Skip to content

chore(deps): bump yarl from 1.23.0 to 1.24.2#126

Merged
brunns merged 1 commit into
masterfrom
dependabot/uv/yarl-1.24.2
May 27, 2026
Merged

chore(deps): bump yarl from 1.23.0 to 1.24.2#126
brunns merged 1 commit into
masterfrom
dependabot/uv/yarl-1.24.2

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 27, 2026

Bumps yarl from 1.23.0 to 1.24.2.

Release notes

Sourced from yarl's releases.

1.24.2

Contributor-facing changes

  • Switched the aarch64 and armv7l wheel builds to GitHub's native ARM runners. The aarch64 wheels now build without QEMU emulation, and armv7l runs on aarch64 hosts so its 32-bit ARM execution is far cheaper than the previous aarch64-on-x86_64 path -- by :user:bdraco.

    Related issues and pull requests on GitHub: #1724.

  • Restored per-runner native arches in the Windows wheel matrix on tag releases. The previous CIBW_ARCHS_WINDOWS=AMD64 ARM64 setting made both windows-latest and windows-11-arm cross-compile the other arch, producing two artifacts with identically-named wheels whose bytes differed; the deploy job's download-artifact ... merge-multiple step tore those writes together, yielding a wheel that PyPI rejected with 400 Invalid distribution file. ZIP archive not accepted: Mis-matched data size during the 1.24.0 and 1.24.1 releases -- by :user:bdraco.

    Related issues and pull requests on GitHub: #1725.

1.24.1

This release was yanked from PyPI due to a partial wheel publishing problem.

Contributor-facing changes

  • Allowed re-running the deploy job after a partial release failure: the Make Release step now skips when the GitHub Release already exists, and the PyPI publish step uses skip-existing so dists that were already uploaded on a prior attempt do not break the retry -- by :user:bdraco.

    Related issues and pull requests on GitHub: #1721.

1.24.0

This release was yanked from PyPI due to a partial wheel publishing problem.

... (truncated)

Changelog

Sourced from yarl's changelog.

v1.24.2

(2026-05-19)

Contributor-facing changes

  • Switched the aarch64 and armv7l wheel builds to GitHub's native ARM runners. The aarch64 wheels now build without QEMU emulation, and armv7l runs on aarch64 hosts so its 32-bit ARM execution is far cheaper than the previous aarch64-on-x86_64 path -- by :user:bdraco.

    Related issues and pull requests on GitHub: :issue:1724.

  • Restored per-runner native arches in the Windows wheel matrix on tag releases. The previous CIBW_ARCHS_WINDOWS=AMD64 ARM64 setting made both windows-latest and windows-11-arm cross-compile the other arch, producing two artifacts with identically-named wheels whose bytes differed; the deploy job's download-artifact ... merge-multiple step tore those writes together, yielding a wheel that PyPI rejected with 400 Invalid distribution file. ZIP archive not accepted: Mis-matched data size during the 1.24.0 and 1.24.1 releases -- by :user:bdraco.

    Related issues and pull requests on GitHub: :issue:1725.

v1.24.1

(2026-05-19)

Contributor-facing changes

  • Allowed re-running the deploy job after a partial release failure: the Make Release step now skips when the GitHub Release already exists, and the PyPI publish step uses skip-existing so dists that were already uploaded on a prior attempt do not break the retry -- by :user:bdraco.

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): bump yarl from 1.23.0 to 1.24.2
fcabb33 
Bumps [yarl](https://github.com/aio-libs/yarl) from 1.23.0 to 1.24.2.
- [Release notes](https://github.com/aio-libs/yarl/releases)
- [Changelog](https://github.com/aio-libs/yarl/blob/master/CHANGES.rst)
- [Commits](aio-libs/yarl@v1.23.0...v1.24.2)

---
updated-dependencies:
- dependency-name: yarl
  dependency-version: 1.24.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python labels May 27, 2026
@brunns brunns merged commit 7b4d34c into master May 27, 2026
29 checks passed
@dependabot dependabot Bot deleted the dependabot/uv/yarl-1.24.2 branch May 27, 2026 04:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@brunns brunns

Labels

dependencies Pull requests that update a dependency file python

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@brunns