chore(deps): bump the poetry group across 1 directory with 8 updates

[dependabot]

Bumps the poetry group with 8 updates in the / directory:

Package	From	To
authlib	1.3.2	1.4.0
cryptography	43.0.3	44.0.0
fastapi	0.115.5	0.115.6
pydantic	2.9.2	2.10.5
pytest	8.3.3	8.3.4
rapidfuzz	3.10.1	3.11.0
ruff	0.7.4	0.9.1
uvicorn	0.32.0	0.34.0

Updates authlib from 1.3.2 to 1.4.0

Changelog

Sourced from authlib's changelog.

Version 1.4.0

Released on Dec 20, 2024

• Fix id_token decoding when kid is null. :pr:659
• Support for Python 3.13. :pr:682
• Force login if the prompt parameter value is login. :pr:637
• Support for httpx 0.28, :pr:695

Breaking changes:

• Stop support for Python 3.8. :pr:682

Commits

• eb34edf chore: release 1.4.0
• bc55003 Merge pull request #695 from MeggyCal/master
• 1d10ff3 Support httpx 0.28
• 27fb1fd docs: remove starlette.config.Config from docs via #612
• 5a0ca3c Updated notes on using a cache instance when initializing OAuth. (#693)
• fbdbbd6 Merge pull request #691 from iSOLveIT/master
• d36dc38 Fixed typos and grammatical errors in the flask_client docs.
• 639ca66 doc: changelog for contributions since version 1.3.2
• 858f7d9 Merge pull request #637 from frankie567/fix/oidc-guess-prompt
• 1cba980 doc: improve RFC9068 examples in documentation
• Additional commits viewable in compare view

Updates cryptography from 43.0.3 to 44.0.0

Changelog

Sourced from cryptography's changelog.

44.0.0 - 2024-11-27

* **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL < 3.9.
* Deprecated Python 3.7 support. Python 3.7 is no longer supported by the
  Python core team. Support for Python 3.7 will be removed in a future
  ``cryptography`` release.
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.0.
* macOS wheels are now built against the macOS 10.13 SDK. Users on older
  versions of macOS should upgrade, or they will need to build
  ``cryptography`` themselves.
* Enforce the :rfc:`5280` requirement that extended key usage extensions must
  not be empty.
* Added support for timestamp extraction to the
  :class:`~cryptography.fernet.MultiFernet` class.
* Relax the Authority Key Identifier requirements on root CA certificates
  during X.509 verification to allow fields permitted by :rfc:`5280` but
  forbidden by the CA/Browser BRs.
* Added support for :class:`~cryptography.hazmat.primitives.kdf.argon2.Argon2id`
  when using OpenSSL 3.2.0+.
* Added support for the :class:`~cryptography.x509.Admissions` certificate extension.
* Added basic support for PKCS7 decryption (including S/MIME 3.2) via
  :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_der`,
  :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_pem`, and
  :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_smime`.
.. _v43-0-3:

Commits

• f299a48 remove deprecated call (#12052)
• 439eb05 Bump version for 44.0.0 (#12051)
• 2c5ad4d chore(deps): bump maturin from 1.7.4 to 1.7.5 in /.github/requirements (#12050)
• d23968a chore(deps): bump libc from 0.2.165 to 0.2.166 (#12049)
• 133c0e0 Bump x509-limbo and/or wycheproof in CI (#12047)
• f2259d7 Bump BoringSSL and/or OpenSSL in CI (#12046)
• e201c87 fixed metadata in changelog (#12044)
• c6104cc Prohibit Python 3.9.0, 3.9.1 -- they have a bug that causes errors (#12045)
• d6cac75 Add support for decrypting S/MIME messages (#11555)
• b8e5bfd chore(deps): bump libc from 0.2.164 to 0.2.165 (#12042)
• Additional commits viewable in compare view

Updates fastapi from 0.115.5 to 0.115.6

Release notes

Sourced from fastapi's releases.

0.115.6

Fixes

• 🐛 Preserve traceback when an exception is raised in sync dependency with yield. PR #5823 by @​sombek.

Refactors

• ♻️ Update tests and internals for compatibility with Pydantic >=2.10. PR #12971 by @​tamird.

Docs

• 📝 Update includes format in docs with an automated script. PR #12950 by @​tiangolo.
• 📝 Update includes for docs/de/docs/advanced/using-request-directly.md. PR #12685 by @​alissadb.
• 📝 Update includes for docs/de/docs/how-to/conditional-openapi.md. PR #12689 by @​alissadb.

Translations

• 🌐 Add Traditional Chinese translation for docs/zh-hant/docs/async.md. PR #12990 by @​ILoveSorasakiHina.
• 🌐 Add Traditional Chinese translation for docs/zh-hant/docs/tutorial/query-param-models.md. PR #12932 by @​Vincy1230.
• 🌐 Add Korean translation for docs/ko/docs/advanced/testing-dependencies.md. PR #12992 by @​Limsunoh.
• 🌐 Add Korean translation for docs/ko/docs/advanced/websockets.md. PR #12991 by @​kwang1215.
• 🌐 Add Portuguese translation for docs/pt/docs/tutorial/response-model.md. PR #12933 by @​AndreBBM.
• 🌐 Add Korean translation for docs/ko/docs/advanced/middlewares.md. PR #12753 by @​nahyunkeem.
• 🌐 Add Korean translation for docs/ko/docs/advanced/openapi-webhooks.md. PR #12752 by @​saeye.
• 🌐 Add Chinese translation for docs/zh/docs/tutorial/query-param-models.md. PR #12931 by @​Vincy1230.
• 🌐 Add Russian translation for docs/ru/docs/tutorial/query-param-models.md. PR #12445 by @​gitgernit.
• 🌐 Add Korean translation for docs/ko/docs/tutorial/query-param-models.md. PR #12940 by @​jts8257.
• 🔥 Remove obsolete tutorial translation to Chinese for docs/zh/docs/tutorial/sql-databases.md, it references files that are no longer on the repo. PR #12949 by @​tiangolo.

Internal

• ⬆ [pre-commit.ci] pre-commit autoupdate. PR #12954 by @​pre-commit-ci[bot].

Commits

• bb8c2a6 🔖 Release version 0.115.6
• 905ec1e 📝 Update release notes
• 4f81575 🐛 Preserve traceback when exception is raised in sync dependency with yield...
• 8255edf 📝 Update release notes
• 53c8784 🌐 Add Traditional Chinese translation for docs/zh-hant/docs/async.md (#12990)
• 2971352 📝 Update release notes
• 8376228 🌐 Add Traditional Chinese translation for `docs/zh-hant/docs/tutorial/query-p...
• 6c7873c 📝 Update release notes
• d75b81c 🌐 Add Korean translation for docs/ko/docs/advanced/testing-dependencies.md ...
• 206037c 📝 Update release notes
• Additional commits viewable in compare view

Updates pydantic from 2.9.2 to 2.10.5

Release notes

Sourced from pydantic's releases.

v2.10.5 2024-12-18

v2.10.5 (2025-01-08)

What's Changed

• Remove custom MRO implementation of Pydantic models by @​Viicos in #11184
• Fix URL serialization for unions by @​sydney-runkle in #11233

v2.10.4 2024-12-18

What's Changed

Packaging

• Bump pydantic-core to v2.27.2 by @​davidhewitt in #11138

Fixes

• Fix for comparison of AnyUrl objects by @​alexprabhat99 in #11082
• Properly fetch PEP 695 type params for functions, do not fetch annotations from signature by @​Viicos in #11093
• Include JSON Schema input core schema in function schemas by @​Viicos in #11085
• Add len to _BaseUrl to avoid TypeError by @​Kharianne in #11111
• Make sure the type reference is removed from the seen references by @​Viicos in #11143

New Contributors

• @​alexprabhat99 made their first contribution in #11082
• @​Kharianne made their first contribution in #11111

Full Changelog: pydantic/pydantic@v2.10.3...v2.10.4

v2.10.3 2024-12-03

What's Changed

Fixes

• Set fields when defer_build is set on Pydantic dataclasses by @​Viicos in #10984
• Do not resolve the JSON Schema reference for dict core schema keys by @​Viicos in #10989
• Use the globals of the function when evaluating the return type for PlainSerializer and WrapSerializer functions by @​Viicos in #11008
• Fix host required enforcement for urls to be compatible with v2.9 behavior by @​sydney-runkle in #11027
• Add a default_factory_takes_validated_data property to FieldInfo by @​Viicos in #11034
• Fix url json schema in serialization mode by @​sydney-runkle in #11035

Full Changelog: pydantic/pydantic@v2.10.2...v2.10.3

v2.10.2 2024-11-26

What's Changed

Fixes

• Only evaluate FieldInfo annotations if required during schema building by @​Viicos in #10769

... (truncated)

Changelog

Sourced from pydantic's changelog.

v2.10.5 (2025-01-08)

GitHub release

What's Changed

• Remove custom MRO implementation of Pydantic models by @​Viicos in #11184
• Fix URL serialization for unions by @​sydney-runkle in #11233

v2.10.4 (2024-12-18)

GitHub release

What's Changed

Packaging

• Bump pydantic-core to v2.27.2 by @​davidhewitt in #11138

Fixes

• Fix for comparison of AnyUrl objects by @​alexprabhat99 in #11082
• Properly fetch PEP 695 type params for functions, do not fetch annotations from signature by @​Viicos in #11093
• Include JSON Schema input core schema in function schemas by @​Viicos in #11085
• Add len to _BaseUrl to avoid TypeError by @​Kharianne in #11111
• Make sure the type reference is removed from the seen references by @​Viicos in #11143

New Contributors

• @​FyZzyss made their first contribution in #10789
• @​tamird made their first contribution in #10948
• @​felixxm made their first contribution in #11077
• @​alexprabhat99 made their first contribution in #11082
• @​Kharianne made their first contribution in #11111

v2.10.3 (2024-12-03)

GitHub release

What's Changed

Fixes

• Set fields when defer_build is set on Pydantic dataclasses by @​Viicos in #10984
• Do not resolve the JSON Schema reference for dict core schema keys by @​Viicos in #10989
• Use the globals of the function when evaluating the return type for PlainSerializer and WrapSerializer functions by @​Viicos in #11008
• Fix host required enforcement for urls to be compatible with v2.9 behavior by @​sydney-runkle in #11027
• Add a default_factory_takes_validated_data property to FieldInfo by @​Viicos in #11034
• Fix url json schema in serialization mode by @​sydney-runkle in #11035

... (truncated)

Commits

• 5d34efd Prepare release v2.10.5 (#11237)
• 6e585f9 Fix url serialization for unions (#11233)
• 5a22e02 Remove custom MRO implementation of Pydantic models (#11195)
• 5bd3a65 fix history.md
• 46f0945 Prepare for v2.10.4 (#11144)
• ea69e69 Make sure the type reference is removed from the seen references (#11145)
• a07c31e Include JSON Schema input core schema in function schemas (#11142)
• 9166d55 Update WithJsonSchema documentation, add usage documentation for `json_sche...
• 572f57d Rewrite validators documentation (#11060)
• 9faa8d9 Fix for comaparison of AnyUrl objects (#11082)
• Additional commits viewable in compare view

Updates pytest from 8.3.3 to 8.3.4

Release notes

Sourced from pytest's releases.

8.3.4

pytest 8.3.4 (2024-12-01)

Bug fixes

• #12592: Fixed KeyError{.interpreted-text role="class"} crash when using --import-mode=importlib in a directory layout where a directory contains a child directory with the same name.

• #12818: Assertion rewriting now preserves the source ranges of the original instructions, making it play well with tools that deal with the AST, like executing.

• #12849: ANSI escape codes for colored output now handled correctly in pytest.fail{.interpreted-text role="func"} with [pytrace=False]{.title-ref}.

• #9353: pytest.approx{.interpreted-text role="func"} now uses strict equality when given booleans.

Improved documentation

• #10558: Fix ambiguous docstring of pytest.Config.getoption{.interpreted-text role="func"}.

• #10829: Improve documentation on the current handling of the --basetemp option and its lack of retention functionality (temporary directory location and retention{.interpreted-text role="ref"}).

• #12866: Improved cross-references concerning the recwarn{.interpreted-text role="fixture"} fixture.

• #12966: Clarify filterwarnings{.interpreted-text role="ref"} docs on filter precedence/order when using multiple @pytest.mark.filterwarnings <pytest.mark.filterwarnings ref>{.interpreted-text role="ref"} marks.

Contributor-facing changes

• #12497: Fixed two failing pdb-related tests on Python 3.13.

Commits

• 53f8b4e Update pypa/gh-action-pypi-publish to v1.12.2
• 98dff36 Prepare release version 8.3.4
• 1b474e2 approx: use exact comparison for bool (#13013)
• b541721 docs: Fix wrong statement about sys.modules with importlib import mode (#1298...
• 16cb87b pytest.fail: fix ANSI escape codes for colored output (#12959) (#12990)
• be6bc81 Issue #12966 Clarify filterwarnings docs on precedence when using multiple ma...
• 7aeb72b Improve docs on basetemp and retention (#12912) (#12928)
• c875841 Merge pull request #12917 from pytest-dev/patchback/backports/8.3.x/ded1f44e5...
• 6502816 Merge pull request #12913 from jakkdl/dontfailonbadpath
• 52135b0 Merge pull request #12885 from The-Compiler/pdb-py311 (#12887)
• Additional commits viewable in compare view

Updates rapidfuzz from 3.10.1 to 3.11.0

Release notes

Sourced from rapidfuzz's releases.

Release 3.11.0

Performance

• improve calculation of min score inside partial_ratio so it can skip more alignments

Added

• added build support for emscripten

Changelog

Sourced from rapidfuzz's changelog.

Changelog

[3.11.0] - 2024-12-17 ^^^^^^^^^^^^^^^^^^^^^ Performance

- improve calculation of min score inside partial_ratio so it can skip more alignments
Added
- added build support for emscripten
[3.10.1] - 2024-10-24

^^^^^^^^^^^^^^^^^^^^^

Fixed



fix compilation on clang-19
fix incorrect results in simd optimized implementation of Levenshtein and OSA on 32bit targets

Added
* added support for taskflow 3.8.0
[3.10.0] - 2024-09-21

^^^^^^^^^^^^^^^^^^^^^

Fixed



drop support for Python 3.8
switch build system to scikit-build-core

[3.9.7] - 2024-09-02
^^^^^^^^^^^^^^^^^^^^
Fixed
* fix crash in ``cdist`` due to Visual Studio upgrade
[3.9.6] - 2024-08-06

^^^^^^^^^^^^^^^^^^^^

Changed



upgrade to Cython==3.0.11
add python 3.13 wheels

[3.9.5] - 2024-07-29
^^^^^^^^^^^^^^^^^^^^
Fixed
* include simd binaries in pyinstaller builds
* fix builds with setuptools 72 by upgrading `scikit-build`
</tr></table> 
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>

<li><a href="https://github.com/rapidfuzz/RapidFuzz/commit/8a1fd38b69db88319a609ab36f6ac7623e977218&quot;&gt;&lt;code&gt;8a1fd38&lt;/code&gt;&lt;/a> fix ci</li>

<li><a href="https://github.com/rapidfuzz/RapidFuzz/commit/dbfb7ce5e08049f6a69313bf548de9ccee5ff1f2&quot;&gt;&lt;code&gt;dbfb7ce&lt;/code&gt;&lt;/a> tag release</li>

<li><a href="https://github.com/rapidfuzz/RapidFuzz/commit/bead3657a9dc7aa61a8363d2dbdec865aa70024c&quot;&gt;&lt;code&gt;bead365&lt;/code&gt;&lt;/a> add emscripten support</li>

<li><a href="https://github.com/rapidfuzz/RapidFuzz/commit/e0f86a418b0d274ebfee7a54c00f7c6df5faadcf&quot;&gt;&lt;code&gt;e0f86a4&lt;/code&gt;&lt;/a> fix comment</li>

<li><a href="https://github.com/rapidfuzz/RapidFuzz/commit/0c1810633785f328a6823ed1e89421f96a76834e&quot;&gt;&lt;code&gt;0c18106&lt;/code&gt;&lt;/a> fix comment</li>

<li><a href="https://github.com/rapidfuzz/RapidFuzz/commit/e1c65fe32e9bddda9b75fe036260521af8d63b5a&quot;&gt;&lt;code&gt;e1c65fe&lt;/code&gt;&lt;/a> Bump the github-actions group across 1 directory with 3 updates</li>

<li>See full diff in <a href="https://github.com/rapidfuzz/RapidFuzz/compare/v3.10.1...v3.11.0&quot;&gt;compare view</a></li>

</ul>

</details>
<br />


Updates ruff from 0.7.4 to 0.9.1

Release notes
Sourced from ruff's releases.

0.9.1
Release Notes
Preview features

[pycodestyle] Run too-many-newlines-at-end-of-file on each cell in notebooks (W391) (#15308)
[ruff] Omit diagnostic for shadowed private function parameters in used-dummy-variable (RUF052) (#15376)

Rule changes

[flake8-bugbear] Improve assert-raises-exception message (B017) (#15389)

Formatter

Preserve trailing end-of line comments for the last string literal in implicitly concatenated strings (#15378)

Server

Fix a bug where the server and client notebooks were out of sync after reordering cells (#15398)

Bug fixes

[flake8-pie] Correctly remove wrapping parentheses (PIE800) (#15394)
[pyupgrade] Handle comments and multiline expressions correctly (UP037) (#15337)

Contributors

@​AntoineD
@​InSyncWithFoo
@​MichaReiser
@​calumy
@​dcreager
@​dhruvmanila
@​dylwil3
@​sharkdp
@​tjkuson

Install ruff 0.9.1
Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/ruff/releases/download/0.9.1/ruff-installer.sh | sh

Install prebuilt binaries via powershell script
powershell -ExecutionPolicy ByPass -c "irm https://github.com/astral-sh/ruff/releases/download/0.9.1/ruff-installer.ps1 | iex"



... (truncated)


Changelog
Sourced from ruff's changelog.

0.9.1
Preview features

[pycodestyle] Run too-many-newlines-at-end-of-file on each cell in notebooks (W391) (#15308)
[ruff] Omit diagnostic for shadowed private function parameters in used-dummy-variable (RUF052) (#15376)

Rule changes

[flake8-bugbear] Improve assert-raises-exception message (B017) (#15389)

Formatter

Preserve trailing end-of line comments for the last string literal in implicitly concatenated strings (#15378)

Server

Fix a bug where the server and client notebooks were out of sync after reordering cells (#15398)

Bug fixes

[flake8-pie] Correctly remove wrapping parentheses (PIE800) (#15394)
[pyupgrade] Handle comments and multiline expressions correctly (UP037) (#15337)

0.9.0
Check out the blog post for a migration guide and overview of the changes!
Breaking changes
Ruff now formats your code according to the 2025 style guide. As a result, your code might now get formatted differently. See the formatter section for a detailed list of changes.
This release doesn’t remove or remap any existing stable rules.
Stabilization
The following rules have been stabilized and are no longer in preview:

stdlib-module-shadowing (A005).
This rule has also been renamed: previously, it was called builtin-module-shadowing.
builtin-lambda-argument-shadowing (A006)
slice-to-remove-prefix-or-suffix (FURB188)
boolean-chained-comparison (PLR1716)
decimal-from-float-literal (RUF032)
post-init-default (RUF033)
useless-if-else (RUF034)

The following behaviors have been stabilized:

pytest-parametrize-names-wrong-type (PT006): Detect pytest.parametrize calls outside decorators and calls with keyword arguments.



... (truncated)


Commits

12f86f3 Ruff 0.9.1 (#15407)
2b28d56 Associate a trailing end-of-line comment in a parenthesized implicit concaten...
adca7bd Remove pygments pin (#15404)
6b98a26 [red-knot] Support assert_type (#15194)
c874638 [red-knot] Move tuple-containing-Never tests to Markdown (#15402)
c364b58 [flake8-pie] Correctly remove wrapping parentheses (PIE800) (#15394)
73d424e Fix outdated doc for handling the default file types with the pre-commit hook...
6e9ff44 Insert the cells from the start position (#15398)
f2c3ddc [red-knot] Move intersection type tests to Markdown (#15396)
b861551 Remove unnecessary backticks (#15393)
Additional commits viewable in compare view




Updates uvicorn from 0.32.0 to 0.34.0

Release notes
Sourced from uvicorn's releases.

Version 0.34.0
What's Changed

Add content-length to 500 response in wsproto by @​Kludex in encode/uvicorn#2542
Drop Python 3.8 by @​Kludex in encode/uvicorn#2543


Full Changelog: https://github.com/encode/uvicorn/compare/0.33.0...0.34.0
Version 0.33.0
What's Changed

Remove WatchGod by @​Kludex in encode/uvicorn#2536

New Contributors

@​bwells made their first contribution in encode/uvicorn#2491
@​tback made their first contribution in encode/uvicorn#2528

Full Changelog: https://github.com/encode/uvicorn/compare/0.32.1...0.33.0
Version 0.32.1
What's Changed

Enable httptools lenient data by @​vvanglro in encode/uvicorn#2488
Drop ASGI spec version to 2.3 on HTTP scope by @​Kludex in encode/uvicorn#2513


Full Changelog: https://github.com/encode/uvicorn/compare/0.32.0...0.32.1



Changelog
Sourced from uvicorn's changelog.

0.34.0 (December 15, 2024)
Added

Add content-length to 500 response in wsproto implementation (#2542)

Removed

Drop support for Python 3.8 (#2543)

0.33.0 (December 14, 2024)
Removed

Remove WatchGod support for --reload (#2536)

0.32.1 (November 20, 2024)
Fixed

Drop ASGI spec version to 2.3 on HTTP scope (#2513)
Enable httptools lenient data on httptools >= 0.6.3 (#2488)




Commits

7983c1a Version 0.34.0 (#2546)
75d4402 Add alls-green job (#2544)
4156ccb Drop Python 3.8 (#2543)
3575cba Add content-length to 500 response in wsproto (#2542)
a500513 Version 0.33.0 (#2539)
038f8ef Bump the python-packages group across 1 directory with 9 updates (#2538)
3aa1d01 Remove WatchGod (#2536)
a3cc360 docs: add note about server behavior on exceptions (#2535)
6725ebb docs: add more mkdocs-material features (#2534)
bfa754eencode/uvicorn#2527#2528)
Additional commits viewable in compare view




Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options


You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions