Bump the production-dependencies group with 9 updates

[dependabot]

Bumps the production-dependencies group with 9 updates:

Package	From	To
cryptography	43.0.3	44.0.0
pulumi-azure-native	2.73.1	2.74.0
pulumi	3.141.0	3.142.0
pydantic	2.10.1	2.10.2
pyjwt[crypto]	2.10.0	2.10.1
typer	0.13.1	0.14.0
pandas-stubs	2.2.3.241009	2.2.3.241126
ruff	0.8.0	0.8.1
pytest	8.3.3	8.3.4

Updates cryptography from 43.0.3 to 44.0.0

Changelog

Sourced from cryptography's changelog.

44.0.0 - 2024-11-27

* **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL < 3.9.
* Deprecated Python 3.7 support. Python 3.7 is no longer supported by the
  Python core team. Support for Python 3.7 will be removed in a future
  ``cryptography`` release.
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.0.
* macOS wheels are now built against the macOS 10.13 SDK. Users on older
  versions of macOS should upgrade, or they will need to build
  ``cryptography`` themselves.
* Enforce the :rfc:`5280` requirement that extended key usage extensions must
  not be empty.
* Added support for timestamp extraction to the
  :class:`~cryptography.fernet.MultiFernet` class.
* Relax the Authority Key Identifier requirements on root CA certificates
  during X.509 verification to allow fields permitted by :rfc:`5280` but
  forbidden by the CA/Browser BRs.
* Added support for :class:`~cryptography.hazmat.primitives.kdf.argon2.Argon2id`
  when using OpenSSL 3.2.0+.
* Added support for the :class:`~cryptography.x509.Admissions` certificate extension.
* Added basic support for PKCS7 decryption (including S/MIME 3.2) via
  :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_der`,
  :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_pem`, and
  :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_smime`.
.. _v43-0-3:

Commits

• f299a48 remove deprecated call (#12052)
• 439eb05 Bump version for 44.0.0 (#12051)
• 2c5ad4d chore(deps): bump maturin from 1.7.4 to 1.7.5 in /.github/requirements (#12050)
• d23968a chore(deps): bump libc from 0.2.165 to 0.2.166 (#12049)
• 133c0e0 Bump x509-limbo and/or wycheproof in CI (#12047)
• f2259d7 Bump BoringSSL and/or OpenSSL in CI (#12046)
• e201c87 fixed metadata in changelog (#12044)
• c6104cc Prohibit Python 3.9.0, 3.9.1 -- they have a bug that causes errors (#12045)
• d6cac75 Add support for decrypting S/MIME messages (#11555)
• b8e5bfd chore(deps): bump libc from 0.2.164 to 0.2.165 (#12042)
• Additional commits viewable in compare view

Updates pulumi-azure-native from 2.73.1 to 2.74.0

Release notes

Sourced from pulumi-azure-native's releases.

v2.74.0

Does the PR have any schema changes?

Looking good! No breaking changes found.

New resources:

• compute.GalleryInVMAccessControlProfile
• compute.GalleryInVMAccessControlProfileVersion

New functions:

• compute.getGalleryInVMAccessControlProfile
• compute.getGalleryInVMAccessControlProfileVersion

What's Changed

• Don't upload codecov data from autorest and release jobs by @​mikhailshilkov in pulumi/pulumi-azure-native#3725
• Fix cleaning of the .make directory by @​danielrbradley in pulumi/pulumi-azure-native#3727

Full Changelog: pulumi/pulumi-azure-native@v2.73.1...v2.74.0

Commits

• e9325d7 Automated SDK generation @ azure-rest-api-specs 5c9d5f957d76d9fea9c513f494660...
• 147ea9e Automated Pulumi/Pulumi upgrade (#3726)
• fd3945c Fix cleaning of the .make directory (#3727)
• 9003fb4 Don't upload codecov data from autorest and release jobs (#3725)
• See full diff in compare view

Updates pulumi from 3.141.0 to 3.142.0

Release notes

Sourced from pulumi's releases.

v3.142.0

3.142.0 (2024-11-26)

Features

• [cli] Reduce binary size by stripping debug information #17868

• [sdk/go] Add OutputWithDependencies #17856

• [sdk/java] Bump pulumi-java to 0.18.0

Bug Fixes

• [cli] Fix login --interactive when no accounts are in the credentials file #17860

• [cli/new] Fix new to work with local template directories again #17866

• [sdkgen/dotnet] Fix parameterized packages to have version.txt #17851

• [sdk/python] uv toolchain: preserve env-vars when executing uv command #17849

Changelog

Sourced from pulumi's changelog.

3.142.0 (2024-11-26)

Features

• [cli] Reduce binary size by stripping debug information #17868

• [sdk/go] Add OutputWithDependencies #17856

• [sdk/java] Bump pulumi-java to 0.18.0

Bug Fixes

• [cli] Fix login --interactive when no accounts are in the credentials file #17860

• [cli/new] Fix new to work with local template directories again #17866

• [sdkgen/dotnet] Fix parameterized packages to have version.txt #17851

• [sdk/python] uv toolchain: preserve env-vars when executing uv command #17849

Commits

• 1837a70 Prepare v3.142.0 release (#17870)
• 350cbf1 Bump pulumi-java to 0.18.0 (#17871)
• 705a2ae Revert "allow URLs without template for downloading git repos (#17824)" (#17866)
• faeaace Reduce binary size by stripping debug information (#17868)
• 7724f9c Fix login --interactive when no accounts are in the credentials file (#17860)
• 79ee5ac Add some examples and caveats for the Go SDK (#17865)
• bdf68ba Add OutputWithDependencies (#17856)
• bb9a80d Enable unsubscriptable-object rule for Python (#17843)
• 04174f5 Fix parameterised dotnet packages to have version.txt (#17851)
• 92eb4d4 Enable unused-import rule for Python (#17842)
• Additional commits viewable in compare view

Updates pydantic from 2.10.1 to 2.10.2

Release notes

Sourced from pydantic's releases.

v2.10.2 2024-11-26

What's Changed

Fixes

• Only evaluate FieldInfo annotations if required during schema building by @​Viicos in #10769
• Do not evaluate annotations for private fields by @​Viicos in #10962
• Support serialization as any for Secret types and Url types by @​sydney-runkle in #10947
• Fix type hint of Field.default to be compatible with Python 3.8 and 3.9 by @​Viicos in #10972
• Add hashing support for URL types by @​sydney-runkle in #10975
• Hide BaseModel.__replace__ definition from type checkers by @​Viicos in 10979

Full Changelog: pydantic/pydantic@v2.10.1...v2.10.2

Changelog

Sourced from pydantic's changelog.

v2.10.2 (2024-11-25)

GitHub release

What's Changed

Fixes

• Only evaluate FieldInfo annotations if required during schema building by @​Viicos in #10769
• Do not evaluate annotations for private fields by @​Viicos in #10962
• Support serialization as any for Secret types and Url types by @​sydney-runkle in #10947
• Fix type hint of Field.default to be compatible with Python 3.8 and 3.9 by @​Viicos in #10972
• Add hashing support for URL types by @​sydney-runkle in #10975
• Hide BaseModel.__replace__ definition from type checkers by @​Viicos in 10979

Commits

• fe32515 Prepare for v2.10.2 release (#10982)
• 226cfaf Hide BaseModel.__replace__ definition from type checkers (#10979)
• 02229a6 hashing support for urls (#10975)
• a9cf39c Fix type hint of Field.default to be compatible with Python 3.8 and 3.9 (#1...
• 869eafd Support serialization as any for Secret types and Url types (#10947)
• 7c0ed72 Do not evaluate annotations for private fields (#10962)
• d6fc7fc Only evaluate FieldInfo annotations if required during schema building (#10...
• See full diff in compare view

Updates pyjwt[crypto] from 2.10.0 to 2.10.1

Release notes

Sourced from pyjwt[crypto]'s releases.

2.10.1

Fixed

• Prevent partial matching of iss claim. Thanks @​fabianbadoi! (See: GHSA-75c5-xw7c-p5pm)

Full Changelog: jpadilla/pyjwt@2.10.0...2.10.1

Changelog

Sourced from pyjwt[crypto]'s changelog.

v2.10.1 <https://github.com/jpadilla/pyjwt/compare/2.10.0...2.10.1>__

Fixed

- Prevent partial matching of `iss` claim by @fabianbadoi in `GHSA-75c5-xw7c-p5pm <https://github.com/jpadilla/pyjwt/security/advisories/GHSA-75c5-xw7c-p5pm>`__

Commits

• 3ebbb22 fix lint
• 37748dc update changelog
• 33022c2 Merge commit from fork
• See full diff in compare view

Updates typer from 0.13.1 to 0.14.0

Release notes

Sourced from typer's releases.

0.14.0

Breaking Changes

• 🔥 Remove auto naming of groups added via add_typer based on the group's callback function name. PR #1052 by @​patrick91.

Before, it was supported to infer the name of a command group from the callback function name in the sub-app, so, in this code:

import typer
app = typer.Typer()
users_app = typer.Typer()
app.add_typer(users_app)
@​users_app.callback()
def users():  # <-- This was the inferred command group name
"""
Manage users in the app.
"""
@​users_app.command()
def create(name: str):
print(f"Creating user: {name}")

...the command group would be named users, based on the name of the function def users().

Now you need to set it explicitly:

import typer
app = typer.Typer()
users_app = typer.Typer()
app.add_typer(users_app, name="users")  # <-- Explicitly set the command group name
@​users_app.callback()
def users():
"""
Manage users in the app.
"""
@​users_app.command()
def create(name: str):
</tr></table>

... (truncated)

Changelog

Sourced from typer's changelog.

0.14.0

Breaking Changes

• 🔥 Remove auto naming of groups added via add_typer based on the group's callback function name. PR #1052 by @​patrick91.

Before, it was supported to infer the name of a command group from the callback function name in the sub-app, so, in this code:

import typer
app = typer.Typer()
users_app = typer.Typer()
app.add_typer(users_app)
@​users_app.callback()
def users():  # <-- This was the inferred command group name
"""
Manage users in the app.
"""
@​users_app.command()
def create(name: str):
print(f"Creating user: {name}")

...the command group would be named users, based on the name of the function def users().

Now you need to set it explicitly:

import typer
app = typer.Typer()
users_app = typer.Typer()
app.add_typer(users_app, name="users")  # <-- Explicitly set the command group name
@​users_app.callback()
def users():
"""
Manage users in the app.
"""
@​users_app.command()
</tr></table>

... (truncated)

Commits

• f5c0b8a 🔖 Release version 0.14.0
• 7015323 📝 Update release notes
• 35bad6a 📝 Update release notes
• 2d1a598 🔥 Remove auto naming of groups added via add_typer based on the group's cal...
• 45cbfcd 📝 Update release notes
• 8af0b48 ⬆ Bump pypa/gh-action-pypi-publish from 1.10.3 to 1.12.2 (#1043)
• 62525f2 📝 Update release notes
• be45e58 ⬆ Bump mkdocs-material from 9.5.44 to 9.5.46 (#1062)
• 740610f 📝 Update release notes
• 5fe79c2 ⬆ Bump ruff from 0.7.4 to 0.8.0 (#1059)
• Additional commits viewable in compare view

Updates pandas-stubs from 2.2.3.241009 to 2.2.3.241126

Commits

• 7f06ab1 Version 2.2.3.241126
• 4ac23d6 GH1043 Update _typing.pyi: add "cross" option to JoinHow (#1044)
• 02b0d7f GH1053 @ for DataFrame, eval in place for DataFrame, test migrations (#1054)
• c5eecf8 Change signature of StringMethods.rsplit to match pandas (#1056)
• facb30f GH1049 Deprecate Index and Grouper methods for 2.0 migration (#1050)
• d289ef5 Fix Series.rename_axis and DataFrame.rename_axis typing (#1048)
• 47fc9b6 GH1037 Remove na_sentinel from factorize methods (#1038)
• 70ee340 GH1045 Split overload of groupby on as_index for all cases (#1046)
• 03396ef Add @ operator type hints for Series (#1047)
• 92bd9cb GH1033 Add overloads of engine for pd.read_json (#1035)
• Additional commits viewable in compare view

Updates ruff from 0.8.0 to 0.8.1

Release notes

Sourced from ruff's releases.

0.8.1

Release Notes

Preview features

• Formatter: Avoid invalid syntax for format-spec with quotes for all Python versions (#14625)
• Formatter: Consider quotes inside format-specs when choosing the quotes for an f-string (#14493)
• Formatter: Do not consider f-strings with escaped newlines as multiline (#14624)
• Formatter: Fix f-string formatting in assignment statement (#14454)
• Formatter: Fix unnecessary space around power operator (**) in overlong f-string expressions (#14489)
• [airflow] Avoid implicit schedule argument to DAG and @dag (AIR301) (#14581)
• [flake8-builtins] Exempt private built-in modules (A005) (#14505)
• [flake8-pytest-style] Fix pytest.mark.parametrize rules to check calls instead of decorators (#14515)
• [flake8-type-checking] Implement runtime-cast-value (TC006) (#14511)
• [flake8-type-checking] Implement unquoted-type-alias (TC007) and quoted-type-alias (TC008) (#12927)
• [flake8-use-pathlib] Recommend Path.iterdir() over os.listdir() (PTH208) (#14509)
• [pylint] Extend invalid-envvar-default to detect os.environ.get (PLW1508) (#14512)
• [pylint] Implement len-test (PLC1802) (#14309)
• [refurb] Fix bug where methods defined using lambdas were flagged by FURB118 (#14639)
• [ruff] Auto-add r prefix when string has no backslashes for unraw-re-pattern (RUF039) (#14536)
• [ruff] Implement invalid-assert-message-literal-argument (RUF040) (#14488)
• [ruff] Implement unnecessary-nested-literal (RUF041) (#14323)
• [ruff] Implement unnecessary-regular-expression (RUF055) (#14659)

Rule changes

• Ignore more rules for stub files (#14541)
• [pep8-naming] Eliminate false positives for single-letter names (N811, N814) (#14584)
• [pyflakes] Avoid false positives in @no_type_check contexts (F821, F722) (#14615)
• [ruff] Detect redirected-noqa in file-level comments (RUF101) (#14635)
• [ruff] Mark fixes for unsorted-dunder-all and unsorted-dunder-slots as unsafe when there are complex comments in the sequence (RUF022, RUF023) (#14560)

Bug fixes

• Avoid fixing code to None | None for redundant-none-literal (PYI061) and never-union (RUF020) (#14583, #14589)
• [flake8-bugbear] Fix mutable-contextvar-default to resolve annotated function calls properly (B039) (#14532)
• [flake8-pyi, ruff] Fix traversal of nested literals and unions (PYI016, PYI051, PYI055, PYI062, RUF041) (#14641)
• [flake8-pyi] Avoid rewriting invalid type expressions in unnecessary-type-union (PYI055) (#14660)
• [flake8-type-checking] Avoid syntax errors and type checking problem for quoted annotations autofix (TC003, TC006) (#14634)
• [pylint] Do not wrap function calls in parentheses in the fix for unnecessary-dunder-call (PLC2801) (#14601)
• [ruff] Handle attrs's auto_attribs correctly (RUF009) (#14520)

Contributors

• @​AlexWaygood
• @​Daverball
• @​Glyphack
• @​InSyncWithFoo
• @​Lokejoke
• @​MichaReiser
• @​cake-monotone

... (truncated)

Changelog

Sourced from ruff's changelog.

0.8.1

Preview features

• Formatter: Avoid invalid syntax for format-spec with quotes for all Python versions (#14625)
• Formatter: Consider quotes inside format-specs when choosing the quotes for an f-string (#14493)
• Formatter: Do not consider f-strings with escaped newlines as multiline (#14624)
• Formatter: Fix f-string formatting in assignment statement (#14454)
• Formatter: Fix unnecessary space around power operator (**) in overlong f-string expressions (#14489)
• [airflow] Avoid implicit schedule argument to DAG and @dag (AIR301) (#14581)
• [flake8-builtins] Exempt private built-in modules (A005) (#14505)
• [flake8-pytest-style] Fix pytest.mark.parametrize rules to check calls instead of decorators (#14515)
• [flake8-type-checking] Implement runtime-cast-value (TC006) (#14511)
• [flake8-type-checking] Implement unquoted-type-alias (TC007) and quoted-type-alias (TC008) (#12927)
• [flake8-use-pathlib] Recommend Path.iterdir() over os.listdir() (PTH208) (#14509)
• [pylint] Extend invalid-envvar-default to detect os.environ.get (PLW1508) (#14512)
• [pylint] Implement len-test (PLC1802) (#14309)
• [refurb] Fix bug where methods defined using lambdas were flagged by FURB118 (#14639)
• [ruff] Auto-add r prefix when string has no backslashes for unraw-re-pattern (RUF039) (#14536)
• [ruff] Implement invalid-assert-message-literal-argument (RUF040) (#14488)
• [ruff] Implement unnecessary-nested-literal (RUF041) (#14323)
• [ruff] Implement unnecessary-regular-expression (RUF055) (#14659)

Rule changes

• Ignore more rules for stub files (#14541)
• [pep8-naming] Eliminate false positives for single-letter names (N811, N814) (#14584)
• [pyflakes] Avoid false positives in @no_type_check contexts (F821, F722) (#14615)
• [ruff] Detect redirected-noqa in file-level comments (RUF101) (#14635)
• [ruff] Mark fixes for unsorted-dunder-all and unsorted-dunder-slots as unsafe when there are complex comments in the sequence (RUF022, RUF023) (#14560)

Bug fixes

• Avoid fixing code to None | None for redundant-none-literal (PYI061) and never-union (RUF020) (#14583, #14589)
• [flake8-bugbear] Fix mutable-contextvar-default to resolve annotated function calls properly (B039) (#14532)
• [flake8-pyi, ruff] Fix traversal of nested literals and unions (PYI016, PYI051, PYI055, PYI062, RUF041) (#14641)
• [flake8-pyi] Avoid rewriting invalid type expressions in unnecessary-type-union (PYI055) (#14660)
• [flake8-type-checking] Avoid syntax errors and type checking problem for quoted annotations autofix (TC003, TC006) (#14634)
• [pylint] Do not wrap function calls in parentheses in the fix for unnecessary-dunder-call (PLC2801) (#14601)
• [ruff] Handle attrs's auto_attribs correctly (RUF009) (#14520)

Commits

• b3b2c98 Update CHANGELOG.md with the new commits for 0.8.1 (#14664)
• abb3c6e [flake8-pyi] Avoid rewriting invalid type expressions in `unnecessary-type-...
• 224fe75 [ruff] Implement unnecessary-regular-expression (RUF055) (#14659)
• dc29f52 [flake8-pyi, ruff] Fix traversal of nested literals and unions (PYI016,...
• d9cbf2f Avoids unnecessary overhead for TC004, when TC001-003 are disabled (#14657)
• 3f6c65e [red-knot] Fix merged type after if-else without explicit else branch (#14621)
• 976c37a Bump version to 0.8.1 (#14655)
• a378ff3 [red-knot] Fix Boolean flags in mdtests (#14654)
• d8bca0d Fix bug where methods defined using lambdas were flagged by FURB118 (#14639)
• 6f1cf5b [red-knot] Minor fix in MRO tests (#14652)
• Additional commits viewable in compare view

Updates pytest from 8.3.3 to 8.3.4

Release notes

Sourced from pytest's releases.

8.3.4

pytest 8.3.4 (2024-12-01)

Bug fixes

• #12592: Fixed KeyError{.interpreted-text role="class"} crash when using --import-mode=importlib in a directory layout where a directory contains a child directory with the same name.

• #12818: Assertion rewriting now preserves the source ranges of the original instructions, making it play well with tools that deal with the AST, like executing.

• #12849: ANSI escape codes for colored output now handled correctly in pytest.fail{.interpreted-text role="func"} with [pytrace=False]{.title-ref}.

• #9353: pytest.approx{.interpreted-text role="func"} now uses strict equality when given booleans.

Improved documentation

• #10558: Fix ambiguous docstring of pytest.Config.getoption{.interpreted-text role="func"}.

• #10829: Improve documentation on the current handling of the --basetemp option and its lack of retention functionality (temporary directory location and retention{.interpreted-text role="ref"}).

• #12866: Improved cross-references concerning the recwarn{.interpreted-text role="fixture"} fixture.

• #12966: Clarify filterwarnings{.interpreted-text role="ref"} docs on filter precedence/order when using multiple @pytest.mark.filterwarnings <pytest.mark.filterwarnings ref>{.interpreted-text role="ref"} marks.

Contributor-facing changes

• #12497: Fixed two failing pdb-related tests on Python 3.13.

Commits

• 53f8b4e Update pypa/gh-action-pypi-publish to v1.12.2
• 98dff36 Prepare release version 8.3.4
• 1b474e2 approx: use exact comparison for bool (#13013)
• b541721 docs: Fix wrong statement about sys.modules with importlib import mode (#1298...
• 16cb87b pytest.fail: fix ANSI escape codes for colored output (#12959) (#12990)
• be6bc81 Issue #12966 Clarify filterwarnings docs on precedence when using multiple ma...
• 7aeb72b Improve docs on basetemp and retention (#12912) (#12928)
• c875841 Merge pull request #12917 from pytest-dev/patchback/backports/8.3.x/ded1f44e5...
• 6502816 Merge pull request #12913 from jakkdl/dontfailonbadpath
• 52135b0 Merge pull request #12885 from The-Compiler/pdb-py311 (#12887)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml

[github-actions]

Coverage report

This PR does not seem to contain any modification to coverable code.