Bump the pip group across 1 directory with 22 updates

[dependabot]

Bumps the pip group with 22 updates in the / directory:

Package	From	To
pytest	9.0.2	9.0.3
requests	2.33.0	2.33.1
faker	40.11.1	40.15.0
boto3	1.35.99	1.43.3
botocore	1.35.99	1.43.3
certifi	2026.2.25	2026.4.22
click	8.3.1	8.3.3
cryptography	46.0.6	48.0.0
fastapi	0.135.2	0.136.1
fastapi-cloud-cli	0.15.1	0.17.1
fastar	0.9.0	0.11.0
idna	3.11	3.13
pydantic	2.12.5	2.13.3
pydantic-settings	2.13.1	2.14.0
pydantic-core	2.41.5	2.46.3
pygments	2.19.2	2.20.0
pymongo	4.16.0	4.17.0
rich	14.3.3	15.0.0
s3transfer	0.10.4	0.17.0
sentry-sdk	2.56.0	2.59.0
typer	0.24.1	0.25.1
uvicorn	0.42.0	0.46.0

Updates pytest from 9.0.2 to 9.0.3

Release notes

Sourced from pytest's releases.

9.0.3

pytest 9.0.3 (2026-04-07)

Bug fixes

• #12444: Fixed pytest.approx which now correctly takes into account ~collections.abc.Mapping keys order to compare them.

• #13634: Blocking a conftest.py file using the -p no: option is now explicitly disallowed.

  Previously this resulted in an internal assertion failure during plugin loading.

  Pytest now raises a clear UsageError explaining that conftest files are not plugins and cannot be disabled via -p.

• #13734: Fixed crash when a test raises an exceptiongroup with __tracebackhide__ = True.

• #14195: Fixed an issue where non-string messages passed to unittest.TestCase.subTest() were not printed.

• #14343: Fixed use of insecure temporary directory (CVE-2025-71176).

Improved documentation

• #13388: Clarified documentation for -p vs PYTEST_PLUGINS plugin loading and fixed an incorrect -p example.
• #13731: Clarified that capture fixtures (e.g. capsys and capfd) take precedence over the -s / --capture=no command-line options in Accessing captured output from a test function <accessing-captured-output>.
• #14088: Clarified that the default pytest_collection hook sets session.items before it calls pytest_collection_finish, not after.
• #14255: TOML integer log levels must be quoted: Updating reference documentation.

Contributor-facing changes

• #12689: The test reports are now published to Codecov from GitHub Actions. The test statistics is visible on the web interface.

  -- by aleguy02

Commits

• a7d58d7 Prepare release version 9.0.3
• 089d981 Merge pull request #14366 from bluetech/revert-14193-backport
• 8127eaf Revert "Fix: assertrepr_compare respects dict insertion order (#14050) (#14193)"
• 99a7e60 Merge pull request #14363 from pytest-dev/patchback/backports/9.0.x/95d8423bd...
• ddee02a Merge pull request #14343 from bluetech/cve-2025-71176-simple
• 74eac69 doc: Update training info (#14298) (#14301)
• f92dee7 Merge pull request #14267 from pytest-dev/patchback/backports/9.0.x/d6fa26c62...
• 7ee58ac Merge pull request #12378 from Pierre-Sassoulas/fix-implicit-str-concat-and-d...
• 37da870 Merge pull request #14259 from mitre88/patch-4 (#14268)
• c34bfa3 Add explanation for string context diffs (#14257) (#14266)
• Additional commits viewable in compare view

Updates requests from 2.33.0 to 2.33.1

Release notes

Sourced from requests's releases.

v2.33.1

2.33.1 (2026-03-30)

Bugfixes

• Fixed test cleanup for CVE-2026-25645 to avoid leaving unnecessary files in the tmp directory. (#7305)
• Fixed Content-Type header parsing for malformed values. (#7309)
• Improved error consistency for malformed header values. (#7308)

New Contributors

• @​ferdnyc made their first contribution in psf/requests#7277

Full Changelog: https://github.com/psf/requests/blob/main/HISTORY.md#2331-2026-03-30

Changelog

Sourced from requests's changelog.

2.33.1 (2026-03-30)

Bugfixes

• Fixed test cleanup for CVE-2026-25645 to avoid leaving unnecessary files in the tmp directory. (#7305)
• Fixed Content-Type header parsing for malformed values. (#7309)
• Improved error consistency for malformed header values. (#7308)

Commits

• 111d2b7 v2.33.1
• f0198e6 Fix malformed value parsing for Content-Type (#7309)
• bc7dd0f Fix cosmetic header validity parsing regex (#7308)
• 4443b1a Fix unintended test extra (#7306)
• 389eea5 Cleanup extracted file after extract_zipped_path test (#7305)
• 7407309 Packaging: DRY out extras definition (#7277)
• See full diff in compare view

Updates faker from 40.11.1 to 40.15.0

Release notes

Sourced from faker's releases.

Release v40.15.0

See CHANGELOG.md.

Release v40.14.1

See CHANGELOG.md.

Release v40.14.0

See CHANGELOG.md.

Release v40.13.0

See CHANGELOG.md.

Release v40.12.0

See CHANGELOG.md.

Changelog

Sourced from faker's changelog.

v40.15.0 - 2026-04-17

• Add job providers for ar_DZ and fr_DZ locales (#2352). Thanks @​othmane099.
• Add company providers for ar_DZ and fr_DZ locales (#2351). Thanks @​othmane099.
• Add geo providers for ar_DZ and fr_DZ locales (#2350). Thanks @​othmane099.
• Add currency providers for ar_DZ and fr_DZ locales (#2349). Thanks @​othmane099.
• Add date_time provider for ar_DZ locale (#2348). Thanks @​othmane099.
• Add ssn providers for ar_DZ and fr_DZ locales (#2347). Thanks @​othmane099.

v40.14.1 - 2026-04-17

• Fix UnicodeEncodeError in CLI docs on non-UTF consoles (#2362). Thanks @​RedZapdos123.

v40.14.0 - 2026-04-17

• Fix: update placekitten URL to placekittens (#2364). Thanks @​reory.

v40.13.0 - 2026-04-06

• Fix: Ensure deterministic locale selection in multi-locale mode. Thanks @​just6660 and @​patakk.

v40.12.0 - 2026-03-30

• Add address providers for ar_DZ and fr_DZ locales (#2341). Thanks @​othmane099.

Commits

• ff243c8 Bump version: 40.14.1 → 40.15.0
• 632981e 📝 Update CHANGELOG.md
• c8ee020 💄 Lint code
• ca29a01 Add job providers for ar_DZ and fr_DZ locales (#2352)
• 740812b Add company providers for ar_DZ and fr_DZ locales (#2351)
• 6a495ba Add geo providers for ar_DZ and fr_DZ locales (#2350)
• f595fb2 Add currency providers for ar_DZ and fr_DZ locales (#2349)
• 0c2aef9 add date_time provider for ar_DZ locale (#2348)
• 2bb97dc Add ssn providers for ar_DZ and fr_DZ locales (#2347)
• 75a8ae7 Bump version: 40.14.0 → 40.14.1
• Additional commits viewable in compare view

Updates boto3 from 1.35.99 to 1.43.3

Commits

• bea693c Merge branch 'release-1.43.3'
• 1f57fdc Bumping version to 1.43.3
• ba69bd2 Add changelog entries from botocore
• 7dc336e Merge branch 'release-1.43.2'
• e240af8 Merge branch 'release-1.43.2' into develop
• 99fd421 Bumping version to 1.43.2
• 80f4db8 Add changelog entries from botocore
• be6bdf3 Bump pytest from 8.1.1 to 9.0.3 (#4782)
• 753bcab Merge branch 'release-1.43.1'
• 09f56f4 Merge branch 'release-1.43.1' into develop
• Additional commits viewable in compare view

Updates botocore from 1.35.99 to 1.43.3

Commits

• f687cc7 Merge branch 'release-1.43.3'
• 847cf77 Bumping version to 1.43.3
• b20a3c1 Update to latest models
• b8db539 Implement updated retry behavior gated behind opt-in environment variable (#3...
• 6338dda Merge branch 'release-1.43.2'
• c139d1b Merge branch 'release-1.43.2' into develop
• 6a8a47b Bumping version to 1.43.2
• 0f4537b Update endpoints model
• e018979 Update to latest models
• 48efef7 Bump pytest from 8.1.1 to 9.0.3 (#3696)
• Additional commits viewable in compare view

Updates certifi from 2026.2.25 to 2026.4.22

Commits

• 5dddfb0 2026.04.22 (#410)
• f99eccd Bump peter-evans/create-pull-request from 8.1.0 to 8.1.1 (#404)
• 918bed0 Bump actions/upload-artifact from 7.0.0 to 7.0.1 (#405)
• 0a49067 Bump pypa/gh-action-pypi-publish from 1.13.0 to 1.14.0 (#403)
• acf6ce8 Bump actions/download-artifact from 8.0.0 to 8.0.1 (#398)
• feb0ed2 Bump actions/download-artifact from 7.0.0 to 8.0.0 (#397)
• d9c11a5 Bump actions/upload-artifact from 6.0.0 to 7.0.0 (#396)
• See full diff in compare view

Updates click from 8.3.1 to 8.3.3

Release notes

Sourced from click's releases.

8.3.3

This is the Click 8.3.3 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/click/8.3.3/ Changes: https://click.palletsprojects.com/page/changes/#version-8-3-3 Milestone: https://github.com/pallets/click/milestone/30

• Use :func:shlex.split to split pager and editor commands into argv lists for :class:subprocess.Popen, removing shell=True. #1026 #1477 #2775
• Fix TypeError when rendering help for an option whose default value is an object that doesn't support equality comparison with strings, such as semver.Version. #3298 #3299
• Fix pager test pollution under parallel execution by using pytest's tmp_path fixture instead of a shared temporary file path. #3238
• Treat Sentinel.UNSET values in a default_map as absent, so they fall through to the next default source instead of being used as the value. #3224 #3240
• Patch pdb.Pdb in CliRunner isolation so pdb.set_trace(), breakpoint(), and debuggers subclassing pdb.Pdb (ipdb, pdbpp) can interact with the real terminal instead of the captured I/O streams. #654 #824 #843 #951 #3235
• Add optional randomized parallel test execution using pytest-randomly and pytest-xdist to detect test pollution and race conditions. #3151
• Add contributor documentation for running stress tests, randomized parallel tests, and Flask smoke tests. #3151 #3177
• Show custom show_default string in prompts, matching the existing help text behavior. #2836 #2837 #3165 #3262 #3280 #3328
• Fix default=True with boolean flag_value always returning the flag_value instead of True. The default=True to flag_value substitution now only applies to non-boolean flags, where True acts as a sentinel meaning "activate this flag by default". For boolean flags, default=True is returned as a literal value. #3111 #3239
• Mark make_default_short_help as private API. #3189 #3250
• CliRunner's redirected streams now expose the original file descriptor via fileno(), so that faulthandler, subprocess, and other C-level consumers no longer crash with io.UnsupportedOperation. #2865
• Change :class:ParameterSource to an :class:~enum.IntEnum and reorder its members from most to least explicit, so values can be compared to check whether a parameter was explicitly provided. #2879 #3248

8.3.2

This is the Click 8.3.2 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/click/8.3.2/ Changes: https://click.palletsprojects.com/page/changes/#version-8-3-2 Milestone: https://github.com/pallets/click/milestone/29

... (truncated)

Changelog

Sourced from click's changelog.

Version 8.3.3

Released 2026-04-20

• Use :func:shlex.split to split pager and editor commands into argv lists for :class:subprocess.Popen, removing shell=True. :issue:1026 :pr:1477 :pr:2775
• Fix TypeError when rendering help for an option whose default value is an object that doesn't support equality comparison with strings, such as semver.Version. :issue:3298 :pr:3299
• Fix pager test pollution under parallel execution by using pytest's tmp_path fixture instead of a shared temporary file path. :pr:3238
• Treat Sentinel.UNSET values in a default_map as absent, so they fall through to the next default source instead of being used as the value. :issue:3224 :pr:3240
• Patch pdb.Pdb in CliRunner isolation so pdb.set_trace(), breakpoint(), and debuggers subclassing pdb.Pdb (ipdb, pdbpp) can interact with the real terminal instead of the captured I/O streams. :issue:654 :issue:824 :issue:843 :pr:951 :pr:3235
• Add optional randomized parallel test execution using pytest-randomly and pytest-xdist to detect test pollution and race conditions. :pr:3151
• Add contributor documentation for running stress tests, randomized parallel tests, and Flask smoke tests. :pr:3151 :pr:3177
• Show custom show_default string in prompts, matching the existing help text behavior. :issue:2836 :pr:2837 :pr:3165 :pr:3262 :pr:3280 :pr:3328
• Fix default=True with boolean flag_value always returning the flag_value instead of True. The default=True to flag_value substitution now only applies to non-boolean flags, where True acts as a sentinel meaning "activate this flag by default". For boolean flags, default=True is returned as a literal value. :issue:3111 :pr:3239
• Mark make_default_short_help as private API. :issue:3189 :pr:3250
• CliRunner's redirected streams now expose the original file descriptor via fileno(), so that faulthandler, subprocess, and other C-level consumers no longer crash with io.UnsupportedOperation. :issue:2865
• Change :class:ParameterSource to an :class:~enum.IntEnum and reorder its members from most to least explicit, so values can be compared to check whether a parameter was explicitly provided. :issue:2879 :pr:3248

Version 8.3.2

Released 2026-04-02

• Fix handling of flag_value when is_flag=False to allow such options to be used without an explicit value. :issue:3084 :pr:3152
• Hide Sentinel.UNSET values as None when using lookup_default(). :issue:3136 :pr:3199 :pr:3202 :pr:3209 :pr:3212 :pr:3224

... (truncated)

Commits

• c06d2d0 Release 8.3.3
• f1f191e Apply format guidelines to commits since latest 8.3.2 release (#3343)
• bb59ba0 Apply format guidelines to commits since latest 8.3.2 release
• 4a35225 Reduce blast-radius of UNSET in default_map (#3240)
• c07bb93 Merge branch 'stable' into unset-in-default-map
• c7e1ba8 Reorder ParameterSource (#3248)
• 76552ff Show default string in prompt (#3328)
• ac5cec5 Reorder ParameterSource from most to least explicit
• 8c452e0 Merge branch 'stable' into show-default-string-in-prompt
• 8c95c73 Reconcile default value passing and default activation (#3239)
• Additional commits viewable in compare view

Updates cryptography from 46.0.6 to 48.0.0

Changelog

Sourced from cryptography's changelog.

48.0.0 - 2026-05-04

* **BACKWARDS INCOMPATIBLE:** Support for Python 3.8 has been removed.
  ``cryptography`` now requires Python 3.9 or later.
* **BACKWARDS INCOMPATIBLE:** Loading an X.509 CRL whose inner
  ``TBSCertList.signature`` algorithm does not match the outer
  ``signatureAlgorithm`` now raises ``ValueError``. Previously, such CRLs
  were parsed successfully and only rejected during signature validation.
* Added support for :doc:`/hazmat/primitives/asymmetric/mlkem` and
  :doc:`/hazmat/primitives/asymmetric/mldsa` when using OpenSSL 3.5.0 or
  later, in addition to the existing AWS-LC and BoringSSL support. This means
  post-quantum algorithms are now available to users of our wheels.

Note: Going forward, we do not guarantee that all functionality

in cryptography will be available when building against

OpenSSL. See :doc:/statements/state-of-openssl for more information.

.. _v47-0-0:
47.0.0 - 2026-04-24

• Support for Python 3.8 is deprecated and will be removed in the next cryptography release.
• BACKWARDS INCOMPATIBLE: Support for binary elliptic curves (SECT* classes) has been removed. These curves are rarely used and have additional security considerations that make them undesirable.
• BACKWARDS INCOMPATIBLE: Support for OpenSSL 1.1.x has been removed. OpenSSL 3.0.0 or later is now required. LibreSSL, BoringSSL, and AWS-LC continue to be supported.
• BACKWARDS INCOMPATIBLE: Dropped support for LibreSSL < 4.1.
• BACKWARDS INCOMPATIBLE: Loading keys with unsupported algorithms or keys with unsupported explicit curve encodings now raises :class:~cryptography.exceptions.UnsupportedAlgorithm instead of ValueError. This change affects :func:~cryptography.hazmat.primitives.serialization.load_pem_private_key, :func:~cryptography.hazmat.primitives.serialization.load_der_private_key, :func:~cryptography.hazmat.primitives.serialization.load_pem_public_key, :func:~cryptography.hazmat.primitives.serialization.load_der_public_key, and :meth:~cryptography.x509.Certificate.public_key when called on certificates with unsupported public key algorithms.
• BACKWARDS INCOMPATIBLE: When parsing elliptic curve private keys, we now reject keys that incorrectly encode a private key of the wrong length because such keys are impossible to process in a constant-time manner. We do not believe keys with this problem are in wide use, however we may revert this change based on the feedback we receive.
• Deprecated passing 64-bit (8-byte) and 128-bit (16-byte) keys to :class:~cryptography.hazmat.decrepit.ciphers.algorithms.TripleDES. In a

... (truncated)

Commits

• 8e03e30 bump for 48.0.0 release (#14796)
• 295e0d2 Add AGENTS.md with CLAUDE.md symlink (#14794)
• 104a2de Bump BoringSSL, OpenSSL, AWS-LC in CI (#14793)
• 67ec1e5 call check_length early on AesSiv::encrypt (#14792)
• b2da57a changelog for mldsa/mlkem for openssl (#14791)
• 3cf44ad ML-KEM OpenSSL support (#14781)
• 2e31639 ML-DSA OpenSSL support (#14773)
• 5affe5a fix rust nightly clippy (#14790)
• 2e73ca4 bump rust-openssl dep and update EcPoint::mul_generator to mul_generator2 (#1...
• 82ebd3b Bump BoringSSL, OpenSSL, AWS-LC in CI (#14785)
• Additional commits viewable in compare view

Updates fastapi from 0.135.2 to 0.136.1

Release notes

Sourced from fastapi's releases.

0.136.1

Upgrades

• ⬆️ Update Pydantic v2 code to address deprecations. PR #15101 by @​svlandeg.

Internal

• 🔨 Tweak translation script. PR #15174 by @​YuriiMotov.
• ⬆ Bump mkdocs-material from 9.7.1 to 9.7.6. PR #15408 by @​dependabot[bot].
• ⬆ Bump inline-snapshot from 0.31.1 to 0.32.6. PR #15409 by @​dependabot[bot].
• ⬆ Bump pytest-codspeed from 4.3.0 to 4.4.0. PR #15407 by @​dependabot[bot].
• ⬆ Bump pytest-cov from 7.0.0 to 7.1.0. PR #15406 by @​dependabot[bot].
• ⬆ Bump cloudflare/wrangler-action from 3.14.1 to 3.15.0. PR #15405 by @​dependabot[bot].
• ⬆ Bump mypy from 1.19.1 to 1.20.1. PR #15410 by @​dependabot[bot].
• ⬆ Bump python-dotenv from 1.2.1 to 1.2.2. PR #15400 by @​dependabot[bot].
• ⬆ Bump starlette from 0.52.1 to 1.0.0. PR #15397 by @​dependabot[bot].
• ⬆ Bump pygithub from 2.8.1 to 2.9.1. PR #15396 by @​dependabot[bot].
• ⬆ Bump pyjwt from 2.12.0 to 2.12.1. PR #15393 by @​dependabot[bot].
• ⬆ Bump zizmor from 1.23.1 to 1.24.1. PR #15394 by @​dependabot[bot].
• ⬆ Bump strawberry-graphql from 0.312.3 to 0.314.3. PR #15395 by @​dependabot[bot].
• ⬆ Bump python-multipart from 0.0.22 to 0.0.26. PR #15360 by @​dependabot[bot].
• ⬆ Bump authlib from 1.6.9 to 1.6.11. PR #15373 by @​dependabot[bot].
• ⬆ Bump aiohttp from 3.13.3 to 3.13.4. PR #15282 by @​dependabot[bot].
• ⬆ Bump pygments from 2.19.2 to 2.20.0. PR #15263 by @​dependabot[bot].
• ⬆ Bump pymdown-extensions from 10.20.1 to 10.21.2. PR #15391 by @​YuriiMotov.
• ⬆ Bump pillow from 12.1.1 to 12.2.0. PR #15333 by @​dependabot[bot].
• ⬆ Bump pytest from 9.0.2 to 9.0.3. PR #15334 by @​dependabot[bot].
• ⬆ Bump actions/upload-artifact from 7.0.0 to 7.0.1. PR #15374 by @​dependabot[bot].
• ⬆ Bump actions/cache from 5.0.4 to 5.0.5. PR #15385 by @​dependabot[bot].
• 🔧 Update sponsors: remove Zuplo. PR #15369 by @​tiangolo.
• 🔧 Update sponsors: remove Speakeasy. PR #15368 by @​tiangolo.
• 🔒️ Add zizmor and fix audit findings. PR #15316 by @​YuriiMotov.

0.136.0

Upgrades

• ⬆️ Support free-threaded Python 3.14t. PR #15149 by @​svlandeg.

0.135.4

Refactors

• 🔥 Remove April Fool's @app.vibe() 🤪. PR #15363 by @​tiangolo.

Internal

• ⬆ Bump cryptography from 46.0.5 to 46.0.7. PR #15314 by @​dependabot[bot].
• ⬆ Bump strawberry-graphql from 0.307.1 to 0.312.3. PR #15309 by @​dependabot[bot].
• 🔨 Add pre-commit hook to ensure latest release header has date. PR #15293 by @​YuriiMotov.

0.135.3

... (truncated)

Commits

• e54e5a8 🔖 Release version 0.136.1
• 9a8a5fd 📝 Update release notes
• 7815a32 ⬆️ Update Pydantic v2 code to address deprecations (#15101)
• ef1c927 📝 Update release notes
• 38039e1 🔨 Tweak translation script (#15174)
• 4fa826c 📝 Update release notes
• c394156 ⬆ Bump mkdocs-material from 9.7.1 to 9.7.6 (#15408)
• ae230ad 📝 Update release notes
• d9eb39d ⬆ Bump inline-snapshot from 0.31.1 to 0.32.6 (#15409)
• 4f8b5d1 📝 Update release notes
• Additional commits viewable in compare view

Updates fastapi-cloud-cli from 0.15.1 to 0.17.1

Release notes

Sourced from fastapi-cloud-cli's releases.

0.17.1

Fixes

• 🐛 Improve error message when receiving a 403. PR #189 by @​patrick91.

Internal

• ⬆ Bump astral-sh/setup-uv from 7.6.0 to 8.1.0. PR #182 by @​dependabot[bot].

0.17.0

Features

• ✨ Add --version option. PR #168 by @​YuriiMotov.
• ✨ Show help on fastapi cloud with no args. PR #181 by @​buurro.

Fixes

• 🐛 Fix FASTAPI_CLOUD_TOKEN always overrides user token. PR #180 by @​YuriiMotov.

0.16.1

Fixes

• 🐛 Fix archive creation of Windows files inside WSL. PR #178 by @​DoctorJohn.

0.16.0

Features

• ✨ Update deployment statuses. PR #176 by @​DoctorJohn.
• 💄 Show deployment upload progress. PR #171 by @​YuriiMotov.

Internal

• 🔒 Pin GitHub actions by commit SHA. PR #172 by @​YuriiMotov.
• 🔨 Add pre-commit hook to ensure latest release header has date. PR #173 by @​YuriiMotov.

Changelog

Sourced from fastapi-cloud-cli's changelog.

0.17.1 (2026-04-27)

Fixes

• 🐛 Improve error message when receiving a 403. PR #189 by @​patrick91.

Internal

• ⬆ Bump astral-sh/setup-uv from 7.6.0 to 8.1.0. PR #182 by @​dependabot[bot].

0.17.0 (2026-04-15)

Features

• ✨ Add --version option. PR #168 by @​YuriiMotov.
• ✨ Show help on fastapi cloud with no args. PR #181 by @​buurro.

Fixes

• 🐛 Fix FASTAPI_CLOUD_TOKEN always overrides user token. PR #180 by @​YuriiMotov.

0.16.1 (2026-04-08)

Fixes

• 🐛 Fix archive creation of Windows files inside WSL. PR #178 by @​DoctorJohn.

0.16.0 (2026-04-07)

Features

• ✨ Update deployment statuses. PR #176 by @​DoctorJohn.
• 💄 Show deployment upload progress. PR #171 by @​YuriiMotov.

Internal

• 🔒 Pin GitHub actions by commit SHA. PR #172 by @​YuriiMotov.
• 🔨 Add pre-commit hook to ensure latest release header has date. PR #173 by @​YuriiMotov.

Commits

• 8477df2 🔖 Release version 0.17.1
• ca32ce4 📝 Update release notes
• ceb1830 🐛 Improve error message when receiving a 403 (#189)
• e24a4e5 📝 Update release notes
• d1c00d5 ⬆ Bump astral-sh/setup-uv from 7.6.0 to 8.1.0 (#182)
• 7bef357 🔖 Release version 0.17.0
• a5a1fdf 📝 Update release notes
• 4aeba6f ✨ Add --version option (#168)
• 353f6bd 📝 Update release notes
• f467ac4 🐛 Fix FASTAPI_CLOUD_TOKEN always overrides user token (#180)
• Additional commits viewable in compare view

Updates fastar from 0.9.0 to 0.11.0

Release notes

Sourced from fastar's releases.

v0.11.0

What's Changed

• Update tar crate to 0.4.45 by @​DoctorJohn in DoctorJohn/fastar#66
• Update flate2 crate to 1.1.9 by @​DoctorJohn in DoctorJohn/fastar#67
• Update dependencies by @​DoctorJohn in DoctorJohn/fastar#68

Full Changelog: DoctorJohn/fastar@v0.10.1...v0.11.0

v0.10.1

What's Changed

• Fix writer created truncated zstd archives by @​DoctorJohn in DoctorJohn/fastar#65

Full Changelog: DoctorJohn/fastar@v0.10.0...v0.10.1

v0.10.0

What's Changed

• Add option for special sparse file handling by @​DoctorJohn in DoctorJohn/fastar#63
• Fix potentially unbound test variable by @​DoctorJohn in DoctorJohn/fastar#64

Full Changelog: DoctorJohn/fastar@v0.9.0...v0.10.0

Commits

• e9e8ea5 Bump version to 0.11.0
• 13291c7 Update dependencies (#68)
• b431a2c Update flate2 crate to 1.1.9 (#67)
• 8d1d0f4 Update tar crate to 0.4.45 (#66)
• 9fbf2ba Bump version to 0.10.1
• 91c3b89 Fix writer created truncated zstd archives (#65)
• d12316e Bump version to 0.10.0
• e0b0a38 Fix potentially unbound test variable (#64)
• bbd728e Add option for special sparse file handling (#63)
• See full diff in compare view

Updates idna from 3.11 to 3.13

Changelog

Sourced from idna's changelog.

3.13 (2026-04-22) +++++++++++++++++

• Correct classification error for codepoint U+A7F1

3.12 (2026-04-21) +++++++++++++++++

• Update to Unicode 17.0.0.
• Issue a deprecation warning for the transitional argument.
• Added lazy-loading to provide some performance improvements.
• Removed vestiges of code related to Python 2 support, including segmentation of data structures specific to Jython.

Thanks to Rodrigo Nogueira for contributions to this release.

Commits

• 89cdfd2 Release v3.13
• 1eb0686 Pre-release 3.13
• 5f20d1e Merge pull request #220 from kjd/unicode-next
• 4ea8425 Regenerate idnadata.py with correct NFKC_CF data
• fd47341 Use NFKC_CF from Unicode data files instead of Python's unicodedata module
• a5304a4 Merge pull request #219 from kjd/release-3.12
• d80d6f9 Release v3.12
• 1bb44dd Merge pull request #218 from kjd/release-candidate-3.12rc0
• 909c49d Release candidate for 3.12
• c5459a1 Merge pull request #217 from kjd/housekeeping-2
• Additional commits viewable in compare view

Updates pydantic from 2.12.5 to 2.13.3

Release notes

Sourced from pydantic's releases.

v2.13.3 2026-04-20

v2.13.3 (2026-0...

Description has been truncated

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.