deps(deps): bump the python-dependencies group across 1 directory with 37 updates

[dependabot]

Bumps the python-dependencies group with 37 updates in the / directory:

Package	From	To
aiosqlite	0.20.0	0.22.1
alembic	1.16.5	1.18.4
anyio	4.11.0	4.13.0
certifi	2025.8.3	2025.11.12
click	8.1.8	8.4.0
dnspython	2.7.0	2.8.0
ecdsa	0.19.1	0.19.2
exceptiongroup	1.3.0	1.3.1
fastapi	0.115.14	0.128.1
greenlet	3.2.4	3.5.0
httptools	0.6.4	0.7.1
httpx	0.27.2	0.28.1
idna	3.10	3.15
jsonschema	4.25.1	4.26.0
mako	1.3.10	1.3.12
pyasn1	0.6.1	0.6.3
pyjwt	2.10.1	2.12.1
pydantic	2.11.9	2.11.10
pydantic-settings	2.11.0	2.14.1
python-dotenv	1.1.1	1.2.2
requests	2.32.5	2.34.2
scipy	1.13.1	1.15.3
sqlalchemy	2.0.43	2.0.49
starlette	0.46.2	0.50.0
tiktoken	0.12.0	0.13.0
tomli	2.2.1	2.4.1
typing-inspection	0.4.1	0.4.2
urllib3	2.5.0	2.7.0
uvicorn	0.30.6	0.47.0
watchfiles	1.1.0	1.2.0
psycopg2-binary	2.9.11	2.9.12
dependency-injector	4.48.3	4.49.0
prometheus-client	0.20.0	0.25.0
mypy	1.18.2	1.20.2
types-pyyaml	6.0.12.20250915	6.0.12.20260518
ruff	0.5.7	0.15.13
pytest-asyncio	0.24.0	0.26.0

Updates aiosqlite from 0.20.0 to 0.22.1

Changelog

Sourced from aiosqlite's changelog.

v0.22.1

Bug fix release

NOTE: Starting with v0.22.0, the aiosqlite.Connection object no longer inherits from threading.Thread. If not using aiosqlite as a context manager, clients must await connection.close() or call connection.stop() to ensure the helper thread is completed and terminated correctly. A ResourceWarning will be emitted for any connection that is garbage collected without being closed or stopped.

• Added synchronous stop() method to aiosqlite.Connection to enable safe cleanup and termination of the background thread without dependence on having an active event loop (#370)

$ git shortlog -s v0.22.0...v0.22.1
     2	Amethyst Reese

v0.22.0

Feature release

• Support set_authorizer query access controls (#349)
• Wait for transaction queue to complete when closing connection (#305)
• Emit warning when connection goes out of scope without being closed (#355)
• Remove dependency on typing_extensions (#365)

$ git shortlog -s v0.21.0...v0.22.0
     1	Alec Berryman
     1	Amethyst Reese
     1	David Andreoletti
     1	Markus Heidelberg
     1	beerpsi
    19	dependabot[bot]

v0.21.0

Maintenance release

• Fix: close connection correctly when BaseException raised in connection (#317)
• Metadata improvements

... (truncated)

Commits

• 9b127ce Version bump v0.22.1
• 5c3f61c Improve stop semantics for connections (#370)
• a869d73 Version bump v0.22.0
• 1cd60ad Emit warning if connection is deleted before it is closed (#355)
• 611d7b4 Add set_authorizer support for fine-grained access control (#349)
• 81d00c8 Bump actions/setup-python from 5 to 6 (#357)
• 7a26722 Bump coverage[toml] from 7.8.0 to 7.10.7 (#358)
• 4457540 Bump flake8 from 7.2.0 to 7.3.0 (#346)
• b650dad Bump actions/checkout from 5 to 6 (#366)
• 065ffdd Bump mypy from 1.15.0 to 1.19.0 (#367)
• Additional commits viewable in compare view

Updates alembic from 1.16.5 to 1.18.4

Release notes

Sourced from alembic's releases.

1.18.4

Released: February 10, 2026

bug

• [bug] [operations] Reverted the behavior of Operations.add_column() that would automatically render the "PRIMARY KEY" keyword inline when a Column with primary_key=True is added. The automatic behavior, added in version 1.18.2, is now opt-in via the new Operations.add_column.inline_primary_key parameter. This change restores the ability to render a PostgreSQL SERIAL column, which is required to be primary_key=True, while not impacting the ability to render a separate primary key constraint. This also provides consistency with the Operations.add_column.inline_references parameter and gives users explicit control over SQL generation.

  To render PRIMARY KEY inline, use the Operations.add_column.inline_primary_key parameter set to True:

  op.add_column( "my_table", Column("id", Integer, primary_key=True), inline_primary_key=True )References: #1232

1.18.3

Released: January 29, 2026

bug

• [bug] [autogenerate] Fixed regression in version 1.18.0 due to #1771 where autogenerate would raise NoReferencedTableError when a foreign key constraint referenced a table that was not part of the initial table load, including tables filtered out by the EnvironmentContext.configure.include_name callable or tables in remote schemas that were not included in the initial reflection run.

  The change in #1771 was a performance optimization that eliminated additional reflection queries for tables that were only referenced by foreign keys but not explicitly included in the main reflection run. However, this optimization inadvertently removed the creation of Table objects for these referenced tables, causing autogenerate to fail when processing foreign key constraints that pointed to them.

  The fix creates placeholder Table objects for foreign key targets

... (truncated)

Commits

• See full diff in compare view

Updates anyio from 4.11.0 to 4.13.0

Release notes

Sourced from anyio's releases.

4.13.0

• Dropped support for Python 3.9
• Added a ttl parameter to the anyio.functools.lru_cache wrapper (#1073; PR by @​Graeme22)
• Widened the type annotations of file I/O streams to accept IO[bytes] instead of just BinaryIO (#1078)
• Fixed anyio.Path not being compatible with Python 3.15 due to the removal of pathlib.Path.is_reserved() and the addition of pathlib.Path.__vfspath__() (#1061; PR by @​veeceey)
• Fixed the BrokenResourceError raised by the asyncio SocketStream not having the original exception as its cause (#1055; PR by @​veeceey)
• Fixed the TypeError raised when using "func" as a parameter name in pytest.mark.parametrize when using the pytest plugin (#1068; PR by @​JohnnyDeuss)
• Fixed the pytest plugin not running tests that had the anyio marker added programmatically via pytest_collection_modifyitems (#422; PR by @​chbndrhnns)
• Fixed cancellation exceptions leaking from a CancelScope on asyncio when they are contained in an exception group alongside non-cancellation exceptions (#1091; PR by @​gschaffner)
• Fixed Condition.wait() not passing on a notification when the task is cancelled but already received a notification
• Fixed inverted condition in the process pool shutdown phase which would cause still-running pooled processes not to be terminated (#1074; PR by @​bysiber)

4.12.1

• Changed all functions currently raising the private NoCurrentAsyncBackend exception (since v4.12.0) to instead raise the public NoEventLoopError exception (#1048)
• Fixed anyio.functools.lru_cache not working with instance methods (#1042)

4.12.0

• Added support for asyncio's task call graphs on Python 3.14 and later when using AnyIO's task groups (#1025)
• Added an asynchronous implementation of the functools module (#1001)
• Added support for uvloop=True on Windows via the winloop implementation (#960; PR by @​Vizonex)
• Added support for use as a context manager to anyio.lowlevel.RunVar (#1003)
• Added __all__ declarations to public submodules (anyio.lowlevel etc.) (#1009)
• Added the ability to set the token count of a CapacityLimiter to zero (#1019; requires Python 3.10 or later when using Trio)
• Added parameters case_sensitive and recurse_symlinks along with support for path-like objects to anyio.Path.glob() and anyio.Path.rglob() (#1033; PR by @​northisup)
• Dropped sniffio as a direct dependency and added the get_available_backends() function (#1021)
• Fixed Process.stdin.send() not raising ClosedResourceError and BrokenResourceError on asyncio. Previously, a non-AnyIO exception was raised in such cases (#671; PR by @​gschaffner)
• Fixed Process.stdin.send() not checkpointing before writing data on asyncio (#1002; PR by @​gschaffner)
• Fixed a race condition where cancelling a Future from BlockingPortal.start_task_soon() would sometimes not cancel the async function (#1011; PR by @​gschaffner)
• Fixed the presence of the pytest plugin causing breakage with older versions of pytest (<= 6.1.2) (#1028; PR by @​saper)
• Fixed a rarely occurring RuntimeError: Set changed size during iteration while shutting down the process pool when using the asyncio backend (#985)

Commits

• afbe93c Bumped up the version
• 33bdf2e Rearranged the changelog entries
• 19e09e2 Fixed inverted condition in _forcibly_shutdown_process_pool_on_exit (#1074)
• 9369d80 Fixed Condition.wait() not handing over notification when cancelled
• 6f122ab Fixed cancellation exceptions leaking from a CancelScope on asyncio when th...
• beaa45a [pre-commit.ci] pre-commit autoupdate (#1097)
• 602f660 Widened type annotations to accept IO[bytes] in file streams
• b5dcd45 Added note about erasing the template
• d68670b [pre-commit.ci] pre-commit autoupdate (#1090)
• fc17a22 tweak to_thread docs about abandon_on_cancel (#1088)
• Additional commits viewable in compare view

Updates certifi from 2025.8.3 to 2025.11.12

Commits

• 37ea150 2025.11.12 (#375)
• 2fa50bb Bump actions/upload-artifact from 4.6.2 to 5.0.0 (#374)
• 6cadb53 Bump actions/download-artifact from 5.0.0 to 6.0.0 (#373)
• fb14ac4 2025.10.05 (#371)
• 2c7c7ee Add Python 3.14 classifier in setup.py
• 1a5cb7b Bump actions/setup-python from 5.6.0 to 6.0.0 (#367)
• dea5960 Bump pypa/gh-action-pypi-publish from 1.12.4 to 1.13.0 (#366)
• 83566b7 Bump actions/checkout from 4.2.2 to 5.0.0
• ca2e121 Bump actions/download-artifact from 4.3.0 to 5.0.0
• See full diff in compare view

Updates click from 8.1.8 to 8.4.0

Release notes

Sourced from click's releases.

8.4.0

This is the Click 8.4.0 feature release. A feature release may include new features, remove previously deprecated code, add new deprecation, or introduce potentially breaking changes.

We encourage everyone to upgrade. You can read more about our Version Support Policy on our website.

PyPI: https://pypi.org/project/click/8.4.0/ Changes: https://click.palletsprojects.com/page/changes/#version-8-4-0 Milestone https://github.com/pallets/click/milestone/30

• ParamType typing improvements. #3371

  • :class:ParamType is now a generic abstract base class, parameterized by its converted value type.
  • :meth:~ParamType.convert return types are narrowed on all concrete types (str for :class:STRING, int for :class:INT, etc.).
  • :meth:~ParamType.to_info_dict returns specific :class:~typing.TypedDict subclasses instead of dict[str, Any].
  • :class:CompositeParamType and the number-range base are now generic with abstract methods.

• Refactor convert_type to extract type inference into a private _guess_type helper, and add :func:typing.overload signatures. #3372

• Parameter typing improvements. #2805

  • :class:Parameter is now an abstract base class, making explicit that it cannot be instantiated directly.
  • :attr:Parameter.name is now str instead of str | None. When expose_value=False, the name is set to "" instead of None.
  • The ctx parameter of :meth:Parameter.get_error_hint is now typed as Context | None, matching the runtime behavior.

• Split string values from default_map for parameters with nargs > 1 or :class:Tuple type, matching environment variable behavior. #2745 #3364

• Auto-detect type=UNPROCESSED for flag_value of non-basic types (not str, int, float, or bool), so programmer-provided Python objects like classes and enum members are passed through unchanged instead of being stringified. Previously type=click.UNPROCESSED had to be set explicitly. #2012 #3363

• The error hint now uses Command.get_help_option_names to pick non-shadowed help option names, so Try '... -h' no longer points to a subcommand option that shadows -h. All surviving names are shown (-h/--help). #2790 #3208

• Fix readline functionality on non-Windows platforms. Prompt text is now passed directly to readline instead of being printed separately, allowing proper backspace, line editing, and line wrapping behavior. #2968

... (truncated)

Changelog

Sourced from click's changelog.

Version 8.4.0

Released 2026-05-17

• :class:ParamType typing improvements. :pr:3371

  • :class:ParamType is now a generic abstract base class, parameterized by its converted value type.
  • :meth:~ParamType.convert return types are narrowed on all concrete types (str for :class:STRING, int for :class:INT, etc.).
  • :meth:~ParamType.to_info_dict returns specific :class:~typing.TypedDict subclasses instead of dict[str, Any].
  • :class:CompositeParamType and the number-range base are now generic with abstract methods.

• Refactor convert_type to extract type inference into a private _guess_type helper, and add :func:typing.overload signatures. :pr:3372

• :class:Parameter typing improvements. :pr:2805

  • :class:Parameter is now an abstract base class, making explicit that it cannot be instantiated directly.
  • :attr:Parameter.name is now str instead of str | None. When expose_value=False, the name is set to "" instead of None.
  • The ctx parameter of :meth:Parameter.get_error_hint is now typed as Context | None, matching the runtime behavior.

• Split string values from default_map for parameters with nargs > 1 or :class:Tuple type, matching environment variable behavior. :issue:2745 :pr:3364

• Auto-detect type=UNPROCESSED for flag_value of non-basic types (not str, int, float, or bool), so programmer-provided Python objects like classes and enum members are passed through unchanged instead of being stringified. Previously type=click.UNPROCESSED had to be set explicitly. :issue:2012 :pr:3363

• The error hint now uses :meth:Command.get_help_option_names to pick non-shadowed help option names, so Try '... -h' no longer points to a subcommand option that shadows -h. All surviving names are shown (-h/--help). :issue:2790 :pr:3208

• Fix readline functionality on non-Windows platforms. Prompt text is now passed directly to readline instead of being printed separately, allowing proper backspace, line editing, and line wrapping behavior. :issue:2968 :pr:2969

• Use :func:os.startfile on Windows to open URLs in :func:open_url, replacing the start built-in which cannot be invoked without shell=True. :issue:3164 :pr:3186

• Fix Fish shell completion errors when option help text contains newlines. :issue:3043 :pr:3126

... (truncated)

Commits

• 41f410f Release 8.4.0
• e3e69e3 Add type annotations for instance attributes in utils (#3422)
• 3bb230d WIP: Fix HelpFormatter.write_usage producing spurious characters (#3434)
• 63274a7 click.get_pager_file: add tests (#1572 followup) (#3405)
• 0551bf5 Fix HelpFormatter.write_usage producing spurious characters
• fc41aa1 Apply class-body annotations to KeepOpenFile for consistency
• b761eda Skip some tests on Windows
• 98302ac Check PAGER usage, color preservation and edge-cases
• dbdae17 Fix documentation
• 1aa2d53 Redesigned tests and get_pager_file branching to be more clear and not set color
• Additional commits viewable in compare view

Updates dnspython from 2.7.0 to 2.8.0

Release notes

Sourced from dnspython's releases.

dnspython 2.8.0

See What's New for details.

The minimum supported version of Python is 3.10.

My thanks to the many people who have contributed to this release. Also thanks to my co-maintainers: Tomáš Křížek, Petr Špaček, and Brian Wellington.

This release was published to PyPI using Trusted Publishing.

Changelog

Sourced from dnspython's changelog.

2.8.0

• dns/btreezone.py provides another zone versioned implementation built on top of a B-tree. It maintains DNSSEC sort order, labels nodes as delegation points or glue, and can find the "bounds" of a name (useful for DNSSEC responses).

• dns/query.py now provides make_socket(), make_ssl_socket(), and make_ssl_context() to make using persistent connections with the query code easier.

• dns/win32util.py now supports explicitly setting the configuration method used to get system dns info, using the set_config_method() function. There is a new configuration method that uses the Win32 API, which can be set using set_config_method(ConfigMethod.Win32). We are considering making the Win32 API the default in the future as we believe it to be the most accurate. Any feedback on it compared to the other methods is welcome.

• The DSYNC record is now supported. This type is still in draft stage at the IETF and is subject to change.

• The minimum supported Python version is now 3.10.

Commits

• 77fd94c 2.8.0 versioning
• 884f383 update 2.8 branch workflows
• 1938fe3 update 2.8 branch workflows
• a35d692 2.8.0rc1 prep
• c862baa 2.8.0rc1 prep
• 0945d59 more lint
• 8fa6766 lint
• 6416335 Type syntax (#1218)
• a459144 lint
• a0d5f17 fix the all entries
• Additional commits viewable in compare view

Updates ecdsa from 0.19.1 to 0.19.2

Release notes

Sourced from ecdsa's releases.

0.19.2

Bug fixes:

• Fix CVE-2026-33936, a DER parsing issue in remove_octet_string(), remove_constructed(), and remove_implitic() where a truncated buffer wasn't detected. This can lead to high level functions, like SigningKey.from_der() to raise unexpected exceptions. (Mohamed Abdelaal (0xmrma))

Maintenance:

• Update CI to use newer version of Ubuntu.

Changelog

Sourced from ecdsa's changelog.

• Release 0.19.2 (26 Mar 2026)

Bug fixes:

• Fix CVE-2026-33936, a DER parsing issue in remove_octet_string(), remove_constructed(), and remove_implitic() where a truncated buffer wasn't detected. This can lead to high level functions, like SigningKey.from_der() to raise unexpected exceptions. (Mohamed Abdelaal (0xmrma))

Maintenance:

• Update CI to use newer version of Ubuntu.

• Release 0.19.1 (13 Mar 2025)

New API:

• der.remove_implitic and der.encode_implicit for decoding and encoding DER IMPLICIT values with custom tag values and arbitrary classes

Bug fixes:

• Minor fixes around arithmetic with curves that have non-prime order (useful for experimentation, not practical deployments)
• Fix arithmetic to work with curves that have (0, 0) on the curve
• Fix canonicalization of signatures when s is just slightly above half of curve order

Maintenance:

• Dropped official support for Python 3.5 (again, issues with CI, support for Python 2.6 and Python 2.7 is unchanged)

• Officialy support Python 3.12 and 3.13 (add them to CI)

• Removal of few more unnecessary six.b literals (Alexandre Detiste)

• Fix typos in warning messages

• Release 0.19.0 (08 Apr 2024)

New API:

• to_ssh in VerifyingKey and SigningKey, supports Ed25519 keys only (Pablo Mazzini)

New features:

• Support for twisted Brainpool curves

Doc fix:

• Fix curve equation in glossary
• Documentation for signature encoding and signature decoding functions

Maintenance:

• Dropped official support for 3.3 and 3.4 (because of problems running them in CI, not because it's actually incompatible; support for 2.6 and 2.7 is

... (truncated)

Commits

• bd66899 Merge commit from fork
• 9c046ee tests: reject truncated DER lengths
• acc40fd der: reject truncated lengths in octet/implicit/constructed
• 55aca78 Merge pull request #363 from gstarovo/ubuntu20-deprecation
• c4f0df1 chore: change to ubuntu-22 since u-20 is deprecated
• See full diff in compare view

Updates exceptiongroup from 1.3.0 to 1.3.1

Release notes

Sourced from exceptiongroup's releases.

1.3.1

• Fixed AttributeError: 'TracebackException' object has no attribute 'exceptions' when formatting unpickled TBEs from another Python process which did not apply the exceptiongroup patches (#144)

Changelog

Sourced from exceptiongroup's changelog.

Version history

This library adheres to Semantic Versioning 2.0 <http://semver.org/>_.

UNRELEASED

• Fixed the repr() of exception groups being affected by mutation of the original exception sequence after construction ([#154](https://github.com/agronholm/exceptiongroup/issues/154) <https://github.com/agronholm/exceptiongroup/issues/154>_)

1.3.1

• Fixed AttributeError: 'TracebackException' object has no attribute 'exceptions' when formatting unpickled TBEs from another Python process which did not apply the exceptiongroup patches ([#144](https://github.com/agronholm/exceptiongroup/issues/144) <https://github.com/agronholm/exceptiongroup/issues/144>_)

1.3.0

• Added **kwargs to function and method signatures as appropriate to match the signatures in the standard library
• In line with the stdlib typings in typeshed, updated (Base)ExceptionGroup generic types to define defaults for their generic arguments (defaulting to BaseExceptionGroup[BaseException] and ExceptionGroup[Exception]) (PR by @​mikenerone)
• Changed BaseExceptionGroup.__init__() to directly call BaseException.__init__() instead of the superclass __init__() in order to emulate the CPython behavior (broken or not) (PR by @​cfbolz)
• Changed the exceptions attribute to always return the same tuple of exceptions, created from the original exceptions sequence passed to BaseExceptionGroup to match CPython behavior ([#143](https://github.com/agronholm/exceptiongroup/issues/143) <https://github.com/agronholm/exceptiongroup/issues/143>_)

1.2.2

• Removed an assert in exceptiongroup._formatting that caused compatibility issues with Sentry ([#123](https://github.com/agronholm/exceptiongroup/issues/123) <https://github.com/agronholm/exceptiongroup/issues/123>_)

1.2.1

• Updated the copying of __notes__ to match CPython behavior (PR by CF Bolz-Tereick)
• Corrected the type annotation of the exception handler callback to accept a BaseExceptionGroup instead of BaseException
• Fixed type errors on Python < 3.10 and the type annotation of suppress() (PR by John Litborn)

1.2.0

• Added special monkeypatching if Apport <https://github.com/canonical/apport>_ has

... (truncated)

Commits

• ddddb6f Added the release version
• 49c5e60 Fixed AttributeError when formatting unpickled TBEs from an unpatched process
• 1be517f [pre-commit.ci] pre-commit autoupdate (#152)
• af0ea2f [pre-commit.ci] pre-commit autoupdate (#149)
• 7c980a8 Removed pin on pyright version
• ef85336 Fixed typing job not finding Python 3.14
• 080b3f4 Pinned pyright version to fix typeshed related failure
• ac66090 Added Python 3.14 to the test matrix
• a0da94d Fixed test failures on Python 3.14
• See full diff in compare view

Updates fastapi from 0.115.14 to 0.128.1

Release notes

Sourced from fastapi's releases.

0.128.1

Features

• ✨ Add viewport meta tag to improve Swagger UI on mobile devices. PR #14777 by @​Joab0.
• 🚸 Improve error message for invalid query parameter type annotations. PR #14479 by @​retwish.

Fixes

• 🐛 Update ValidationError schema to include input and ctx. PR #14791 by @​jonathan-fulton.
• 🐛 Fix TYPE_CHECKING annotations for Python 3.14 (PEP 649). PR #14789 by @​mgu.
• 🐛 Strip whitespaces from Authorization header credentials. PR #14786 by @​WaveTheory1.
• 🐛 Fix OpenAPI duplication of anyOf refs for app-level responses with specified content and model as Union. PR #14463 by @​DJMcoder.

Refactors

• 🎨 Tweak types for mypy. PR #14816 by @​tiangolo.
• 🏷️ Re-export IncEx type from Pydantic instead of duplicating it. PR #14641 by @​mvanderlee.
• 💡 Update comment for Pydantic internals. PR #14814 by @​tiangolo.

Docs

• 📝 Update docs for contributing translations, simplify title. PR #14817 by @​tiangolo.
• 📝 Fix typing issue in docs_src/app_testing/app_b code example. PR #14573 by @​timakaa.
• 📝 Fix example of license identifier in documentation. PR #14492 by @​johnson-earls.
• 📝 Add banner to translated pages. PR #14809 by @​YuriiMotov.
• 📝 Add links to related sections of docs to docstrings. PR #14776 by @​YuriiMotov.
• 📝 Update embedded code examples to Python 3.10 syntax. PR #14758 by @​YuriiMotov.
• 📝 Fix dependency installation command in docs/en/docs/contributing.md. PR #14757 by @​YuriiMotov.
• 📝 Use return type annotation instead of response_model when possible. PR #14753 by @​YuriiMotov.
• 📝 Use WSGIMiddleware from a2wsgi instead of deprecated fastapi.middleware.wsgi.WSGIMiddleware. PR #14756 by @​YuriiMotov.
• 📝 Fix minor typos in release notes. PR #14780 by @​whyvineet.
• 🐛 Fix copy button in custom.js. PR #14722 by @​fcharrier.
• 📝 Add contribution instructions about LLM generated code and comments and automated tools for PRs. PR #14706 by @​tiangolo.
• 📝 Update docs for management tasks. PR #14705 by @​tiangolo.
• 📝 Update docs about managing translations. PR #14704 by @​tiangolo.
• 📝 Update docs for contributing with translations. PR #14701 by @​tiangolo.
• 📝 Specify language code for code block. PR #14656 by @​YuriiMotov.

Translations

• 🌐 Improve LLM prompt of uk documentation. PR #14795 by @​roli2py.
• 🌐 Update translations for ja (update-outdated). PR #14588 by @​tiangolo.
• 🌐 Update translations for uk (update outdated, found by fixer tool). PR #14739 by @​YuriiMotov.
• 🌐 Update translations for tr (update-outdated). PR #14745 by @​tiangolo.
• 🌐 Update llm-prompt.md for Korean language. PR #14763 by @​seuthootDev.
• 🌐 Update translations for ko (update outdated, found by fixer tool). PR #14738 by @​YuriiMotov.
• 🌐 Update translations for de (update-outdated). PR #14690 by @​tiangolo.
• 🌐 Update LLM prompt for Russian translations. PR #14733 by @​YuriiMotov.
• 🌐 Update translations for ru (update-outdated). PR #14693 by @​tiangolo.
• 🌐 Update translations for pt (update-outdated). PR #14724 by @​tiangolo.

... (truncated)

Commits

• 1de0de5 🔖 Release version 0.128.1
• 734c95b 📝 Update release notes
• 84a5bcf ⬇️ Downgrade LLM translations model to GPT-5 to reduce mistakes (#14823)
• 0e06400 📝 Update release notes
• ad29e44 🌐 Improve LLM prompt of uk documentation (#14795)
• 71ceac2 📝 Update release notes
• b0e99d6 🌐 Update translations for ja (update-outdated) (#14588)
• cec4be0 📝 Update release notes
• aea6137 🐛 Fix translation script commit in place (#14818)
• fe5b617 📝 Update release notes
• Additional commits viewable in compare view

Updates greenlet from 3.2.4 to 3.5.0

Changelog

Sourced from greenlet's changelog.

3.5.0 (2026-04-27)

• Remove the atexit callback. This callback caused greenlet APIs to become unavailable far too soon during interpreter shutdown. Now they remain available while all atexit callbacks run. Sometime after Py_IsFinalizing becomes true, they may begin misbehaving. Because the order in which C extensions are finalized is undefined, C extensions that are sensitive to this need to check the results of that function before invoking greenlet APIs. As a convenience, PyGreenlet_GetCurrent sets an exception and returns NULL when this happens (and greenlet.getcurrent begins returning None); other greenlet C API functions have undefined behaviour. Methods invoked directly on pre-existing greenlet.greenlet objects will continue to function at least until the greenlet C extension has been garbage collected and finalized.

  See PR 508 <https://github.com/python-greenlet/greenlet/pull/508>_.

3.4.0 (2026-04-08)

• Publish binary wheels for RiscV 64.

• Fix multiple rare crash paths during interpreter shutdown.

  Note that this now relies on the atexit module, and introduces subtle API changes during interpreter shutdown (for example, getcurrent is no longer available once the atexit callback fires).

  See PR [#499](https://github.com/python-greenlet/greenlet/issues/499) <https://github.com/python-greenlet/greenlet/pull/499>_ by Nicolas Bouvrette.

• Address the results of an automated code audit performed by Daniel Diniz. This includes several minor correctness changes that theoretically could have been crashing bugs, but typically only in very rare circumstances.

  See PR 502 <https://github.com/python-greenlet/greenlet/pull/502>_.

• Fix several race conditions that could arise in free-threaded builds when using greenlet objects from multiple threads, some of which could lead to assertion failures or interpreter crashes.

  See issue 503 <https://github.com/python-greenlet/greenlet/issues/503>_, with thanks to Nitay Dariel and Daniel Diniz.

3.3.2 (2026-02-20)

... (truncated)

Commits

• c7acc72 Preparing release 3.5.0
• d08f99b CHANGES: Update link from #507 to more full description in #508.
• fd3391e Merge pull request #508 from python-greenlet/issue507-remove-atexit
• 004e1e9 Remove the atexit callback.
• b784a69 Back to development: 3.4.1
• df6734e Preparing release 3.4.0
• 0f86075 Merge pull request #504 from python-greenlet/freethreading-fixes
• 4596574 TLBC: crash appears to still happen on CI 3.14t ubuntu. Re-enable workaround.
• 2f4a1cf Make green_switch (python level greenlet.switch) and green_throw check for (p...
• a0c2a2a Fix unused variable warning when asserts are disabled.
• Additional commits viewable in compare view

Updates httptools from 0.6.4 to 0.7.1

Release notes

Sourced from httptools's releases.

v0.7.1

This is identical to 0.7.0 whose CI failed uploading

v0.7.0

Changes

• Modernize packaging and fix CI (#130) Drop Python 3.8, add Python 3.14 Use Cython 3.1.0 Bump llhttp to 9.3.0 (by @​ngoldbaum @​Carreau @​fantix in 59bf94fc for #129)

• Static Type-checking for httptools (#100) (by @​Vizonex @​KRRT7 in b55f5fe2 for #100)

Commits

• 26461da httptools 0.7.1
• cd7cab8 bump pypa/gh-action-pypi-publish to 1.13.0
• 96ac6ef allow releasing on 0.7.x
• b04ab82 httptools 0.7.0
• b55f5fe Static Type-checking for httptools (#100)
• 59bf94f Modernize packaging and fix CI (#130)
• 922f366 Post-release version bump
• See full diff in compare view

Updates httpx from 0.27.2 to 0.28.1

Release notes

Sourced from httpx's releases.

Version 0.28.1

0.28.1 (6th December, 2024)

• Fix SSL case where verify=False together with client side certificates.

Version 0.28.0

0.28.0 (28th November, 2024)

The 0.28 release includes a limited set of deprecations.

Deprecations:

We are working towards a simplified SSL configuration API.

For users of the standard verify=True or verify=False cases, or verify=<ssl_context> case this should require no changes. The following cases have been deprecated...

• The verify argument as a string argument is now deprecated and will raise warnings.
• The cert argument is now deprecated and will raise warnings.

Our revised SSL documentation covers how to implement the same behaviour with a more constrained API.

The following changes are also included:

• The deprecated proxies argument has now been removed.
• The deprecated app argument has now been removed.
• JSON request bodies use a compact representation. (#3363)
• Review URL percent escape sets, based on WHATWG spec. (#3371, #3373)
• Ensure certifi and httpcore are only imported if required. (#3377)
• Treat socks5h as a valid proxy scheme. (#3178)
• Cleanup Request() method signature in line with c...

  Description has been truncated

[cloudflare-workers-and-pages]

Deploying fba-bench-enterprise with    Cloudflare Pages

Latest commit:	e349d43
Status:	✅  Deploy successful!
Preview URL:	https://05bfd323.fba-bench-enterprise.pages.dev
Branch Preview URL:	https://dependabot-pip-python-depend-tab9.fba-bench-enterprise.pages.dev

View logs

[cloudflare-workers-and-pages]

Deploying with    Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status	Name	Latest Commit	Updated (UTC)
❌ Deployment failed View logs	fba	e349d43	May 18 2026, 01:41 PM