Bump the pip-dependencies group across 1 directory with 2 updates by dependabot[bot] · Pull Request #1562 · oneapi-src/unified-memory-framework

dependabot · 2026-03-09T14:43:07Z

Bumps the pip-dependencies group with 2 updates in the /third_party directory: bandit and codespell.

Updates bandit from 1.9.3 to 1.9.4

Release notes

1.9.4

What's Changed

chore: fixed some typos in comments by @jakob1379 in PyCQA/bandit#1351

Bump docker/login-action from 3.6.0 to 3.7.0 by @dependabot[bot] in PyCQA/bandit#1353

Bump docker/build-push-action from 6.18.0 to 6.19.2 by @dependabot[bot] in PyCQA/bandit#1357

Fix B613 crash when reading from stdin by @worksbyfriday in PyCQA/bandit#1361

Include filename in nosec 'no failed test' warning by @worksbyfriday in PyCQA/bandit#1363

Fix B615 false positive when revision is set via variable by @worksbyfriday in PyCQA/bandit#1358

Lower version guard in check_ast_node to Python 3.12 by @rcgray in PyCQA/bandit#1355

Fix B106 reporting wrong line number on multiline function calls by @worksbyfriday in PyCQA/bandit#1360

New Contributors

@jakob1379 made their first contribution in PyCQA/bandit#1351

@worksbyfriday made their first contribution in PyCQA/bandit#1361

@rcgray made their first contribution in PyCQA/bandit#1355

Full Changelog: PyCQA/bandit@1.9.3...1.9.4

Commits

92ae8b8 Fix B106 reporting wrong line number on multiline function calls (#1360)
c8c8a55 Lower version guard in check_ast_node to Python 3.12 (#1355)
8f2f928 Fix B615 false positive when revision is set via variable (#1358)
e27493f Include filename in nosec 'no failed test' warning (#1363)
b69b336 Fix B613 crash when reading from stdin (#1361)
e418b79 Bump docker/build-push-action from 6.18.0 to 6.19.2 (#1357)
ff646fd Bump docker/login-action from 3.6.0 to 3.7.0 (#1353)
c0def6c chore: fixed some typos in comments (#1351)
See full diff in compare view

Updates codespell from 2.4.1 to 2.4.2

Release notes

Sourced from codespell's releases.

v2.4.2

Highlights

Fixed compatibility with chardet 7+

What's Changed

Fix and clarify cases in ignore patterns by @DanielYang59 in codespell-project/codespell#3583

codespell-private.yml: Do not codespell digital signature files by @cclauss in codespell-project/codespell#3623

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci[bot] in codespell-project/codespell#3634

numbes->numbers and numbesr->numbers by @skshetry in codespell-project/codespell#3635

Add spelling corrections for disclose and variables. by @cfi-gb in codespell-project/codespell#3622

Add spelling correction for Vulnererability and variants. by @cfi-gb in codespell-project/codespell#3625

Remove lets->let's by @Piedone in codespell-project/codespell#3633

Add corrections for "dictate" by @jdufresne in codespell-project/codespell#3636

Add specicification (and pl) typo by @yarikoptic in codespell-project/codespell#3639

Remove "blueish" correction by @hadess in codespell-project/codespell#3510

Add "lighting" as an option to fix "lighning" by @yarikoptic in codespell-project/codespell#3648

Revert adding lien to the rare dictionary by @nikolaik in codespell-project/codespell#3631

"ane" could have been "one" by @yarikoptic in codespell-project/codespell#3645

Add spelling correction for "priort" by @cfi-gb in codespell-project/codespell#3647

Remove "fix" of "deques" - it is quite legit by @yarikoptic in codespell-project/codespell#3649

Several new suggestions by @mdeweerd in codespell-project/codespell#3621

Add proposal constraints to containts by @mdeweerd in codespell-project/codespell#3652

Additions dleay,infp,practive,utiliy by @mdeweerd in codespell-project/codespell#3643

Add calncelled and its variations by @mdeweerd in codespell-project/codespell#3650

Use raw strings for regex by @DimitriPapadopoulos in codespell-project/codespell#3654

Allow multiple spaces before codespell:ignore by @DimitriPapadopoulos in codespell-project/codespell#3653

Added correction from timeour to timeout by @jamesbraza in codespell-project/codespell#3656

Add typos found in various software projects by @luzpaz in codespell-project/codespell#3640

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci[bot] in codespell-project/codespell#3659

Add codespell suggestions for enabke and friends by @mdeweerd in codespell-project/codespell#3657

END: add "queues" (plural from queue) as possible fix for ques by @yarikoptic in codespell-project/codespell#3591

agreegate, lesda, realod, colouer by @mdeweerd in codespell-project/codespell#3665

Update pre-commit version in documentation by @prchoward in codespell-project/codespell#3666

MAINT: Rename CI file and run name by @larsoner in codespell-project/codespell#3667

preoccuption->preoccupation; occuption->occupation by @TheGiraffe3 in codespell-project/codespell#3668

Suggestions for: checkto, diminsion, waitfor by @mdeweerd in codespell-project/codespell#3670

Typos found in sigstore-python by @DimitriPapadopoulos in codespell-project/codespell#3664

usgin->using by @ydah in codespell-project/codespell#3672

Add typos found in various software projects by @luzpaz in codespell-project/codespell#3669

Add coered -> coerced by @effigies in codespell-project/codespell#3680

backwward(s)->backward(s), onwward(s)->onward(s) by @cjwatson in codespell-project/codespell#3682

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci[bot] in codespell-project/codespell#3685

telemetery->telemetry by @august-soderberg in codespell-project/codespell#3686

Add hexedacimal and similar typos by @Akuli in codespell-project/codespell#3692

Add rounted->routed, rounded and friends by @peternewman in codespell-project/codespell#3693

Add symmectric and similar typos by @Akuli in codespell-project/codespell#3694

Fix CI on Windows: pip upgrade pip by @DimitriPapadopoulos in codespell-project/codespell#3698

... (truncated)

Commits

2ccb47f Compat with chardet 7 (#3886)
4ec53bf [pre-commit.ci] pre-commit autoupdate
2a4acba Bump actions/download-artifact from 7 to 8
be17cac Bump actions/upload-artifact from 6 to 7
04a0712 Bump ruff (#3879)
583d879 avoide->avoid, avoided, avoids,
1f59f34 Add correction for 'foudation' to 'foundation'
e047fda Add spelling correction for gather and variants.
b5cd66d respondant->respondent
92125a3 Add detection of ivoice and variants.
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the pip-dependencies group with 2 updates in the /third_party directory: [bandit](https://github.com/PyCQA/bandit) and [codespell](https://github.com/codespell-project/codespell). Updates `bandit` from 1.9.3 to 1.9.4 - [Release notes](https://github.com/PyCQA/bandit/releases) - [Commits](PyCQA/bandit@1.9.3...1.9.4) Updates `codespell` from 2.4.1 to 2.4.2 - [Release notes](https://github.com/codespell-project/codespell/releases) - [Commits](codespell-project/codespell@v2.4.1...v2.4.2) --- updated-dependencies: - dependency-name: bandit dependency-version: 1.9.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: pip-dependencies - dependency-name: codespell dependency-version: 2.4.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: pip-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Mar 9, 2026

dependabot bot requested a review from a team as a code owner March 9, 2026 14:43

bratpiorka approved these changes Mar 9, 2026

View reviewed changes

lukaszstolarczuk approved these changes Mar 9, 2026

View reviewed changes

lukaszstolarczuk merged commit 99c19bd into main Mar 9, 2026
76 checks passed

dependabot bot deleted the dependabot/pip/third_party/pip-dependencies-68662ba90d branch March 9, 2026 18:37

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the pip-dependencies group across 1 directory with 2 updates#1562

Bump the pip-dependencies group across 1 directory with 2 updates#1562
lukaszstolarczuk merged 1 commit intomainfrom
dependabot/pip/third_party/pip-dependencies-68662ba90d

dependabot bot commented on behalf of github Mar 9, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

dependabot bot commented on behalf of github Mar 9, 2026

1.9.4

What's Changed

New Contributors

v2.4.2

Highlights

What's Changed

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants