Sourced from pillow's releases.

12.1.1

https://pillow.readthedocs.io/en/stable/releasenotes/12.1.1.html

Dependencies

• Patch libavif for svt-av1 4.0 compatibility #9413 [@​hugovk]

Other changes

• Fix OOB Write with invalid tile extents #9427 [@​radarhere]

• 5158d98 12.1.1 version bump
• 9000313 Fix OOB Write with invalid tile extents (#9427)
• cd01118 Patch libavif for svt-av1 4.0 compatibility
• See full diff in compare view

Sourced from redis's releases.

7.1.1

Changes

🧪 Experimental Features

• Added initial health check policies, refactored add_database method (#3906)

🧰 Maintenance

• Disabled SCH in MultiDBClient underlying clients by default (#3938)
• Added logging for MultiDBClients (#3865 #3896)

We'd like to thank all the contributors who worked on this release! @​vladvildanov

• 7351a1e Updating lib version to 7.1.1
• b81c856 Disabled SCH in MultiDBClient underlying clients (#3938)
• 0438784 Added initial health check policies, refactored add_database method (#3906)
• 76befb4 Added logging for MultiDBClients (#3896)
• faee0fb Remove high-severity exception logging (#3865)
• See full diff in compare view

• 4a96a19 [5.2.x] Bumped version for 5.2.11 release.
• ab0ad8d [5.2.x] Refs CVE-2026-1312 -- Raised ValueError when FilteredRelation aliases...
• e863ee2 [5.2.x] Fixed CVE-2026-1312 -- Protected order_by() from SQL injection via al...
• 3e68ccd [5.2.x] Fixed CVE-2026-1287 -- Protected against SQL injection in column alia...
• 9f2ada8 [5.2.x] Fixed CVE-2026-1285 -- Mitigated potential DoS in django.utils.text.T...
• 17a1d64 [5.2.x] Fixed CVE-2026-1207 -- Prevented SQL injections in RasterField lookup...
• 1ba9006 [5.2.x] Fixed CVE-2025-14550 -- Optimized repeated header parsing in ASGI req...
• 184e38a [5.2.x] Fixed CVE-2025-13473 -- Standardized timing of check_password() in mo...
• d8c551d [5.2.x] Added stub release notes and release date for 5.2.11 and 4.2.28.
• 3ea659d [5.2.x] Clarified regression nature of data loss bug in docs/releases/5.2.10....
• Additional commits viewable in compare view

Sourced from django-environ's releases.

v0.12.1

Changelog

Fixed

• Fixed PostgreSQL cluster URL parsing with bracketed IPv6 hosts in recent Python versions, preventing failures in runtime URL parsing and related regression tests [#574](https://github.com/joke2k/django-environ/issues/574) <https://github.com/joke2k/django-environ/issues/574>_.
• Fixed debug logging in Env.get_value() to avoid evaluating lazy default objects when DEBUG logging is enabled [#571](https://github.com/joke2k/django-environ/issues/571) <https://github.com/joke2k/django-environ/issues/571>_.

Sourced from django-environ's changelog.

v0.12.1_ - 13-February-2026

Fixed +++++

• Fixed PostgreSQL cluster URL parsing with bracketed IPv6 hosts in recent Python versions, preventing failures in runtime URL parsing and related regression tests [#574](https://github.com/joke2k/django-environ/issues/574) <https://github.com/joke2k/django-environ/issues/574>_.
• Fixed debug logging in Env.get_value() to avoid evaluating lazy default objects when DEBUG logging is enabled [#571](https://github.com/joke2k/django-environ/issues/571) <https://github.com/joke2k/django-environ/issues/571>_.

• efab9d6 Merge pull request #576 from joke2k/develop
• feed770 docs(readme): replace archived Two Scoops link with official Feldroy page
• 2ebe6a2 docs(security): update vulnerability contact to project maintainer
• f4b9c36 chore(release): bump version to 0.12.1 and update maintainer metadata
• 079a2f1 Fix PostgreSQL cluster IPv6 parsing and lazy-default debug logging (#575)
• de337e0 Merge pull request #568 from gsmoon97/docs/fix-typo
• 14b45a8 docs: Fix typo in tips.rst
• 99872f5 add sphinx configuration for readthedocs
• See full diff in compare view

• See full diff in compare view

Sourced from dj-rest-auth's releases.

7.1.0 - Django 6 Support & Translation Updates

What's Changed

• Add support for Django 6 by @​mschoettle in iMerica/dj-rest-auth#719
• Bump djangorestframework-simplejwt from 5.3.1 to 5.5.1 by @​dependabot[bot] in iMerica/dj-rest-auth#726
• Update Korean (ko) translations by @​Capella87 in iMerica/dj-rest-auth#724
• Refactor to use SIGNUP_FIELDS for username and email requirement checks, fix deprecated settings warnings by @​Covenantmondei in iMerica/dj-rest-auth#697
• feature: Adds Hungarian translations by @​iMerica in iMerica/dj-rest-auth#727

New Contributors

• @​Capella87 made their first contribution in iMerica/dj-rest-auth#724
• @​Covenantmondei made their first contribution in iMerica/dj-rest-auth#697

Full Changelog: iMerica/dj-rest-auth@7.0.2...7.1.0

• 7d9096b Bump version
• b9ae3bf feature: Adds Hungarian translations. (#727)
• 69ef459 Refactor to use SIGNUP_FIELDS for username and email requirement checks, fix ...
• 0384733 Update Korean (ko) translations (#724)
• 4f3da56 Bump djangorestframework-simplejwt from 5.3.1 to 5.5.1 (#726)
• df18730 Add support for Django 6 (#719)
• af73a5f Bumps version + Adds AI Docs for agents
• See full diff in compare view

Sourced from gunicorn's releases.

Gunicorn 25.1.0

New Features

• Control Interface (gunicornc): Add interactive control interface for managing running Gunicorn instances, similar to birdc for BIRD routing daemon ([PR #3505](benoitc/gunicorn#3505))

  • Unix socket-based communication with JSON protocol
  • Interactive mode with readline support and command history
  • Commands: show all/workers/dirty/config/stats/listeners
  • Worker management: worker add/remove/kill, dirty add/remove
  • Server control: reload, reopen, shutdown
  • New settings: --control-socket, --control-socket-mode, --no-control-socket
  • New CLI tool: gunicornc for connecting to control socket
  • See Control Interface Guide for details

• Dirty Stash: Add global shared state between workers via dirty.stash ([PR #3503](benoitc/gunicorn#3503))

  • In-memory key-value store accessible by all workers
  • Supports get, set, delete, clear, keys, and has operations
  • Useful for sharing state like feature flags, rate limits, or cached data

• Dirty Binary Protocol: Implement efficient binary protocol for dirty arbiter IPC using TLV (Type-Length-Value) encoding ([PR #3500](benoitc/gunicorn#3500))

  • More efficient than JSON for binary data
  • Supports all Python types: str, bytes, int, float, bool, None, list, dict
  • Better performance for large payloads

• Dirty TTIN/TTOU Signals: Add dynamic worker scaling for dirty arbiters ([PR #3504](benoitc/gunicorn#3504))

  • Send SIGTTIN to increase dirty workers
  • Send SIGTTOU to decrease dirty workers
  • Respects minimum worker constraints from app configurations

Changes

• ASGI Worker: Promoted from beta to stable
• Dirty Arbiters: Now marked as beta feature

Documentation

• Fix Markdown formatting in /configure documentation

25.0.3

What's Changed

Bug Fixes

• Fix RuntimeError when StopIteration raised in ASGI coroutine (#3484)
• Fix passing maxsplit in re.split() as positional argument (deprecated in Python 3.13)

... (truncated)

• 2d43101 docs: merge gunicornc into 25.1.0 release
• bf4ad8d docs: update 25.1.0 release date to 2026-02-13
• 730350e Merge pull request #3505 from benoitc/feature/gunicornc-control-interface
• 63df19b fix(tests): use process groups for reliable signal handling in PyPy
• cd77bcc fix(tests): increase wait time for all server tests
• 02ea985 fix(tests): improve server test reliability on FreeBSD
• 6d81c9e fix: resolve pylint warnings
• 7486baa fix: remove unused imports
• 3e60d29 docs: add gunicornc control interface guide
• e05e40d feat(ctl): add message-based dirty worker management
• Additional commits viewable in compare view

• See full diff in compare view

Sourced from ruff's releases.

0.15.1

Release Notes

Released on 2026-02-12.

Preview features

• [airflow] Add ruff rules to catch deprecated Airflow imports for Airflow 3.1 (AIR321) (#22376)
• [airflow] Third positional parameter not named ti_key should be flagged for BaseOperatorLink.get_link (AIR303) (#22828)
• [flake8-gettext] Fix false negatives for plural argument of ngettext (INT001, INT002, INT003) (#21078)
• [pyflakes] Fix infinite loop in preview fix for unused-import (F401) (#23038)
• [pygrep-hooks] Detect non-existent mock methods in standalone expressions (PGH005) (#22830)
• [pylint] Allow dunder submodules and improve diagnostic range (PLC2701) (#22804)
• [pyupgrade] Improve diagnostic range for tuples (UP024) (#23013)
• [refurb] Check subscripts in tuple do not use lambda parameters in reimplemented-operator (FURB118) (#23079)
• [ruff] Detect mutable defaults in field calls (RUF008) (#23046)
• [ruff] Ignore std cmath.inf (RUF069) (#23120)
• [ruff] New rule float-equality-comparison (RUF069) (#20585)
• Don't format unlabeled Markdown code blocks (#23106)
• Markdown formatting support in LSP (#23063)
• Support Quarto Markdown language markers (#22947)
• Support formatting pycon Markdown code blocks (#23112)
• Use extension mapping to select Markdown code block language (#22934)

Bug fixes

• Avoid false positive for undefined variables in FAST001 (#23224)
• Avoid introducing syntax errors for FAST003 autofix (#23227)
• Avoid suggesting InitVar for __post_init__ that references PEP 695 type parameters (#23226)
• Deduplicate type variables in generic functions (#23225)
• Fix exception handler parenthesis removal for Python 3.14+ (#23126)
• Fix f-string middle panic when parsing t-strings (#23232)
• Wrap RUF020 target for multiline fixes (#23210)
• Wrap UP007 target for multiline fixes (#23208)
• Fix missing diagnostics for last range suppression in file (#23242)
• [pyupgrade] Fix syntax error on string with newline escape and comment (UP037) (#22968)

Rule changes

• Use ruff instead of Ruff as the program name in GitHub output format (#23240)
• [PT006] Fix syntax error when unpacking nested tuples in parametrize fixes (#22441) (#22464)
• [airflow] Catch deprecated attribute access from context key for Airflow 3.0 (AIR301) (#22850)
• [airflow] Capture deprecated arguments and a decorator (AIR301) (#23170)
• [flake8-boolean-trap] Add multiprocessing.Value to excluded functions for FBT003 (#23010)
• [flake8-bugbear] Add a secondary annotation showing the previous occurrence (B033) (#22634)
• [flake8-type-checking] Add sub-diagnostic showing the runtime use of an annotation (TC004) (#23091)
• [isort] Support configurable import section heading comments (#23151)
• [ruff] Improve the diagnostic for RUF012 (#23202)

Formatter

... (truncated)

Sourced from ruff's changelog.

0.15.1

Released on 2026-02-12.

Preview features

• [airflow] Add ruff rules to catch deprecated Airflow imports for Airflow 3.1 (AIR321) (#22376)
• [airflow] Third positional parameter not named ti_key should be flagged for BaseOperatorLink.get_link (AIR303) (#22828)
• [flake8-gettext] Fix false negatives for plural argument of ngettext (INT001, INT002, INT003) (#21078)
• [pyflakes] Fix infinite loop in preview fix for unused-import (F401) (#23038)
• [pygrep-hooks] Detect non-existent mock methods in standalone expressions (PGH005) (#22830)
• [pylint] Allow dunder submodules and improve diagnostic range (PLC2701) (#22804)
• [pyupgrade] Improve diagnostic range for tuples (UP024) (#23013)
• [refurb] Check subscripts in tuple do not use lambda parameters in reimplemented-operator (FURB118) (#23079)
• [ruff] Detect mutable defaults in field calls (RUF008) (#23046)
• [ruff] Ignore std cmath.inf (RUF069) (#23120)
• [ruff] New rule float-equality-comparison (RUF069) (#20585)
• Don't format unlabeled Markdown code blocks (#23106)
• Markdown formatting support in LSP (#23063)
• Support Quarto Markdown language markers (#22947)
• Support formatting pycon Markdown code blocks (#23112)
• Use extension mapping to select Markdown code block language (#22934)

Bug fixes

• Avoid false positive for undefined variables in FAST001 (#23224)
• Avoid introducing syntax errors for FAST003 autofix (#23227)
• Avoid suggesting InitVar for __post_init__ that references PEP 695 type parameters (#23226)
• Deduplicate type variables in generic functions (#23225)
• Fix exception handler parenthesis removal for Python 3.14+ (#23126)
• Fix f-string middle panic when parsing t-strings (#23232)
• Wrap RUF020 target for multiline fixes (#23210)
• Wrap UP007 target for multiline fixes (#23208)
• Fix missing diagnostics for last range suppression in file (#23242)
• [pyupgrade] Fix syntax error on string with newline escape and comment (UP037) (#22968)

Rule changes

• Use ruff instead of Ruff as the program name in GitHub output format (#23240)
• [PT006] Fix syntax error when unpacking nested tuples in parametrize fixes (#22441) (#22464)
• [airflow] Catch deprecated attribute access from context key for Airflow 3.0 (AIR301) (#22850)
• [airflow] Capture deprecated arguments and a decorator (AIR301) (#23170)
• [flake8-boolean-trap] Add multiprocessing.Value to excluded functions for FBT003 (#23010)
• [flake8-bugbear] Add a secondary annotation showing the previous occurrence (B033) (#22634)
• [flake8-type-checking] Add sub-diagnostic showing the runtime use of an annotation (TC004) (#23091)
• [isort] Support configurable import section heading comments (#23151)
• [ruff] Improve the diagnostic for RUF012 (#23202)

Formatter

... (truncated)

• a2f11d2 Prepare for 0.15.1 (#23253)
• d29628e Remove docker-run-action (#23254)
• 8a04266 [ty] Allow discovering dependencies in system Python environments (#22994)
• 55d06c8 Ensure pending suppression diagnostics are reported (#23242)
• d056a9f [isort] support for configurable import section heading comments (#23151)
• e22fa4f [ty] Fix method calls on subclasses of Any (#23248)
• fa56c15 [ty] Fix bound method access on None (#23246)
• 4fd07d0 Make range suppression test snapshot actually useful (#23251)
• 8c63bce [ty] Include conditional symbols (like datetime.UTC) in auto-import in more...
• 46be943 Exclude WASM artifacts from GitHub releases (#23221)
• Additional commits viewable in compare view

Sourced from pytest-django's changelog.

v4.12.0 (2026-02-14)

Compatibility ^^^^^^^^^^^^^

• Official Python 3.14 support.
• Dropped support for Python 3.9, minimum version is now Python 3.10.
• Official Django 6.0 support.

Improvements ^^^^^^^^^^^^

• The :ref:multiple databases <multi-db> support added in v4.3.0 is no longer considered experimental.
• Added :func:@pytest.mark.django_isolate_apps <pytest.mark.django_isolate_apps> for isolating Django's app registry in pytest tests, and a :fixture:django_isolated_apps fixture to access the isolated Apps registry instance if needed.

• a2a9495 Release 4.12.0
• 020bc23 tests: make sure access to default can also be blocked
• bcefbe8 Add support for isolating apps in tests
• 39c8dcc plugin: add a note why we reorder tests
• 1830acd pyproject.toml: require pytest 9 for self tests, switch to native toml config...
• f19da08 Fix the order of the test cases that use the live_server fixture
• 92858ee docs: add pytest 9.0+ native TOML configuration format
• 3f550d9 build(deps): bump hynek/build-and-inspect-python-package
• 1f50dd2 Drop obsolete traces of Django 5.0 in CI
• 247ec1c Fix PytestCollectionWarning for TestRunner class (#1259)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions