update in the /{{ cookiecutter.project_slug }}/.github/utils directory: [pip-tools](https://github.com/jazzband/pip-tools).


Updates `pip-tools` from 7.5.2 to 7.5.3
- [Release notes](https://github.com/jazzband/pip-tools/releases)
- [Changelog](https://github.com/jazzband/pip-tools/blob/main/CHANGELOG.md)
- [Commits](jazzband/pip-tools@v7.5.2...v7.5.3)

---
updated-dependencies:
- dependency-name: pip-tools
  dependency-version: 7.5.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: packages
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added CI/CD Continuous integration or continuous deployment skip-changelog Skip this issue/PR when auto-generating the changelog labels Feb 16, 2026
@TEAM4-0 TEAM4-0 enabled auto-merge (squash) February 16, 2026 05:38
@TEAM4-0 TEAM4-0 merged commit 9021716 into master Feb 16, 2026
7 checks passed
@TEAM4-0 TEAM4-0 deleted the dependabot/pip/{{-cookiecutter.project_slug-}}/dot-github/utils/master/packages-de6a534eb5 branch February 16, 2026 11:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@CasperWA CasperWA CasperWA approved these changes

Assignees

No one assigned

Labels

CI/CD Continuous integration or continuous deployment skip-changelog Skip this issue/PR when auto-generating the changelog

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@CasperWA @TEAM4-0