build(deps): bump the python group with 11 updates

[dependabot]

Bumps the python group with 11 updates:

Package	From	To
fastapi	0.114.0	0.115.0
uvicorn	0.30.6	0.31.0
redis	5.0.8	5.1.1
boto3-stubs	1.35.14	1.35.35
prometheus-client	0.20.0	0.21.0
mkdocs-material	9.5.34	9.5.39
pytest	8.3.2	8.3.3
hypothesis	6.112.0	6.112.4
pyright	1.1.379	1.1.383
black	24.8.0	24.10.0
ruff	0.6.4	0.6.9

Updates fastapi from 0.114.0 to 0.115.0

Release notes

Sourced from fastapi's releases.

0.115.0

Highlights

Now you can declare Query, Header, and Cookie parameters with Pydantic models. 🎉

Query Parameter Models

Use Pydantic models for Query parameters:

from typing import Annotated, Literal
from fastapi import FastAPI, Query
from pydantic import BaseModel, Field
app = FastAPI()
class FilterParams(BaseModel):
limit: int = Field(100, gt=0, le=100)
offset: int = Field(0, ge=0)
order_by: Literal["created_at", "updated_at"] = "created_at"
tags: list[str] = []
@​app.get("/items/")
async def read_items(filter_query: Annotated[FilterParams, Query()]):
return filter_query

Read the new docs: Query Parameter Models.

Header Parameter Models

Use Pydantic models for Header parameters:

from typing import Annotated
from fastapi import FastAPI, Header
from pydantic import BaseModel
app = FastAPI()
class CommonHeaders(BaseModel):
host: str
save_data: bool
if_modified_since: str | None = None
traceparent: str | None = None
</tr></table>

... (truncated)

Commits

• 40e33e4 🔖 Release version 0.115.0
• b36047b 📝 Update release notes
• 7eadeb6 📝 Update release notes
• 55035f4 ✨ Add support for Pydantic models for parameters using Query, Cookie, `He...
• 0903da7 📝 Update release notes
• 4b2b14a ⬆ [pre-commit.ci] pre-commit autoupdate (#12204)
• 35df20c 📝 Update release notes
• 8eb3c56 🌐 Add Portuguese translation for `docs/pt/docs/advanced/security/http-basic-a...
• 2ada161 🔖 Release version 0.114.2
• 3a5fd71 📝 Update release notes
• Additional commits viewable in compare view

Updates uvicorn from 0.30.6 to 0.31.0

Release notes

Sourced from uvicorn's releases.

Version 0.31.0

Added

Improve ProxyHeadersMiddleware (#2468) and (#2231):

• Fix the host for requests from clients running on the proxy server itself.
• Fallback to host that was already set for empty x-forwarded-for headers.
• Also allow specifying IP Networks as trusted hosts. This greatly simplifies deployments on docker swarm/Kubernetes, where the reverse proxy might have a dynamic IP.
  • This includes support for IPv6 Address/Networks.

---

Full Changelog: encode/uvicorn@0.30.6...0.31.0

Changelog

Sourced from uvicorn's changelog.

0.31.0 (2024-09-27)

Added

Improve ProxyHeadersMiddleware (#2468) and (#2231):

• Fix the host for requests from clients running on the proxy server itself.
• Fallback to host that was already set for empty x-forwarded-for headers.
• Also allow to specify IP Networks as trusted hosts. This greatly simplifies deployments on docker swarm/kubernetes, where the reverse proxy might have a dynamic IP.
  • This includes support for IPv6 Address/Networks.

Commits

• a507532 Version 0.31.0 (#2469)
• 84dd2c4 Improve ProxyHeadersMiddleware (#2468)
• 3d26ab4 Bump cryptography from 42.0.8 to 43.0.1 (#2453)
• 47304d9 Add tests and requirements.txt to sdist (#2438)
• 1cb0c32 Add missing init files in the test suite (#2432)
• See full diff in compare view

Updates redis from 5.0.8 to 5.1.1

Release notes

Sourced from redis's releases.

5.1.1

Changes

5.1.1

🐛 Bug Fixes

• Fixed return type for Redis Set commands to be Set instead of List (#3399)
• Fixed bug with partial Hiredis availability (#3400)
• Fixed bug with async pipeline and cluster fails with some commands (#3402)

5.1.0

🚀 New Features

• Client-side caching (#3350, #3110, #3102, #3099, #3089, #3038)

How to start with Client-side caching?

1. Install redis-py 5.1.0
2. Use the following code snippet:

r = Redis(protocol=3, cache_config=CacheConfig())
cache = r.get_cache()
r.set("foo", "bar")
get key from redis and save in local cache
print(r.get("foo"))
get key from local cache
print(cache.get(CacheKey(command="GET", redis_keys=("foo",))).cache_value)
change key in redis (cause invalidation)
r.set("foo", "barbar")
Retrieves a new value from server and cache it
print(r.get("foo"))
Make sure that new value was cached
print(cache.get(CacheKey(command="GET", redis_keys=("foo",))).cache_value)

Check documentation to get more examples

🔥 Breaking Changes

• Timeseries insertion filters for close samples (#3228)
• Enhanced classes string representation (#3001)
• Partial clean up of Python 3.7 compatibility (#2928)
• Handle Redis Set data type as Python list to avoid a limitations with nested dictionaries (#3324)

Contributors

We'd like to thank all the contributors who worked on this release!

@​vladvildanov @​dmaier-redislabs @​vineethvkumar @​ramchandra-st @​RafalBielickiIM @​jules-ch

... (truncated)

Commits

• 4b3a6d0 Updated package version (#3403)
• e20f354 Fix bug with async pipeline and cluster fails with some commands (#3402)
• aa22225 Fix bug with partial Hiredis availability (#3400)
• c31849c Fix bug with Redis Set commands returns List instead of Set (#3399)
• 7215a52 Updated package version (#3389)
• 2e46613 Client side caching refactoring (#3350)
• 7d73d74 DOC-4197: add TCEs to the geospatial query page (#3378)
• c7483b3 DOC-4196: add TCEs to the full-text query page (#3377)
• 64d4bb8 DOC-4194: add TCEs to the range query page (#3374)
• 0c8a986 DOC-4194: add TCEs to the exact match query page (#3372)
• Additional commits viewable in compare view

Updates boto3-stubs from 1.35.14 to 1.35.35

Commits

• See full diff in compare view

Updates prometheus-client from 0.20.0 to 0.21.0

Release notes

Sourced from prometheus-client's releases.

0.21.0 / 2024-09-20

What's Changed

[CHANGE] Reject invalid (not GET or OPTION) HTTP methods. #1019 [ENHANCEMENT] Allow writing metrics when holding a lock for the metric in the same thread. #1014 [BUGFIX] Check for and error on None label values. #1012 [BUGFIX] Fix timestamp comparison. #1038

Commits

• 3b183b4 Release 0.21.0
• 0014e97 Use re-entrant lock. (#1014)
• 7c45f84 Reject invalid HTTP methods and resources (#1019)
• 09a5ae3 Fix timestamp comparison (#1038)
• e364a96 Fix a typo in ASGI docs (#1036)
• eeec421 Pin python 3.8 and 3.9 at patch level (#1024)
• 7bc8cdd docs: correct link to multiprocessing docs (#1023)
• 4535ce0 Add sanity check for label value (#1012)
• See full diff in compare view

Updates mkdocs-material from 9.5.34 to 9.5.39

Release notes

Sourced from mkdocs-material's releases.

mkdocs-material-9.5.39

• Fixed #7226: not staying on page when using mike's canonical versioning

Thanks go to @​ilyagr for their contributions

mkdocs-material-9.5.38

• Added Albanian translations

Thanks go to @​gerardkraja for their contributions

mkdocs-material-9.5.37

• Added 4th and 5th level ordered list styles
• Fixed #7548: Tags have no spacing in search

mkdocs-material-9.5.36

• Fixed #7544: Social cards incorrectly rendering HTML entities
• Fixed #7542: Improved support for setting custom list styles

mkdocs-material-9.5.35

• Fixed #7498: Search not showing for Vietnamese language

Changelog

Sourced from mkdocs-material's changelog.

mkdocs-material-9.5.39+insiders-4.53.14 (2024-09-29)

• Fixed #7567: Empty headlines when using typeset plugin with anchorlinks

mkdocs-material-9.5.39 (2024-09-29)

• Fixed #7226: not staying on page when using mike's canonical versioning

mkdocs-material-9.5.38 (2024-09-26)

• Added Albanian translations

mkdocs-material-9.5.37 (2024-09-25)

• Added 4th and 5th level ordered list styles
• Fixed #7548: Tags have no spacing in search

mkdocs-material-9.5.36 (2024-09-21)

• Fixed #7544: Social cards incorrectly rendering HTML entities
• Fixed #7542: Improved support for setting custom list styles

mkdocs-material-9.5.35 (2024-09-18)

• Fixed #7498: Search not showing for Vietnamese language

mkdocs-material-9.5.34+insiders-4.53.13 (2024-09-14)

• Fixed #7520: Social plugin errors for generated files (MkDocs 1.6+)

mkdocs-material-9.5.34 (2024-08-31)

• Updated Mermaid.js to version 11 (latest)

mkdocs-material-9.5.33 (2024-08-23)

• Fixed #7453: Incorrect position of tooltip when sorting table

mkdocs-material-9.5.32 (2024-08-19)

• Fixed RXSS vulnerability via deep link in search results
• Added support for fetching latest release from GitLab

mkdocs-material-9.5.31+insiders-4.53.12 (2024-08-02)

• Fixed #7410: Instant previews jump on content tabs with anchor links
• Fixed #7408: Instant previews jump on content tabs

mkdocs-material-9.5.31 (2024-08-02)

... (truncated)

Commits

• 70db88f Prepare 9.5.39 release
• 187705e Updated dependencies
• 56fdb28 Adjusted code copy button documentation
• aeb9492 Fixed stay no page functionality when using mike's canonical versioning (#7559)
• 50a15be Updated link to step-by-step guide on YouTube
• 117250a Prepare 9.5.38 release
• 74ca234 Added Albanian translations
• 84ddbba Prepare 9.5.37 release
• fd98413 Documentation (#7557)
• 573d23d Updated dependencies
• Additional commits viewable in compare view

Updates pytest from 8.3.2 to 8.3.3

Release notes

Sourced from pytest's releases.

8.3.3

pytest 8.3.3 (2024-09-09)

Bug fixes

• #12446: Avoid calling @property (and other instance descriptors) during fixture discovery -- by asottile{.interpreted-text role="user"}

• #12659: Fixed the issue of not displaying assertion failure differences when using the parameter --import-mode=importlib in pytest>=8.1.

• #12667: Fixed a regression where type change in [ExceptionInfo.errisinstance]{.title-ref} caused [mypy]{.title-ref} to fail.

• #12744: Fixed typing compatibility with Python 3.9 or less -- replaced [typing.Self]{.title-ref} with [typing_extensions.Self]{.title-ref} -- by Avasam{.interpreted-text role="user"}

• #12745: Fixed an issue with backslashes being incorrectly converted in nodeid paths on Windows, ensuring consistent path handling across environments.

• #6682: Fixed bug where the verbosity levels where not being respected when printing the "msg" part of failed assertion (as in assert condition, msg).

• #9422: Fix bug where disabling the terminal plugin via -p no:terminal would cause crashes related to missing the verbose option.

  -- by GTowers1{.interpreted-text role="user"}

Improved documentation

• #12663: Clarify that the [pytest_deselected]{.title-ref} hook should be called from [pytest_collection_modifyitems]{.title-ref} hook implementations when items are deselected.
• #12678: Remove erroneous quotes from [tmp_path_retention_policy]{.title-ref} example in docs.

Miscellaneous internal changes

• #12769: Fix typos discovered by codespell and add codespell to pre-commit hooks.

Commits

• d0f136f build(deps): Bump pypa/gh-action-pypi-publish from 1.10.0 to 1.10.1 (#12790)
• 972f307 Prepare release version 8.3.3
• 0dabdcf Include co-authors in release announcement (#12795) (#12797)
• a9910a4 Do not discover properties when iterating fixtures (#12781) (#12788)
• 0f10b6b Fix issue with slashes being turned into backslashes on Windows (#12760) (#12...
• 300d13d Merge pull request #12785 from pytest-dev/patchback/backports/8.3.x/57cccf7f4...
• e5d32c7 Merge pull request #12784 from svenevs/fix/docs-example-parametrize-minor-typo
• bc913d1 Streamline checks for verbose option (#12706) (#12778)
• 01cfcc9 Fix typos and introduce codespell pre-commit hook (#12769) (#12774)
• 4873394 doc: Remove past training (#12772) (#12773)
• Additional commits viewable in compare view

Updates hypothesis from 6.112.0 to 6.112.4

Commits

• d13235a Bump hypothesis-python version to 6.112.4 and update changelog
• b186203 Merge pull request #4126 from Zac-HD/various-cleanups
• fa0d507 Improve patches for np.array
• 18cd732 deflake alt-backend test
• 30921f4 Conditionally skip flakey-on-pypy test
• 16821c4 Speed up use_true_random=True
• bfc994e deflake last tests
• f0385f8 Support git apply -p1 by default
• 08378fa Exclude invalid stateful rules faster
• 09308df Improve type annotations
• Additional commits viewable in compare view

Updates pyright from 1.1.379 to 1.1.383

Release notes

Sourced from pyright's releases.

v1.1.383

No release notes provided.

v1.1.382.post1

No release notes provided.

v1.1.382.post0

This release fixes a regression with nodeenv support in the v1.1.382 release

v1.1.382

No release notes provided.

v1.1.381

No release notes provided.

v1.1.380

No release notes provided.

Commits

• cd5d458 Pyright NPM Package update to 1.1.383 (#312)
• 74d0088 chore: release v1.1.382.post1 (#310)
• 1ce7b23 fix: avoid warning for .post versions (#309)
• c61cac8 chore: release v1.1.382.post0 (#307)
• f8e7383 CI: correct setup for nodeenv testing (#306)
• 276e381 fix: correct nodeenv environment (#305)
• 05e4563 Pyright NPM Package update to 1.1.382 (#303)
• 0bf95f9 refactor(internal): switch to src dir (#301)
• f4beb25 feat(cli): mention nodejs extra if nodeenv install fails
• e2d0748 feat: add support for nodejs-wheel
• Additional commits viewable in compare view

Updates black from 24.8.0 to 24.10.0

Release notes

Sourced from black's releases.

24.10.0

Highlights

• Black is now officially tested with Python 3.13 and provides Python 3.13 mypyc-compiled wheels. (#4436) (#4449)
• Black will issue an error when used with Python 3.12.5, due to an upstream memory safety issue in Python 3.12.5 that can cause Black's AST safety checks to fail. Please use Python 3.12.6 or Python 3.12.4 instead. (#4447)
• Black no longer supports running with Python 3.8 (#4452)

Stable style

• Fix crashes involving comments in parenthesised return types or X | Y style unions. (#4453)
• Fix skipping Jupyter cells with unknown %% magic (#4462)

Preview style

• Fix type annotation spacing between * and more complex type variable tuple (i.e. def fn(*args: *tuple[*Ts, T]) -> None: pass) (#4440)

Caching

• Fix bug where the cache was shared between runs with and without --unstable (#4466)

Packaging

• Upgrade version of mypyc used to 1.12 beta (#4450) (#4449)
• blackd now requires a newer version of aiohttp. (#4451)

Output

• Added Python target version information on parse error (#4378)
• Add information about Black version to internal error messages (#4457)

Changelog

Sourced from black's changelog.

24.10.0

Highlights

• Black is now officially tested with Python 3.13 and provides Python 3.13 mypyc-compiled wheels. (#4436) (#4449)
• Black will issue an error when used with Python 3.12.5, due to an upstream memory safety issue in Python 3.12.5 that can cause Black's AST safety checks to fail. Please use Python 3.12.6 or Python 3.12.4 instead. (#4447)
• Black no longer supports running with Python 3.8 (#4452)

Stable style

• Fix crashes involving comments in parenthesised return types or X | Y style unions. (#4453)
• Fix skipping Jupyter cells with unknown %% magic (#4462)

Preview style

• Fix type annotation spacing between * and more complex type variable tuple (i.e. def fn(*args: *tuple[*Ts, T]) -> None: pass) (#4440)

Caching

• Fix bug where the cache was shared between runs with and without --unstable (#4466)

Packaging

• Upgrade version of mypyc used to 1.12 beta (#4450) (#4449)
• blackd now requires a newer version of aiohttp. (#4451)

Output

• Added Python target version information on parse error (#4378)
• Add information about Black version to internal error messages (#4457)

Commits

• 1b2427a Prepare release 24.10.0 (#4471)
• a22b1eb Add mypyc 3.13 wheel build (#4449)
• b7d0e72 Bump AndreMiras/coveralls-python-action from 65c1672f0b8a201702d86c81b79187df...
• f1a2f92 Include --unstable in cache key (#4466)
• 8d9d18c Fix skipping Jupyter cells with unknown %% magic (#4462)
• bbfdba3 Fix docs CI: use venv for uv to fix 'failed to create directory' (#4460)
• 8fb2add Use builtin generics (#4458)
• 2a45cec Fix crashes with comments in parentheses (#4453)
• b4d6d86 Drop Python 3.8 support (#4452)
• ac018c1 Require newer aiohttp for blackd (#4451)
• Additional commits viewable in compare view

Updates ruff from 0.6.4 to 0.6.9

Release notes

Sourced from ruff's releases.

0.6.9

Release Notes

Preview features

• Fix codeblock dynamic line length calculation for indented docstring examples (#13523)
• [refurb] Mark FURB118 fix as unsafe (#13613)

Rule changes

• [pydocstyle] Don't raise D208 when last line is non-empty (#13372)
• [pylint] Preserve trivia (i.e. comments) in PLR5501 autofix (#13573)

Configuration

• [pyflakes] Add allow-unused-imports setting for unused-import rule (F401) (#13601)

Bug fixes

• Support ruff discovery in pip build environments (#13591)
• [flake8-bugbear] Avoid short circuiting B017 for multiple context managers (#13609)
• [pylint] Do not offer an invalid fix for PLR1716 when the comparisons contain parenthesis (#13527)
• [pyupgrade] Fix UP043 to apply to collections.abc.Generator and collections.abc.AsyncGenerator (#13611)
• [refurb] Fix handling of slices in tuples for FURB118, e.g., x[:, 1] (#13518)

Documentation

• Update GitHub Action link to astral-sh/ruff-action (#13551)

Install ruff 0.6.9

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/ruff/releases/download/0.6.9/ruff-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy ByPass -c "irm https://github.com/astral-sh/ruff/releases/download/0.6.9/ruff-installer.ps1 | iex"

Download ruff 0.6.9

File	Platform	Checksum
ruff-aarch64-apple-darwin.tar.gz	Apple Silicon macOS	checksum
ruff-x86_64-apple-darwin.tar.gz	Intel macOS	checksum
ruff-aarch64-pc-windows-msvc.zip	ARM64 Windows	checksum

... (truncated)

Changelog

Sourced from ruff's changelog.

0.6.9

Preview features

• Fix codeblock dynamic line length calculation for indented docstring examples (#13523)
• [refurb] Mark FURB118 fix as unsafe (#13613)

Rule changes

• [pydocstyle] Don't raise D208 when last line is non-empty (#13372)
• [pylint] Preserve trivia (i.e. comments) in PLR5501 autofix (#13573)

Configuration

• [pyflakes] Add allow-unused-imports setting for unused-import rule (F401) (#13601)

Bug fixes

• Support ruff discovery in pip build environments (#13591)
• [flake8-bugbear] Avoid short circuiting B017 for multiple context managers (#13609)
• [pylint] Do not offer an invalid fix for PLR1716 when the comparisons contain parenthesis (#13527)
• [pyupgrade] Fix UP043 to apply to collections.abc.Generator and collections.abc.AsyncGenerator (#13611)
• [refurb] Fix handling of slices in tuples for FURB118, e.g., x[:, 1] (#13518)

Documentation

• Update GitHub Action link to astral-sh/ruff-action (#13551)

0.6.8

Preview features

• Remove unnecessary parentheses around match case clauses (#13510)
• Parenthesize overlong if guards in match..case clauses (#13513)
• Detect basic wildcard imports in ruff analyze graph (#13486)
• [pylint] Implement boolean-chained-comparison (R1716) (#13435)

Rule changes

• [lake8-simplify] Detect SIM910 when using variadic keyword arguments, i.e., **kwargs (#13503)
• [pyupgrade] Avoid false negatives with non-reference shadowed bindings of loop variables (UP028) (#13504)

Bug fixes

• Detect tuples bound to variadic positional arguments i.e. *args (#13512)
• Exit gracefully on broken pipe errors (#13485)
• Avoid panic when analyze graph hits broken pipe (#13484)

Performance

... (truncated)

Commits

• 975be9c Bump version to 0.6.9 (#13624)
• 99e4566 Mark FURB118 fix as unsafe (#13613)
• 7ad07c2 Add allow-unused-imports setting for unused-import rule (F401) (#13601)
• 4aefe52 Support ruff discovery in pip build environments (#13591)
• cc1f766 Preserve trivia (i.e. comments) in PLR5501 (#13573)
• fdd0a22 Move to maintained mirror of prettier (#13592)
• 3728d5b [pyupgrade] Fix UP043 to apply to collections.abc.Generator and `collecti...
• 7e3894f Avoid short circuiting B017 for multiple context managers (#13609)
• c3b40da Use backticks for code in red-knot messages (#13599)
• ef45185 Allow users to provide custom diagnostic messages when unwrapping calls (#13597)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions