Bump the python-packages group across 1 directory with 4 updates

[dependabot]

Bumps the python-packages group with 4 updates in the /plotting-service directory: fastapi[all], uvicorn, pyjwt and ruff.

Updates fastapi[all] from 0.129.0 to 0.135.1

Release notes

Sourced from fastapi[all]'s releases.

0.135.1

Fixes

• 🐛 Fix, avoid yield from a TaskGroup, only as an async context manager, closed in the request async exit stack. PR #15038 by @​tiangolo.

Docs

• ✏️ Fix typo in docs/en/docs/_llm-test.md. PR #15007 by @​adityagiri3600.
• 📝 Update Skill, optimize context, trim and refactor into references. PR #15031 by @​tiangolo.

Internal

• 👥 Update FastAPI People - Experts. PR #15037 by @​tiangolo.
• 👥 Update FastAPI People - Contributors and Translators. PR #15029 by @​tiangolo.
• 👥 Update FastAPI GitHub topic repositories. PR #15036 by @​tiangolo.

0.135.0

Features

• ✨ Add support for Server Sent Events. PR #15030 by @​tiangolo.
  • New docs: Server-Sent Events (SSE).

0.134.0

Features

• ✨ Add support for streaming JSON Lines and binary data with yield. PR #15022 by @​tiangolo.
  • This also upgrades Starlette from >=0.40.0 to >=0.46.0, as it's needed to properly unrwap and re-raise exceptions from exception groups.
  • New docs: Stream JSON Lines.
  • And new docs: Stream Data.

Docs

• 📝 Update Library Agent Skill with streaming responses. PR #15024 by @​tiangolo.
• 📝 Update docs for responses and new stream with yield. PR #15023 by @​tiangolo.
• 📝 Add await in StreamingResponse code example to allow cancellation. PR #14681 by @​casperdcl.
• 📝 Rename docs_src/websockets to docs_src/websockets_ to avoid import errors. PR #14979 by @​YuriiMotov.

Internal

• 🔨 Run tests with pytest-xdist and pytest-cov. PR #14992 by @​YuriiMotov.

0.133.1

Features

• 🔧 Add FastAPI Agent Skill. PR #14982 by @​tiangolo.
  • Read more about it in Library Agent Skills.

Internal

• ✅ Fix all tests are skipped on Windows. PR #14994 by @​YuriiMotov.

... (truncated)

Commits

• ca5f60e 🔖 Release version 0.135.1
• 87f75aa 📝 Update release notes
• 8a9258b 🐛 Fix, avoid yield from a TaskGroup, only as an async context manager, closed...
• 6038507 📝 Update release notes
• c796ba4 👥 Update FastAPI People - Experts (#15037)
• b24aa03 📝 Update release notes
• 2c61047 ✏️ Fix typo in docs/en/docs/_llm-test.md (#15007)
• e3bbeef 📝 Update release notes
• d726c8c 📝 Update release notes
• cf514e6 👥 Update FastAPI People - Contributors and Translators (#15029)
• Additional commits viewable in compare view

Updates uvicorn from 0.40.0 to 0.41.0

Release notes

Sourced from uvicorn's releases.

Version 0.41.0

Added

• Add --limit-max-requests-jitter to stagger worker restarts (#2707)
• Add socket path to scope["server"] (#2561)

Changed

• Rename LifespanOn.error_occured to error_occurred (#2776)

Fixed

• Ignore permission denied errors in watchfiles reloader (#2817)
• Ensure lifespan shutdown runs when should_exit is set during startup (#2812)
• Reduce the log level of 'request limit exceeded' messages (#2788)

---

New Contributors

• @​t-kawasumi made their first contribution in Kludex/uvicorn#2776
• @​fardyn made their first contribution in Kludex/uvicorn#2800
• @​ewie made their first contribution in Kludex/uvicorn#2807
• @​shevron made their first contribution in Kludex/uvicorn#2788
• @​jonashaag made their first contribution in Kludex/uvicorn#2707

---

Full Changelog: Kludex/uvicorn@0.40.0...0.41.0

Changelog

Sourced from uvicorn's changelog.

0.41.0 (February 16, 2026)

Added

• Add --limit-max-requests-jitter to stagger worker restarts (#2707)
• Add socket path to scope["server"] (#2561)

Changed

• Rename LifespanOn.error_occured to error_occurred (#2776)

Fixed

• Ignore permission denied errors in watchfiles reloader (#2817)
• Ensure lifespan shutdown runs when should_exit is set during startup (#2812)
• Reduce the log level of 'request limit exceeded' messages (#2788)

Commits

• 9283c0f Version 0.41.0 (#2821)
• a01a33e Add --limit-max-requests-jitter to stagger worker restarts (#2707)
• 2ce65bd Ignore permission denied errors in watchfiles reloader (#2817)
• 654f2ed Ensure lifespan shutdown runs when should_exit is set during startup (#2812)
• a03d9f6 Reduce the log level of 'request limit exceeded' messages (#2788)
• e377de4 Add socket path to scope["server"] (#2561)
• 0779f7f Poll for readiness in test_multiprocess_health_check and run_server (#2816)
• 7e9ce2c Poll for PID changes in test_multiprocess_sighup instead of fixed sleep (#2...
• 99f0d87 Fix grep warning in scripts/sync-version (#2807)
• 7ae2e63 chore(deps): bump the python-packages group with 18 updates (#2801)
• Additional commits viewable in compare view

Updates pyjwt from 2.11.0 to 2.12.0

Release notes

Sourced from pyjwt's releases.

2.12.0

Security

• Validate the crit (Critical) Header Parameter defined in RFC 7515 §4.1.11. by @​dmbs335 in GHSA-752w-5fwx-jx9f

What's Changed

• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci[bot] in jpadilla/pyjwt#1132
• chore(docs): fix docs build by @​tamird in jpadilla/pyjwt#1137
• Annotate PyJWKSet.keys for pyright by @​tamird in jpadilla/pyjwt#1134
• fix: close HTTPError to prevent ResourceWarning on Python 3.14 by @​veeceey in jpadilla/pyjwt#1133
• chore: remove superfluous constants by @​tamird in jpadilla/pyjwt#1136
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci[bot] in jpadilla/pyjwt#1135
• chore(tests): enable mypy by @​tamird in jpadilla/pyjwt#1138
• Bump actions/download-artifact from 7 to 8 by @​dependabot[bot] in jpadilla/pyjwt#1142
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci[bot] in jpadilla/pyjwt#1141
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci[bot] in jpadilla/pyjwt#1145
• fix: do not store reference to algorithms dict on PyJWK by @​akx in jpadilla/pyjwt#1143
• Use PyJWK algorithm when encoding without explicit algorithm by @​jpadilla in jpadilla/pyjwt#1148

New Contributors

• @​tamird made their first contribution in jpadilla/pyjwt#1137
• @​veeceey made their first contribution in jpadilla/pyjwt#1133

Full Changelog: jpadilla/pyjwt@2.11.0...2.12.0

Changelog

Sourced from pyjwt's changelog.

v2.12.0 <https://github.com/jpadilla/pyjwt/compare/2.11.0...2.12.0>__

Fixed

- Annotate PyJWKSet.keys for pyright by @tamird in `[#1134](https://github.com/jpadilla/pyjwt/issues/1134) <https://github.com/jpadilla/pyjwt/pull/1134>`__
- Close ``HTTPError`` response to prevent ``ResourceWarning`` on Python 3.14 by @veeceey in `[#1133](https://github.com/jpadilla/pyjwt/issues/1133) <https://github.com/jpadilla/pyjwt/pull/1133>`__
- Do not keep ``algorithms`` dict in PyJWK instances by @akx in `[#1143](https://github.com/jpadilla/pyjwt/issues/1143) <https://github.com/jpadilla/pyjwt/pull/1143>`__
- Validate the crit (Critical) Header Parameter defined in RFC 7515 §4.1.11. by @dmbs335 in `GHSA-752w-5fwx-jx9f <https://github.com/jpadilla/pyjwt/security/advisories/GHSA-752w-5fwx-jx9f>`__
- Use PyJWK algorithm when encoding without explicit algorithm in `[#1148](https://github.com/jpadilla/pyjwt/issues/1148) <https://github.com/jpadilla/pyjwt/pull/1148>`__
Added

• Docs: Add PyJWKClient API reference and document the two-tier caching system (JWK Set cache and signing key LRU cache).

Commits

• bd9700c Use PyJWK algorithm when encoding without explicit algorithm (#1148)
• 051ea34 Merge commit from fork
• 1451d70 fix: do not store reference to algorithms dict on PyJWK (#1143)
• f3ba74c [pre-commit.ci] pre-commit autoupdate (#1145)
• 0318ffa [pre-commit.ci] pre-commit autoupdate (#1141)
• a52753d Bump actions/download-artifact from 7 to 8 (#1142)
• b85050f chore(tests): enable mypy (#1138)
• 1272b26 [pre-commit.ci] pre-commit autoupdate (#1135)
• 99a8728 chore: remove superfluous constants (#1136)
• 412cb67 fix: close HTTPError to prevent ResourceWarning on Python 3.14 (#1133)
• Additional commits viewable in compare view

Updates ruff from 0.15.1 to 0.15.5

Release notes

Sourced from ruff's releases.

0.15.5

Release Notes

Released on 2026-03-05.

Preview features

• Discover Markdown files by default in preview mode (#23434)
• [perflint] Extend PERF102 to comprehensions and generators (#23473)
• [refurb] Fix FURB101 and FURB103 false positives when I/O variable is used later (#23542)
• [ruff] Add fix for none-not-at-end-of-union (RUF036) (#22829)
• [ruff] Fix false positive for re.split with empty string pattern (RUF055) (#23634)

Bug fixes

• [fastapi] Handle callable class dependencies with __call__ method (FAST003) (#23553)
• [pydocstyle] Fix numpy section ordering (D420) (#23685)
• [pyflakes] Fix false positive for names shadowing re-exports (F811) (#23356)
• [pyupgrade] Avoid inserting redundant None elements in UP045 (#23459)

Documentation

• Document extension mapping for Markdown code formatting (#23574)
• Update default Python version examples (#23605)

Other changes

• Publish releases to Astral mirror (#23616)

Contributors

• @​amyreese
• @​stakeswky
• @​chirizxc
• @​anishgirianish
• @​bxff
• @​zsol
• @​charliermarsh
• @​ntBre
• @​kar-ganap

Install ruff 0.15.5

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/ruff/releases/download/0.15.5/ruff-installer.sh | sh

Install prebuilt binaries via powershell script

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.5

Released on 2026-03-05.

Preview features

• Discover Markdown files by default in preview mode (#23434)
• [perflint] Extend PERF102 to comprehensions and generators (#23473)
• [refurb] Fix FURB101 and FURB103 false positives when I/O variable is used later (#23542)
• [ruff] Add fix for none-not-at-end-of-union (RUF036) (#22829)
• [ruff] Fix false positive for re.split with empty string pattern (RUF055) (#23634)

Bug fixes

• [fastapi] Handle callable class dependencies with __call__ method (FAST003) (#23553)
• [pydocstyle] Fix numpy section ordering (D420) (#23685)
• [pyflakes] Fix false positive for names shadowing re-exports (F811) (#23356)
• [pyupgrade] Avoid inserting redundant None elements in UP045 (#23459)

Documentation

• Document extension mapping for Markdown code formatting (#23574)
• Update default Python version examples (#23605)

Other changes

• Publish releases to Astral mirror (#23616)

Contributors

• @​amyreese
• @​stakeswky
• @​chirizxc
• @​anishgirianish
• @​bxff
• @​zsol
• @​charliermarsh
• @​ntBre
• @​kar-ganap

0.15.4

Released on 2026-02-26.

This is a follow-up release to 0.15.3 that resolves a panic when the new rule PLR1712 was enabled with any rule that analyzes definitions, such as many of the ANN or D rules.

Bug fixes

• Fix panic on access to definitions after analyzing definitions (#23588)
• [pyflakes] Suppress false positive in F821 for names used before del in stub files (#23550)

... (truncated)

Commits

• 5e4a3d9 Bump 0.15.5 (#23743)
• 69c23cc [ty] Render all changed diagnostics in conformance.py (#23613)
• 4926bd5 [ty] Split deferred checks out of types/infer/builder.rs (#23740)
• 9a70f5e Discover markdown files by default in preview mode (#23434)
• 3dc78b0 [ty] Use HasOptionalDefinition for except handlers (#23739)
• a6a5e8d [ty] Fix precedence of all selector in TOML configurations (#23723)
• 2a5384b [ty] Make all selector case sensitive (#23713)
• db77d7b [ty] Add a diagnostic if a TypeVar is used to specialize a ParamSpec, or ...
• db28490 [ty] Override home directory in ty tests (#23724)
• 5f0fd91 [ty] More type-variable default validation (#23639)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions