chore(deps): bump the poetry group across 1 directory with 6 updates

[dependabot]

Bumps the poetry group with 6 updates in the / directory:

Package	From	To
cryptography	43.0.3	44.0.0
fastapi	0.115.5	0.115.6
httpx	0.27.2	0.28.0
pydantic	2.9.2	2.10.3
ruff	0.7.4	0.8.2
uvicorn	0.32.0	0.32.1

Updates cryptography from 43.0.3 to 44.0.0

Changelog

Sourced from cryptography's changelog.

44.0.0 - 2024-11-27

* **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL < 3.9.
* Deprecated Python 3.7 support. Python 3.7 is no longer supported by the
  Python core team. Support for Python 3.7 will be removed in a future
  ``cryptography`` release.
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.0.
* macOS wheels are now built against the macOS 10.13 SDK. Users on older
  versions of macOS should upgrade, or they will need to build
  ``cryptography`` themselves.
* Enforce the :rfc:`5280` requirement that extended key usage extensions must
  not be empty.
* Added support for timestamp extraction to the
  :class:`~cryptography.fernet.MultiFernet` class.
* Relax the Authority Key Identifier requirements on root CA certificates
  during X.509 verification to allow fields permitted by :rfc:`5280` but
  forbidden by the CA/Browser BRs.
* Added support for :class:`~cryptography.hazmat.primitives.kdf.argon2.Argon2id`
  when using OpenSSL 3.2.0+.
* Added support for the :class:`~cryptography.x509.Admissions` certificate extension.
* Added basic support for PKCS7 decryption (including S/MIME 3.2) via
  :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_der`,
  :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_pem`, and
  :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_smime`.
.. _v43-0-3:

Commits

• f299a48 remove deprecated call (#12052)
• 439eb05 Bump version for 44.0.0 (#12051)
• 2c5ad4d chore(deps): bump maturin from 1.7.4 to 1.7.5 in /.github/requirements (#12050)
• d23968a chore(deps): bump libc from 0.2.165 to 0.2.166 (#12049)
• 133c0e0 Bump x509-limbo and/or wycheproof in CI (#12047)
• f2259d7 Bump BoringSSL and/or OpenSSL in CI (#12046)
• e201c87 fixed metadata in changelog (#12044)
• c6104cc Prohibit Python 3.9.0, 3.9.1 -- they have a bug that causes errors (#12045)
• d6cac75 Add support for decrypting S/MIME messages (#11555)
• b8e5bfd chore(deps): bump libc from 0.2.164 to 0.2.165 (#12042)
• Additional commits viewable in compare view

Updates fastapi from 0.115.5 to 0.115.6

Release notes

Sourced from fastapi's releases.

0.115.6

Fixes

• 🐛 Preserve traceback when an exception is raised in sync dependency with yield. PR #5823 by @​sombek.

Refactors

• ♻️ Update tests and internals for compatibility with Pydantic >=2.10. PR #12971 by @​tamird.

Docs

• 📝 Update includes format in docs with an automated script. PR #12950 by @​tiangolo.
• 📝 Update includes for docs/de/docs/advanced/using-request-directly.md. PR #12685 by @​alissadb.
• 📝 Update includes for docs/de/docs/how-to/conditional-openapi.md. PR #12689 by @​alissadb.

Translations

• 🌐 Add Traditional Chinese translation for docs/zh-hant/docs/async.md. PR #12990 by @​ILoveSorasakiHina.
• 🌐 Add Traditional Chinese translation for docs/zh-hant/docs/tutorial/query-param-models.md. PR #12932 by @​Vincy1230.
• 🌐 Add Korean translation for docs/ko/docs/advanced/testing-dependencies.md. PR #12992 by @​Limsunoh.
• 🌐 Add Korean translation for docs/ko/docs/advanced/websockets.md. PR #12991 by @​kwang1215.
• 🌐 Add Portuguese translation for docs/pt/docs/tutorial/response-model.md. PR #12933 by @​AndreBBM.
• 🌐 Add Korean translation for docs/ko/docs/advanced/middlewares.md. PR #12753 by @​nahyunkeem.
• 🌐 Add Korean translation for docs/ko/docs/advanced/openapi-webhooks.md. PR #12752 by @​saeye.
• 🌐 Add Chinese translation for docs/zh/docs/tutorial/query-param-models.md. PR #12931 by @​Vincy1230.
• 🌐 Add Russian translation for docs/ru/docs/tutorial/query-param-models.md. PR #12445 by @​gitgernit.
• 🌐 Add Korean translation for docs/ko/docs/tutorial/query-param-models.md. PR #12940 by @​jts8257.
• 🔥 Remove obsolete tutorial translation to Chinese for docs/zh/docs/tutorial/sql-databases.md, it references files that are no longer on the repo. PR #12949 by @​tiangolo.

Internal

• ⬆ [pre-commit.ci] pre-commit autoupdate. PR #12954 by @​pre-commit-ci[bot].

Commits

• bb8c2a6 🔖 Release version 0.115.6
• 905ec1e 📝 Update release notes
• 4f81575 🐛 Preserve traceback when exception is raised in sync dependency with yield...
• 8255edf 📝 Update release notes
• 53c8784 🌐 Add Traditional Chinese translation for docs/zh-hant/docs/async.md (#12990)
• 2971352 📝 Update release notes
• 8376228 🌐 Add Traditional Chinese translation for `docs/zh-hant/docs/tutorial/query-p...
• 6c7873c 📝 Update release notes
• d75b81c 🌐 Add Korean translation for docs/ko/docs/advanced/testing-dependencies.md ...
• 206037c 📝 Update release notes
• Additional commits viewable in compare view

Updates httpx from 0.27.2 to 0.28.0

Release notes

Sourced from httpx's releases.

Version 0.28.0

0.28.0 (28th November, 2024)

The 0.28 release includes a limited set of deprecations.

Deprecations:

We are working towards a simplified SSL configuration API.

For users of the standard verify=True or verify=False cases, or verify=<ssl_context> case this should require no changes. The following cases have been deprecated...

• The verify argument as a string argument is now deprecated and will raise warnings.
• The cert argument is now deprecated and will raise warnings.

Our revised SSL documentation covers how to implement the same behaviour with a more constrained API.

The following changes are also included:

• The deprecated proxies argument has now been removed.
• The deprecated app argument has now been removed.
• JSON request bodies use a compact representation. (#3363)
• Review URL percent escape sets, based on WHATWG spec. (#3371, #3373)
• Ensure certifi and httpcore are only imported if required. (#3377)
• Treat socks5h as a valid proxy scheme. (#3178)
• Cleanup Request() method signature in line with client.request() and httpx.request(). (#3378)

Changelog

Sourced from httpx's changelog.

0.28.0 (28th November, 2024)

The 0.28 release includes a limited set of deprecations.

Deprecations:

We are working towards a simplified SSL configuration API.

For users of the standard verify=True or verify=False cases, or verify=<ssl_context> case this should require no changes. The following cases have been deprecated...

• The verify argument as a string argument is now deprecated and will raise warnings.
• The cert argument is now deprecated and will raise warnings.

Our revised SSL documentation covers how to implement the same behaviour with a more constrained API.

The following changes are also included:

• The deprecated proxies argument has now been removed.
• The deprecated app argument has now been removed.
• JSON request bodies use a compact representation. (#3363)
• Review URL percent escape sets, based on WHATWG spec. (#3371, #3373)
• Ensure certifi and httpcore are only imported if required. (#3377)
• Treat socks5h as a valid proxy scheme. (#3178)
• Cleanup Request() method signature in line with client.request() and httpx.request(). (#3378)
• Bugfix: When passing params={}, always strictly update rather than merge with an existing querystring. (#3364)

Commits

• 80960fa Version 0.28.0. (#3419)
• a33c878 Fix extensions type annotation. (#3380)
• ce7e14d Error on verify as str. (#3418)
• 47f4a96 Handle empty zstd responses (#3412)
• 189fc4b Update CHANGELOG.md, fix typo(s) (#3406)
• 7b19cd5 Move utility functions from _utils.py to _client.py (#3389)
• b47d94c Avoid private imports in test cases. (#3403)
• 2ea2286 Import ssl on demand (#3401)
• 1805ee0 Graceful upgrade path for 0.28. (#3394)
• 41597ad Move remaining utility functions from _utils.py to _models.py (#3387)
• Additional commits viewable in compare view

Updates pydantic from 2.9.2 to 2.10.3

Release notes

Sourced from pydantic's releases.

v2.10.3 2024-12-03

What's Changed

Fixes

• Set fields when defer_build is set on Pydantic dataclasses by @​Viicos in #10984
• Do not resolve the JSON Schema reference for dict core schema keys by @​Viicos in #10989
• Use the globals of the function when evaluating the return type for PlainSerializer and WrapSerializer functions by @​Viicos in #11008
• Fix host required enforcement for urls to be compatible with v2.9 behavior by @​sydney-runkle in #11027
• Add a default_factory_takes_validated_data property to FieldInfo by @​Viicos in #11034
• Fix url json schema in serialization mode by @​sydney-runkle in #11035

Full Changelog: pydantic/pydantic@v2.10.2...v2.10.3

v2.10.2 2024-11-26

What's Changed

Fixes

• Only evaluate FieldInfo annotations if required during schema building by @​Viicos in #10769
• Do not evaluate annotations for private fields by @​Viicos in #10962
• Support serialization as any for Secret types and Url types by @​sydney-runkle in #10947
• Fix type hint of Field.default to be compatible with Python 3.8 and 3.9 by @​Viicos in #10972
• Add hashing support for URL types by @​sydney-runkle in #10975
• Hide BaseModel.__replace__ definition from type checkers by @​Viicos in 10979

Full Changelog: pydantic/pydantic@v2.10.1...v2.10.2

v2.10.1 2024-11-21

What's Changed

Packaging

• Bump pydantic-core version to v2.27.1 by @​sydney-runkle in #10938

Fixes

• Use the correct frame when instantiating a parametrized TypeAdapter by @​Viicos in #10893
• Relax check for validated data in default_factory utils by @​sydney-runkle in #10909
• Fix type checking issue with model_fields and model_computed_fields by @​sydney-runkle in #10911
• Use the parent configuration during schema generation for stdlib dataclasses by @​sydney-runkle in #10928
• Use the globals of the function when evaluating the return type of serializers and computed_fields by @​Viicos in #10929
• Fix URL constraint application by @​sydney-runkle in #10922
• Fix URL equality with different validation methods by @​sydney-runkle in #10934
• Fix JSON schema title when specified as '' by @​sydney-runkle in #10936
• Fix python mode serialization for complex inference by @​sydney-runkle in pydantic-core#1549

Full Changelog: pydantic/pydantic@v2.10.0...v2.10.1

v2.10.0 2024-11-20

... (truncated)

Changelog

Sourced from pydantic's changelog.

v2.10.3 (2024-12-03)

GitHub release

What's Changed

Fixes

• Set fields when defer_build is set on Pydantic dataclasses by @​Viicos in #10984
• Do not resolve the JSON Schema reference for dict core schema keys by @​Viicos in #10989
• Use the globals of the function when evaluating the return type for PlainSerializer and WrapSerializer functions by @​Viicos in #11008
• Fix host required enforcement for urls to be compatible with v2.9 behavior by @​sydney-runkle in #11027
• Add a default_factory_takes_validated_data property to FieldInfo by @​Viicos in #11034
• Fix url json schema in serialization mode by @​sydney-runkle in #11035

v2.10.2 (2024-11-25)

GitHub release

What's Changed

Fixes

• Only evaluate FieldInfo annotations if required during schema building by @​Viicos in #10769
• Do not evaluate annotations for private fields by @​Viicos in #10962
• Support serialization as any for Secret types and Url types by @​sydney-runkle in #10947
• Fix type hint of Field.default to be compatible with Python 3.8 and 3.9 by @​Viicos in #10972
• Add hashing support for URL types by @​sydney-runkle in #10975
• Hide BaseModel.__replace__ definition from type checkers by @​Viicos in 10979

v2.10.1 (2024-11-21)

GitHub release

What's Changed

Packaging

• Bump pydantic-core version to v2.27.1 by @​sydney-runkle in #10938

Fixes

• Use the correct frame when instantiating a parametrized TypeAdapter by @​Viicos in #10893
• Relax check for validated data in default_factory utils by @​sydney-runkle in #10909
• Fix type checking issue with model_fields and model_computed_fields by @​sydney-runkle in #10911
• Use the parent configuration during schema generation for stdlib dataclasses by @​sydney-runkle in #10928
• Use the globals of the function when evaluating the return type of serializers and computed_fields by @​Viicos in #10929
• Fix URL constraint application by @​sydney-runkle in #10922
• Fix URL equality with different validation methods by @​sydney-runkle in #10934
• Fix JSON schema title when specified as '' by @​sydney-runkle in #10936

... (truncated)

Commits

• c326748 Prep for v2.10.3 release (#11038)
• 68d35bf Fix url json schema in serialization mode (#11035)
• fa69b4c Add a default_factory_takes_validated_data property to FieldInfo (#11034)
• 435a703 Fix host required enforcement for urls to be compatible with v2.9 behavior (#...
• b2c4548 Use the globals of the function when evaluating the return type for `PlainSer...
• cb962c1 Do not resolve the JSON Schema reference for dict core schema keys (#10989)
• 10ebcdf Set fields when defer_build is set on Pydantic dataclasses (#10984)
• fe32515 Prepare for v2.10.2 release (#10982)
• 226cfaf Hide BaseModel.__replace__ definition from type checkers (#10979)
• 02229a6 hashing support for urls (#10975)
• Additional commits viewable in compare view

Updates ruff from 0.7.4 to 0.8.2

Release notes

Sourced from ruff's releases.

0.8.2

Release Notes

Preview features

• [airflow] Avoid deprecated values (AIR302) (#14582)
• [airflow] Extend removed names for AIR302 (#14734)
• [ruff] Extend unnecessary-regular-expression to non-literal strings (RUF055) (#14679)
• [ruff] Implement used-dummy-variable (RUF052) (#14611)
• [ruff] Implement unnecessary-cast-to-int (RUF046) (#14697)

Rule changes

• [airflow] Check AIR001 from builtin or providers operators module (#14631)
• [flake8-pytest-style] Remove @ in pytest.mark.parametrize rule messages (#14770)
• [pandas-vet] Skip rules if the panda module hasn't been seen (#14671)
• [pylint] Fix false negatives for ascii and sorted in len-as-condition (PLC1802) (#14692)
• [refurb] Guard hashlib imports and mark hashlib-digest-hex fix as safe (FURB181) (#14694)

Configuration

• [flake8-import-conventions] Improve syntax check for aliases supplied in configuration for unconventional-import-alias (ICN001) (#14745)

Bug fixes

• Revert: [pyflakes] Avoid false positives in @no_type_check contexts (F821, F722) (#14615) (#14726)
• [pep8-naming] Avoid false positive for class Bar(type(foo)) (N804) (#14683)
• [pycodestyle] Handle f-strings properly for invalid-escape-sequence (W605) (#14748)
• [pylint] Ignore @overload in PLR0904 (#14730)
• [refurb] Handle non-finite decimals in verbose-decimal-constructor (FURB157) (#14596)
• [ruff] Avoid emitting assignment-in-assert when all references to the assigned variable are themselves inside asserts (RUF018) (#14661)

Documentation

• Improve docs for flake8-use-pathlib rules (#14741)
• Improve error messages and docs for flake8-comprehensions rules (#14729)
• [flake8-type-checking] Expands TC006 docs to better explain itself (#14749)

Contributors

• @​AlexWaygood
• @​Daverball
• @​InSyncWithFoo
• @​Lee-W
• @​Lokejoke
• @​Matt-Ord
• @​MichaReiser
• @​Well2333
• @​connorskees
• @​dcreager
• @​dhruvmanila

... (truncated)

Changelog

Sourced from ruff's changelog.

0.8.2

Preview features

• [airflow] Avoid deprecated values (AIR302) (#14582)
• [airflow] Extend removed names for AIR302 (#14734)
• [ruff] Extend unnecessary-regular-expression to non-literal strings (RUF055) (#14679)
• [ruff] Implement used-dummy-variable (RUF052) (#14611)
• [ruff] Implement unnecessary-cast-to-int (RUF046) (#14697)

Rule changes

• [airflow] Check AIR001 from builtin or providers operators module (#14631)
• [flake8-pytest-style] Remove @ in pytest.mark.parametrize rule messages (#14770)
• [pandas-vet] Skip rules if the panda module hasn't been seen (#14671)
• [pylint] Fix false negatives for ascii and sorted in len-as-condition (PLC1802) (#14692)
• [refurb] Guard hashlib imports and mark hashlib-digest-hex fix as safe (FURB181) (#14694)

Configuration

• [flake8-import-conventions] Improve syntax check for aliases supplied in configuration for unconventional-import-alias (ICN001) (#14745)

Bug fixes

• Revert: [pyflakes] Avoid false positives in @no_type_check contexts (F821, F722) (#14615) (#14726)
• [pep8-naming] Avoid false positive for class Bar(type(foo)) (N804) (#14683)
• [pycodestyle] Handle f-strings properly for invalid-escape-sequence (W605) (#14748)
• [pylint] Ignore @overload in PLR0904 (#14730)
• [refurb] Handle non-finite decimals in verbose-decimal-constructor (FURB157) (#14596)
• [ruff] Avoid emitting assignment-in-assert when all references to the assigned variable are themselves inside asserts (RUF018) (#14661)

Documentation

• Improve docs for flake8-use-pathlib rules (#14741)
• Improve error messages and docs for flake8-comprehensions rules (#14729)
• [flake8-type-checking] Expands TC006 docs to better explain itself (#14749)

0.8.1

Preview features

• Formatter: Avoid invalid syntax for format-spec with quotes for all Python versions (#14625)
• Formatter: Consider quotes inside format-specs when choosing the quotes for an f-string (#14493)
• Formatter: Do not consider f-strings with escaped newlines as multiline (#14624)
• Formatter: Fix f-string formatting in assignment statement (#14454)
• Formatter: Fix unnecessary space around power operator (**) in overlong f-string expressions (#14489)
• [airflow] Avoid implicit schedule argument to DAG and @dag (AIR301) (#14581)
• [flake8-builtins] Exempt private built-in modules (A005) (#14505)
• [flake8-pytest-style] Fix pytest.mark.parametrize rules to check calls instead of decorators (#14515)
• [flake8-type-checking] Implement runtime-cast-value (TC006) (#14511)

... (truncated)

Commits

• b0e26e6 Bump version to 0.8.2 (#14789)
• e9941cd [red-knot] Move standalone expr inference to for non-name target (#14788)
• 43bf1a8 Add tests for "keyword as identifier" syntax errors (#14754)
• fda8b1f [ruff] Unnecessary cast to int (RUF046) (#14697)
• 2d3f557 [red-knot] Fallback for typing._NoDefaultType (#14783)
• bd27bfa [red-knot] Unify setup_db() functions, add TestDb builder (#14777)
• 155d34b [red-knot] Infer precise types for len() calls (#14599)
• 04c887c Fix references for async-busy-wait (#14775)
• af43bd4 [red-knot] Gradual forms do not participate in equivalence/subtyping (#14758)
• 6149177 Remove @ in pytest.mark.parametrize rule messages (#14770)
• Additional commits viewable in compare view

Updates uvicorn from 0.32.0 to 0.32.1

Release notes

Sourced from uvicorn's releases.

Version 0.32.1

What's Changed

• Enable httptools lenient data by @​vvanglro in encode/uvicorn#2488
• Drop ASGI spec version to 2.3 on HTTP scope by @​Kludex in encode/uvicorn#2513

---

Full Changelog: encode/uvicorn@0.32.0...0.32.1

Changelog

Sourced from uvicorn's changelog.

0.32.1 (2024-11-20)

Fixed

• Drop ASGI spec version to 2.3 on HTTP scope #2513
• Enable httptools lenient data on httptools >= 0.6.3 #2488

Commits

• 5279296 Upgrade upload/download GitHub Actions (#2517)
• 8c3402d Update publish.yaml with latest PyPI recommendations (#2516)
• 04c6320 Version 0.32.1 (#2515)
• fc6c51b Drop ASGI spec version to 2.3 on HTTP (#2513)
• 2aea835 fix(http): enable httptools lenient data (#2488)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Superseded by #24.