chore(deps): update mypy requirement from ~=1.19.0 to >=1.19,<1.21 by dependabot[bot] · Pull Request #39 · traceloop/opentelemetry-mcp-server

dependabot · 2026-04-06T06:27:59Z

Updates the requirements on mypy to permit the latest version.

Changelog

Mypy Release Notes

Next Release

Mypy 1.20

We’ve just uploaded mypy 1.20.0 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features, performance improvements and bug fixes. You can install it as follows:
python3 -m pip install -U mypy
You can read the full documentation for this release on Read the Docs.

Planned Changes to Defaults and Flags in Mypy 2.0

As a reminder, we are planning to enable --local-partial-types by default in mypy 2.0, which will likely be the next feature release. This will often require at least minor code changes. This option is implicitly enabled by mypy daemon, so this makes the behavior of daemon and non-daemon modes consistent.

Note that this release improves the compatibility of --local-partial-types significantly to make the switch easier (see below for more).

This can also be configured in a mypy configuration file (use False to disable):
local_partial_types = True
For more information, refer to the documentation.

We will also enable --strict-bytes by default in mypy 2.0. This usually requires at most minor code changes to adopt. For more information, refer to the documentation.

Finally, --allow-redefinition-new will be renamed to --allow-redefinition. If you want to continue using the older --allow-redefinition semantics which are less flexible (e.g. limited support for conditional redefinitions), you can switch to --allow-redefinition-old, which is currently supported as an alias to the legacy --allow-redefinition behavior. To use --allow-redefinition in the upcoming mypy 2.0, you can't use --no-local-partial-types. For more information, refer to the documentation.

Better Type Narrowing

Mypy's implementation of narrowing has been substantially reworked. Mypy will now narrow more aggressively, more consistently, and more correctly. In particular, you are likely to notice new narrowing behavior in equality expressions (==), containment expressions (in),

... (truncated)

Commits

770d3ca Remove +dev from version
4738ffa Changelog updates for 1.20 (#21109)
b4f07a7 Use 'native-parser' instead of 'native-parse' for optional dependency (#21115)
7bec7b7 [mypyc] Document librt and librt.base64 (#21114)
c482596 --allow-redefinition-new is no longer experimental (#21110)
c916ca3 sdist: include misc/{diff-cache,apply-cache-diff}.py for `mypy/test/test_di...
b137e4e [mypyc] Speed up native-to-native imports within the same group (#21101)
978b711 [mypyc] Fix range loop variable off-by-one after loop exit (#21098)
67ada30 [stubtest] Check runtime availability of private types not marked `@type_chec...
bdef6ef librt cache tests: build respecting MYPY_TEST_PREFIX (#21097)
Additional commits viewable in compare view

dependabot · 2026-04-06T06:27:59Z

Labels

The following labels could not be found: dependencies, python. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

CLAassistant · 2026-04-06T06:28:08Z

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

github-actions · 2026-04-06T06:29:30Z

Container Security Scan (opentelemetry-mcp-server-amd64)

Click to expand results


For OSS Maintainers: VEX Notice
--------------------------------
If you're an OSS maintainer and Trivy has detected vulnerabilities in your project that you believe are not actually exploitable, consider issuing a VEX (Vulnerability Exploitability eXchange) statement.
VEX allows you to communicate the actual status of vulnerabilities in your project, improving security transparency and reducing false positives for your users.
Learn more and start using VEX: https://trivy.dev/docs/v0.69/guide/supply-chain/vex/repo#publishing-vex-documents

To disable this notice, set the TRIVY_DISABLE_VEX_NOTICE environment variable.


opentelemetry-mcp-server:1aa000d080fae5be9199fec7c8ad85609479fe65-amd64 (debian 13.4)
=====================================================================================
Total: 6 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 6, CRITICAL: 0)

┌──────────────┬────────────────┬──────────┬──────────┬───────────────────┬───────────────┬─────────────────────────────────────────────────────────────┐
│   Library    │ Vulnerability  │ Severity │  Status  │ Installed Version │ Fixed Version │                            Title                            │
├──────────────┼────────────────┼──────────┼──────────┼───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤
│ libncursesw6 │ CVE-2025-69720 │ HIGH     │ affected │ 6.5+20250216-2    │               │ ncurses: ncurses: Buffer overflow vulnerability may lead to │
│              │                │          │          │                   │               │ arbitrary code execution.                                   │
│              │                │          │          │                   │               │ https://avd.aquasec.com/nvd/cve-2025-69720                  │
├──────────────┼────────────────┤          │          ├───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤
│ libsystemd0  │ CVE-2026-29111 │          │          │ 257.9-1~deb13u1   │               │ systemd: systemd: Arbitrary code execution or Denial of     │
│              │                │          │          │                   │               │ Service via spurious IPC...                                 │
│              │                │          │          │                   │               │ https://avd.aquasec.com/nvd/cve-2026-29111                  │
├──────────────┼────────────────┤          │          ├───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤
│ libtinfo6    │ CVE-2025-69720 │          │          │ 6.5+20250216-2    │               │ ncurses: ncurses: Buffer overflow vulnerability may lead to │
│              │                │          │          │                   │               │ arbitrary code execution.                                   │
│              │                │          │          │                   │               │ https://avd.aquasec.com/nvd/cve-2025-69720                  │
├──────────────┼────────────────┤          │          ├───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤
│ libudev1     │ CVE-2026-29111 │          │          │ 257.9-1~deb13u1   │               │ systemd: systemd: Arbitrary code execution or Denial of     │
│              │                │          │          │                   │               │ Service via spurious IPC...                                 │
│              │                │          │          │                   │               │ https://avd.aquasec.com/nvd/cve-2026-29111                  │
├──────────────┼────────────────┤          │          ├───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤
│ ncurses-base │ CVE-2025-69720 │          │          │ 6.5+20250216-2    │               │ ncurses: ncurses: Buffer overflow vulnerability may lead to │
│              │                │          │          │                   │               │ arbitrary code execution.                                   │
│              │                │          │          │                   │               │ https://avd.aquasec.com/nvd/cve-2025-69720                  │
├──────────────┤                │          │          │                   ├───────────────┤                                                             │
│ ncurses-bin  │                │          │          │                   │               │                                                             │
│              │                │          │          │                   │               │                                                             │
│              │                │          │          │                   │               │                                                             │
└──────────────┴────────────────┴──────────┴──────────┴───────────────────┴───────────────┴─────────────────────────────────────────────────────────────┘

github-actions · 2026-04-06T06:30:30Z

Container Security Scan (opentelemetry-mcp-server-arm64)

Click to expand results


For OSS Maintainers: VEX Notice
--------------------------------
If you're an OSS maintainer and Trivy has detected vulnerabilities in your project that you believe are not actually exploitable, consider issuing a VEX (Vulnerability Exploitability eXchange) statement.
VEX allows you to communicate the actual status of vulnerabilities in your project, improving security transparency and reducing false positives for your users.
Learn more and start using VEX: https://trivy.dev/docs/v0.69/guide/supply-chain/vex/repo#publishing-vex-documents

To disable this notice, set the TRIVY_DISABLE_VEX_NOTICE environment variable.


opentelemetry-mcp-server:1aa000d080fae5be9199fec7c8ad85609479fe65-arm64 (debian 13.4)
=====================================================================================
Total: 6 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 6, CRITICAL: 0)

┌──────────────┬────────────────┬──────────┬──────────┬───────────────────┬───────────────┬─────────────────────────────────────────────────────────────┐
│   Library    │ Vulnerability  │ Severity │  Status  │ Installed Version │ Fixed Version │                            Title                            │
├──────────────┼────────────────┼──────────┼──────────┼───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤
│ libncursesw6 │ CVE-2025-69720 │ HIGH     │ affected │ 6.5+20250216-2    │               │ ncurses: ncurses: Buffer overflow vulnerability may lead to │
│              │                │          │          │                   │               │ arbitrary code execution.                                   │
│              │                │          │          │                   │               │ https://avd.aquasec.com/nvd/cve-2025-69720                  │
├──────────────┼────────────────┤          │          ├───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤
│ libsystemd0  │ CVE-2026-29111 │          │          │ 257.9-1~deb13u1   │               │ systemd: systemd: Arbitrary code execution or Denial of     │
│              │                │          │          │                   │               │ Service via spurious IPC...                                 │
│              │                │          │          │                   │               │ https://avd.aquasec.com/nvd/cve-2026-29111                  │
├──────────────┼────────────────┤          │          ├───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤
│ libtinfo6    │ CVE-2025-69720 │          │          │ 6.5+20250216-2    │               │ ncurses: ncurses: Buffer overflow vulnerability may lead to │
│              │                │          │          │                   │               │ arbitrary code execution.                                   │
│              │                │          │          │                   │               │ https://avd.aquasec.com/nvd/cve-2025-69720                  │
├──────────────┼────────────────┤          │          ├───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤
│ libudev1     │ CVE-2026-29111 │          │          │ 257.9-1~deb13u1   │               │ systemd: systemd: Arbitrary code execution or Denial of     │
│              │                │          │          │                   │               │ Service via spurious IPC...                                 │
│              │                │          │          │                   │               │ https://avd.aquasec.com/nvd/cve-2026-29111                  │
├──────────────┼────────────────┤          │          ├───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤
│ ncurses-base │ CVE-2025-69720 │          │          │ 6.5+20250216-2    │               │ ncurses: ncurses: Buffer overflow vulnerability may lead to │
│              │                │          │          │                   │               │ arbitrary code execution.                                   │
│              │                │          │          │                   │               │ https://avd.aquasec.com/nvd/cve-2025-69720                  │
├──────────────┤                │          │          │                   ├───────────────┤                                                             │
│ ncurses-bin  │                │          │          │                   │               │                                                             │
│              │                │          │          │                   │               │                                                             │
│              │                │          │          │                   │               │                                                             │
└──────────────┴────────────────┴──────────┴──────────┴───────────────────┴───────────────┴─────────────────────────────────────────────────────────────┘

Updates the requirements on [mypy](https://github.com/python/mypy) to permit the latest version. - [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md) - [Commits](python/mypy@v1.19.0...v1.20.0) --- updated-dependencies: - dependency-name: mypy dependency-version: 1.20.0 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot force-pushed the dependabot/pip/mypy-gte-1.19-and-lt-1.21 branch from 72d6ec7 to bc98124 Compare April 6, 2026 17:45

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): update mypy requirement from ~=1.19.0 to >=1.19,<1.21#39

chore(deps): update mypy requirement from ~=1.19.0 to >=1.19,<1.21#39
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/mypy-gte-1.19-and-lt-1.21

dependabot bot commented on behalf of github Apr 6, 2026 •

edited

Loading

Uh oh!

dependabot bot commented on behalf of github Apr 6, 2026

Uh oh!

CLAassistant commented Apr 6, 2026

Uh oh!

github-actions bot commented Apr 6, 2026 •

edited

Loading

Uh oh!

github-actions bot commented Apr 6, 2026 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot bot commented on behalf of github Apr 6, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Mypy Release Notes

Next Release

Mypy 1.20

Planned Changes to Defaults and Flags in Mypy 2.0

Better Type Narrowing

Uh oh!

dependabot bot commented on behalf of github Apr 6, 2026

Labels

Uh oh!

CLAassistant commented Apr 6, 2026

Uh oh!

github-actions bot commented Apr 6, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Container Security Scan (opentelemetry-mcp-server-amd64)

Uh oh!

github-actions bot commented Apr 6, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Container Security Scan (opentelemetry-mcp-server-arm64)

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

dependabot bot commented on behalf of github Apr 6, 2026 •

edited

Loading

github-actions bot commented Apr 6, 2026 •

edited

Loading

github-actions bot commented Apr 6, 2026 •

edited

Loading