chore(deps): bump the runtime-dependencies group across 1 directory with 11 updates

[dependabot]

Updates the requirements on fastapi, gunicorn, langchain, langchain-community, langchain-openai, langfuse, langgraph, llama-index, openai, poethepoet and pymupdf to permit the latest version.
Updates fastapi to 0.136.1

Release notes

Sourced from fastapi's releases.

0.136.1

Upgrades

• ⬆️ Update Pydantic v2 code to address deprecations. PR #15101 by @​svlandeg.

Internal

• 🔨 Tweak translation script. PR #15174 by @​YuriiMotov.
• ⬆ Bump mkdocs-material from 9.7.1 to 9.7.6. PR #15408 by @​dependabot[bot].
• ⬆ Bump inline-snapshot from 0.31.1 to 0.32.6. PR #15409 by @​dependabot[bot].
• ⬆ Bump pytest-codspeed from 4.3.0 to 4.4.0. PR #15407 by @​dependabot[bot].
• ⬆ Bump pytest-cov from 7.0.0 to 7.1.0. PR #15406 by @​dependabot[bot].
• ⬆ Bump cloudflare/wrangler-action from 3.14.1 to 3.15.0. PR #15405 by @​dependabot[bot].
• ⬆ Bump mypy from 1.19.1 to 1.20.1. PR #15410 by @​dependabot[bot].
• ⬆ Bump python-dotenv from 1.2.1 to 1.2.2. PR #15400 by @​dependabot[bot].
• ⬆ Bump starlette from 0.52.1 to 1.0.0. PR #15397 by @​dependabot[bot].
• ⬆ Bump pygithub from 2.8.1 to 2.9.1. PR #15396 by @​dependabot[bot].
• ⬆ Bump pyjwt from 2.12.0 to 2.12.1. PR #15393 by @​dependabot[bot].
• ⬆ Bump zizmor from 1.23.1 to 1.24.1. PR #15394 by @​dependabot[bot].
• ⬆ Bump strawberry-graphql from 0.312.3 to 0.314.3. PR #15395 by @​dependabot[bot].
• ⬆ Bump python-multipart from 0.0.22 to 0.0.26. PR #15360 by @​dependabot[bot].
• ⬆ Bump authlib from 1.6.9 to 1.6.11. PR #15373 by @​dependabot[bot].
• ⬆ Bump aiohttp from 3.13.3 to 3.13.4. PR #15282 by @​dependabot[bot].
• ⬆ Bump pygments from 2.19.2 to 2.20.0. PR #15263 by @​dependabot[bot].
• ⬆ Bump pymdown-extensions from 10.20.1 to 10.21.2. PR #15391 by @​YuriiMotov.
• ⬆ Bump pillow from 12.1.1 to 12.2.0. PR #15333 by @​dependabot[bot].
• ⬆ Bump pytest from 9.0.2 to 9.0.3. PR #15334 by @​dependabot[bot].
• ⬆ Bump actions/upload-artifact from 7.0.0 to 7.0.1. PR #15374 by @​dependabot[bot].
• ⬆ Bump actions/cache from 5.0.4 to 5.0.5. PR #15385 by @​dependabot[bot].
• 🔧 Update sponsors: remove Zuplo. PR #15369 by @​tiangolo.
• 🔧 Update sponsors: remove Speakeasy. PR #15368 by @​tiangolo.
• 🔒️ Add zizmor and fix audit findings. PR #15316 by @​YuriiMotov.

Commits

• e54e5a8 🔖 Release version 0.136.1
• 9a8a5fd 📝 Update release notes
• 7815a32 ⬆️ Update Pydantic v2 code to address deprecations (#15101)
• ef1c927 📝 Update release notes
• 38039e1 🔨 Tweak translation script (#15174)
• 4fa826c 📝 Update release notes
• c394156 ⬆ Bump mkdocs-material from 9.7.1 to 9.7.6 (#15408)
• ae230ad 📝 Update release notes
• d9eb39d ⬆ Bump inline-snapshot from 0.31.1 to 0.32.6 (#15409)
• 4f8b5d1 📝 Update release notes
• Additional commits viewable in compare view

Updates gunicorn to 25.3.0

Release notes

Sourced from gunicorn's releases.

Gunicorn 25.3.0

Bug Fixes

• HTTP/2 ASGI Body Duplication: Fix request body being received twice in HTTP/2 ASGI requests, causing JSON parsing errors with "Extra data" messages (#3558)

• ASGI Chunked EOF Handling: Add finish() method to callback parser to handle chunked encoding edge case where connection closes before final CRLF after zero-chunk

• HTTP/2 Documentation: Fix http_protocols examples to use comma-separated string instead of list syntax (#3561)

• Chunked Encoding: Reject chunk extensions containing bare CR bytes per RFC 9112 (#3556)

• Request Line Limit: Fix --limit-request-line 0 to mean unlimited as documented, instead of using default maximum. Works with both Python and fast C parser. (#3563)

Security

• ASGI Parser Header Validation: Add security checks per RFC 9110/9112:
  • Reject duplicate Content-Length headers
  • Reject requests with both Content-Length and Transfer-Encoding
  • Reject chunked transfer encoding in HTTP/1.0
  • Reject stacked chunked encoding
  • Validate Transfer-Encoding values
  • Strict chunk size validation

Changes

• Fast HTTP Parser: Update to gunicorn_h1c >= 0.6.3 for asgi_headers property and InvalidChunkExtension validation for bare CR rejection

• ASGI PROXY Protocol: Add PROXY protocol v1/v2 support to callback parser

• Docker Images: Update to Python 3.14

Commits

• 9bce72c Update changelog with missing 25.3.0 changes
• 2a15fdb Fix pylint isinstance-second-argument-not-valid-type warning
• 8d08aaa Fix --limit-request-line 0 to mean unlimited
• d40a374 Fix pytest-asyncio configuration and treq_asgi hex escapes
• da8bd48 Remove unused AsyncRequest class
• b00f125 Integrate gunicorn_h1c 0.6.3 with InvalidChunkExtension support
• bdb2ebd Reject chunk extensions with bare CR bytes (RFC 9112)
• 7057fc9 Fix http_protocols documentation to use string syntax
• d43acb8 Update to gunicorn_h1c >= 0.6.2 for asgi_headers support
• cbd27e8 Merge pull request #3559 from benleembruggen/fix/http2-asgi-body-duplication
• Additional commits viewable in compare view

Updates langchain to 1.2.17

Release notes

Sourced from langchain's releases.

langchain-core==1.2.17

Changes since langchain-core==1.2.16

release(core): 1.2.17 (#35527) fix(core): extract usage metadata from serialized tracer message outputs (#35526) chore: bump the langchain-deps group across 3 directories with 7 updates (#35513) chore: bump the langchain-deps group across 3 directories with 14 updates (#35441)

Commits

• b339f65 release(langchain): 1.2.17 (#37110)
• 04e7a55 fix(fireworks): translate canonical multimodal content blocks for chat comple...
• a1f336f fix(core): preserve structured inputs on tool runs in tracers (#37108)
• ba56ac6 feat(langchain): add respond decision to HITL middleware (#37095)
• b6b836a chore: bump notebook from 7.4.5 to 7.5.6 in /libs/langchain (#37104)
• 3d96874 chore: bump notebook from 7.4.7 to 7.5.6 in /libs/text-splitters (#37105)
• 5ac6224 chore: bump aiohttp from 3.13.4 to 3.13.5 in /libs/partners/fireworks (#37106)
• 90caeef chore: bump requests from 2.33.0 to 2.33.1 in /libs/partners/fireworks (#37107)
• 38553c3 release(perplexity): 1.2.0 (#37091)
• 28f5448 feat(perplexity): add PerplexityEmbeddings (#37082)
• Additional commits viewable in compare view

Updates langchain-community to 0.4.1

Release notes

Sourced from langchain-community's releases.

libs/community/v0.4.1

What's Changed

• style: refs work by @​mdrxy in langchain-ai/langchain-community#379
• feat(infra): MCP server for langchain docs by @​mdrxy in langchain-ai/langchain-community#380
• Deprecated azure blob storage loaders by @​anjaliratnam-msft in langchain-ai/langchain-community#382
• release(community): 0.4.1 by @​ccurme in langchain-ai/langchain-community#387

New Contributors

• @​anjaliratnam-msft made their first contribution in langchain-ai/langchain-community#382

Full Changelog: langchain-ai/langchain-community@libs/community/v0.4...libs/community/v0.4.1

Commits

• 39be54c release(community): 0.4.1 (#387)
• 98845a4 Deprecated azure blob storage loaders (#382)
• be67d03 style: refs work (#379)
• d259483 release: 0.4 (#358)
• e807a4c release(community): 0.3.31 (#359)
• 8475c2c Add GPT-5 to OpenAI cost callback (#284)
• 9086026 fixes ChatSnowflakeCortex parsing issues because of special characters in mes...
• 214d639 feat(mongodb): add lazy loading support for MongoDB document loader (#334)
• 5e56619 release: 0.3.30 (#344)
• bac6b5f chore: bump deps (#343)
• Additional commits viewable in compare view

Updates langchain-openai to 1.2.1

Release notes

Sourced from langchain-openai's releases.

langchain-openai==1.2.1

Changes since langchain-openai==1.2.0

hotfix: bump min core versions (#36996) release(openai): 1.2.1 (#36995) fix(openai): add gpt-5.5 pro to Responses API check (#36994) feat(core): add content-block-centric streaming (v2) (#36834) chore(model-profiles): refresh model profile data (#36982)

Commits

• 87ba30f ci(infra): label release jobs, resolve package name in run title (#36998)
• 56d6e89 hotfix: bump min core versions (#36996)
• a70e7ab release(openai): 1.2.1 (#36995)
• 5a37cd5 fix(openai): add gpt-5.5 pro to Responses API check (#36994)
• c4498cc chore(core): mark stream_v2/astream_v2 as beta (#36992)
• fa0f0d8 release(core): 1.3.2 (#36990)
• 9ce72eb feat(core): add content-block-centric streaming (v2) (#36834)
• 889a45b ci(infra): overlay local langchain-* installs for external partners (#36989)
• ffaac42 ci(infra): add pytest-xdist to partner test groups (#36988)
• cc2feb1 chore(model-profiles): refresh model profile data (#36982)
• Additional commits viewable in compare view

Updates langfuse to 4.5.1

Commits

• See full diff in compare view

Updates langgraph to 1.1.10

Release notes

Sourced from langgraph's releases.

langgraph==1.1.10

Changes since 1.1.9

• release(prebuilt): 1.0.12, langgraph 1.1.10 (#7623)
• Revert "chore: node-level timeouts" (#7627)
• release(checkpoint): 4.0.3 (#7625)
• chore(deps): bump nbconvert from 7.17.0 to 7.17.1 in /libs/langgraph (#7573)
• chore(deps): bump python-dotenv from 1.2.1 to 1.2.2 in /libs/langgraph (#7574)
• chore: node-level timeouts (#7599)
• release(prebuilt): 1.0.11 (#7610)
• feat(prebuilt): allow ToolNode tools to return list[Command | ToolMessage] (#7596)

Commits

• cb328b5 release(prebuilt): 1.0.12, langgraph 1.1.10 (#7623)
• d177a0d Revert "chore: node-level timeouts" (#7627)
• 372d54d release(checkpoint): 4.0.3 (#7625)
• f4aee54 fix(prebuilt): hydrate ToolNode state from channels via pregel helpers (#7594)
• 85cd64e fix(checkpoint): revive lc=2 JSON blobs for safe types without allowlist (#7582)
• 53a9806 chore(deps): bump nbconvert from 7.17.0 to 7.17.1 in /libs/langgraph (#7573)
• 219fbbe chore(deps): bump python-dotenv from 1.2.1 to 1.2.2 in /libs/langgraph (#7574)
• aeff954 chore: node-level timeouts (#7599)
• 1a248cb release(prebuilt): 1.0.11 (#7610)
• 45246f6 feat(prebuilt): allow ToolNode tools to return list[Command | ToolMessage] (#...
• Additional commits viewable in compare view

Updates llama-index to 0.14.21

Release notes

Sourced from llama-index's releases.

v0.14.21

Release Notes

[2026-04-21]

llama-index-callbacks-honeyhive [0.5.0]

• chore(deps): bump the pip group across 87 directories with 2 updates (#21382)
• chore(deps): bump the pip group across 68 directories with 2 updates (#21394)

llama-index-core [0.14.21]

• fix(core): prevent KeyError in DocumentSummaryIndex.delete_nodes when invalid node ID is provided (#21067)
• fix(core): handle ValueError and TypeError from structured output failures (#21090)
• fix: add explicit UTF-8 encoding to persistence layer fs.open() calls (#21111)
• Fix Breaking Change in Message Block Buffer Resolution (#21339)
• chore(deps): bump the pip group across 87 directories with 2 updates (#21382)
• chore(deps): bump the pip group across 68 directories with 2 updates (#21394)

llama-index-embeddings-huggingface-optimum [0.4.1]

• chore(deps): bump the pip group across 96 directories with 2 updates (#21381)

llama-index-embeddings-nvidia [0.5.1]

• feat(embeddings-nvidia): add http client support (#21046)

llama-index-embeddings-oracleai [0.4.0]

• chore(deps): bump the pip group across 96 directories with 2 updates (#21381)

llama-index-embeddings-premai [0.5.0]

• chore(deps): bump the pip group across 96 directories with 2 updates (#21381)
• chore(deps): bump the pip group across 87 directories with 2 updates (#21382)
• chore(deps): bump the pip group across 68 directories with 2 updates (#21394)

llama-index-embeddings-text-embeddings-inference [0.5.0]

• chore(deps): bump the pip group across 96 directories with 2 updates (#21381)

llama-index-embeddings-textembed [0.4.0]

• chore(deps): bump the pip group across 96 directories with 2 updates (#21381)

llama-index-embeddings-together [0.5.0]

• chore(deps): bump the pip group across 96 directories with 2 updates (#21381)

llama-index-embeddings-upstage [0.6.1]

... (truncated)

Changelog

Sourced from llama-index's changelog.

llama-index-core [0.14.21]

• fix(core): prevent KeyError in DocumentSummaryIndex.delete_nodes when invalid node ID is provided (#21067)
• fix(core): handle ValueError and TypeError from structured output failures (#21090)
• fix: add explicit UTF-8 encoding to persistence layer fs.open() calls (#21111)
• Fix Breaking Change in Message Block Buffer Resolution (#21339)
• chore(deps): bump the pip group across 87 directories with 2 updates (#21382)
• chore(deps): bump the pip group across 68 directories with 2 updates (#21394)

llama-index-embeddings-huggingface-optimum [0.4.1]

• chore(deps): bump the pip group across 96 directories with 2 updates (#21381)

llama-index-embeddings-nvidia [0.5.1]

• feat(embeddings-nvidia): add http client support (#21046)

llama-index-embeddings-oracleai [0.4.0]

• chore(deps): bump the pip group across 96 directories with 2 updates (#21381)

llama-index-embeddings-premai [0.5.0]

• chore(deps): bump the pip group across 96 directories with 2 updates (#21381)
• chore(deps): bump the pip group across 87 directories with 2 updates (#21382)
• chore(deps): bump the pip group across 68 directories with 2 updates (#21394)

llama-index-embeddings-text-embeddings-inference [0.5.0]

• chore(deps): bump the pip group across 96 directories with 2 updates (#21381)

llama-index-embeddings-textembed [0.4.0]

• chore(deps): bump the pip group across 96 directories with 2 updates (#21381)

llama-index-embeddings-together [0.5.0]

• chore(deps): bump the pip group across 96 directories with 2 updates (#21381)

llama-index-embeddings-upstage [0.6.1]

• chore(deps): bump the pip group across 96 directories with 2 updates (#21381)
• chore(deps): bump the pip group across 87 directories with 2 updates (#21382)
• chore(deps): bump the pip group across 68 directories with 2 updates (#21394)

llama-index-embeddings-vertex [0.5.0]

• chore(deps): bump the pip group across 96 directories with 2 updates (#21381)

llama-index-embeddings-vertex-endpoint [0.4.0]

... (truncated)

Commits

• 931f56e Release 0.14.21 (#21427)
• 17fba87 fix: add explicit UTF-8 encoding to persistence layer fs.open() calls (#21111)
• 33f7ba4 Adds Google Gemma models and Bump version to 0.14.6 (#21380)
• 38c1716 chore(deps): bump the pip group across 96 directories with 2 updates (#21381)
• 7921256 chore(deps): bump the pip group across 87 directories with 2 updates (#21382)
• ffc726f chore(deps): bump the pip group across 68 directories with 2 updates (#21394)
• 91fe33e Fix Breaking Change in Message Block Buffer Resolution (#21339)
• 10955bf fix: parse MistralAI structured ThinkChunk/TextChunk without regex (#20916)
• 9eb4c2d fix: filter unknown kwargs before VectorStoreQuery construction (#14557) (#21...
• a61f2cf fix(core): handle ValueError and TypeError from structured output failure...
• Additional commits viewable in compare view

Updates openai to 2.33.0

Release notes

Sourced from openai's releases.

v2.33.0

2.33.0 (2026-04-28)

Full Changelog: v2.32.0...v2.33.0

Features

• api: api update (18f834a)

Bug Fixes

• api: correct prompt_cache_retention enum value from in-memory to in_memory (#1822) (f9d2d13)

Chores

• ci: remove release-doctor workflow (00b2091)

Changelog

Sourced from openai's changelog.

2.33.0 (2026-04-28)

Full Changelog: v2.32.0...v2.33.0

Features

• api: api update (18f834a)

Bug Fixes

• api: correct prompt_cache_retention enum value from in-memory to in_memory (#1822) (f9d2d13)

Chores

• ci: remove release-doctor workflow (00b2091)

2.32.0 (2026-04-15)

Full Changelog: v2.31.0...v2.32.0

Features

• api: Add detail to InputFileContent (60de21d)
• api: add OAuthErrorCode type (0c8d2c3)
• client: add event handler implementation for websockets (0280d05)
• client: allow enqueuing to websockets even when not connected (67aa20e)
• client: support reconnection in websockets (eb72a95)

Bug Fixes

• ensure file data are only sent as 1 parameter (c0c2ecd)

Documentation

• improve examples (84712fa)

2.31.0 (2026-04-08)

Full Changelog: v2.30.0...v2.31.0

Features

• api: add phase field to conversations message (3e5834e)
• api: add web_search_call.results to ResponseIncludable type (ffd8741)
• client: add support for short-lived tokens (#1608) (22fe722)
• client: support sending raw data over websockets (f1bc52e)

... (truncated)

Commits

• 94c88b8 release: 2.33.0 (#3119)
• c5b099c release: 2.33.0
• cb63de7 codegen metadata
• 18f834a feat(api): api update
• 00b2091 chore(ci): remove release-doctor workflow
• f9d2d13 fix(api): correct prompt_cache_retention enum value from in-memory to in_memo...
• e507a4e release: 2.32.0 (#3074)
• 750354e release: 2.31.0
• 5be9536 feat(client): add support for short-lived tokens (#1608)
• f1fd4fa feat(client): support sending raw data over websockets
• Additional commits viewable in compare view

Updates poethepoet to 0.45.0

Release notes

Sourced from poethepoet's releases.

0.45.0

Enhancements

• Add support for forwarding free arguments via $POE_EXTRA_ARGS by @​timrid in nat-n/poethepoet#380

Fixes

• Handle cancelled tasks correctly by @​timrid in nat-n/poethepoet#378
• Preserve quotes in :+/:- operator arguments (#333) by @​nat-n in nat-n/poethepoet#377
• Handle ctrl+c attempt on windows if running bat/cmd scripts by @​NSPC911 in nat-n/poethepoet#382

New Contributors

• @​timrid made their first contribution in nat-n/poethepoet#378

Full Changelog: nat-n/poethepoet@v0.44.0...v0.45.0

Commits

• 244cf0b Bump version to 0.45.0
• 3a6c09a feat: support forwarding free arguments via $POE_EXTRA_ARGS (#380)
• a1edcda fix: preserve quotes in :+/:- operator arguments (#333) (#377)
• 3e60a85 fix: handle cancelled asyncio tasks correctly (#378)
• bbdd435 fix: handle ctrl+c attempt on windows if running bat/cmd scripts (#382)
• 67a623d Bump version to 0.44.0
• 472f390 feat!: support recursive includes #317 (#372)
• 3168956 chore: optimize tests to run 17pc faster (#371)
• 6a25fba chore: bump version to 0.43.0
• 83091a5 feat!: treat false boolean args as unset env vars and add private vars (#359)
• Additional commits viewable in compare view

Updates pymupdf to 1.27.2.3

Release notes

Sourced from pymupdf's releases.

PyMuPDF-1.27.2.3 released

Wheels for Windows, Linux and MacOS, and the sdist, are available on https://pypi.org and can be installed in the usual way, for example:

python -m pip install --upgrade pymupdf

Changes in version 1.27.2.3

• Fixed issues:

  • Fixed #4928
  • Fixed #4942
  • Fixed #4954
  • Fixed #4958

• Other:

  • Fixed incorrect generation of lineJoin j in PDF content, introduced in 1.27.2.2.
  • Allow build to (incorrectly) claim to be thread-safe, for #4760. See setup.py for details.
  • Use pypi.org's pipcl package instead of our own pipcl.py file.

Changelog

Sourced from pymupdf's changelog.

Change Log

Changes in version 1.27.2.3 (2026-04-24)

• Fixed issues:

  • Fixed 4928 <https://github.com/pymupdf/PyMuPDF/issues/4928>_: pymupdf.Document.scrub raises AttributeError for a document with annotations
  • Fixed 4942 <https://github.com/pymupdf/PyMuPDF/issues/4942>_: bug: IndexError for Page.get_links after Page.clip_to_rect
  • Fixed 4954 <https://github.com/pymupdf/PyMuPDF/issues/4954>_: get_drawings() returns incorrect lineJoin and width
  • Fixed 4958 <https://github.com/pymupdf/PyMuPDF/issues/4958>_: bug: inserting rotated pages to another document messes up link coordinates

• Other:

  • Fixed incorrect generation of lineJoin j in PDF content, introduced in 1.27.2.2.
  • Allow build to (incorrectly) claim to be thread-safe, for #4760. See setup.py for details.
  • Use pypi.org's pipcl package instead of our own pipcl.py file.

Changes in version 1.27.2.2 (2026-03-20)

• Fixed issues:

  • Fixed 4902 <https://github.com/pymupdf/PyMuPDF/issues/4902>_: Incorrect linewidth in elements returned by Page.get_texttrace()
  • Fixed 4932 <https://github.com/pymupdf/PyMuPDF/issues/4932>_: "Page" has no attribute "find_tables" in PyMuPDF 1.27

• Other:

  • Added Annot.__bool__().

Changes in version 1.27.2. (2026-03-10)

• Use MuPDF-1.27.2.

• Fixed issues:

  • Fixed 4903 <https://github.com/pymupdf/PyMuPDF/issues/4903>_: Typing broken because of *_forward_decl

• Other:

  • Retrospectively marked #4907 as fixed in pymupdf-1.27.1.

  • Improved get_textpage_ocr().

    For partial OCR, all page areas outside legible text are now OCRed, not just those within images. This means that OCR will now also be performed for vector graphics, and for text containing illegible characters.

  • Provide a Linux wheel for free-threading python,

... (truncated)

Commits

• bf51516 Update version to 1.27.2.3.
• e5bddbb scripts/ tests/: updated to match new location of pipcl.py in src/.
• eda615d Move pipcl.py and wdev.py into src/.
• a7fe8b3 changes.txt: updates for next release.
• 61da30a tests/test_drawings.py: New tests for #4954: test_4954_1() test_4954_2().
• 5445fc0 docs/conf.py: change how we look for version numbers in setup.py and scripts/...
• 1792ef0 pyproject.toml: require package pipcl for building.
• 237f097 tests/: fix tests if we are incorrectly claiming to be thread safe.
• cd89bb0 tests/conftest.py: also install pipcl, as we move to using pipcl package.
• 341eab2 setup.py: added support for incorrectly claiming to be thread-safe, for #4760.
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions