pip(deps): bump the pip group with 8 updates

[dependabot[bot]]

Bumps the pip group with 8 updates:

Package	From	To
fastapi	0.108.0	0.109.2
boto3-stubs	1.34.39	1.34.45
mkdocs-material	9.5.9	9.5.10
connexion	3.0.5	3.0.6
pytest	8.0.0	8.0.1
hypothesis	6.98.4	6.98.8
ruff	0.2.1	0.2.2
yamllint	1.34.0	1.35.1

Updates fastapi from 0.108.0 to 0.109.2

Release notes

Sourced from fastapi's releases.

0.109.2

Upgrades

• ⬆️ Upgrade version of Starlette to >= 0.36.3. PR #11086 by @​tiangolo.

Translations

• 🌐 Update Turkish translation for docs/tr/docs/fastapi-people.md. PR #10547 by @​alperiox.

Internal

• 🍱 Add new FastAPI logo. PR #11090 by @​tiangolo.

0.109.1

Security fixes

• ⬆️ Upgrade minimum version of python-multipart to >=0.0.7 to fix a vulnerability when using form data with a ReDos attack. You can also simply upgrade python-multipart.

Read more in the advisory: Content-Type Header ReDoS.

Features

• ✨ Include HTTP 205 in status codes with no body. PR #10969 by @​tiangolo.

Refactors

• ✅ Refactor tests for duplicate operation ID generation for compatibility with other tools running the FastAPI test suite. PR #10876 by @​emmettbutler.
• ♻️ Simplify string format with f-strings in fastapi/utils.py. PR #10576 by @​eukub.
• 🔧 Fix Ruff configuration unintentionally enabling and re-disabling mccabe complexity check. PR #10893 by @​jiridanek.
• ✅ Re-enable test in tests/test_tutorial/test_header_params/test_tutorial003.py after fix in Starlette. PR #10904 by @​ooknimm.

Docs

• 📝 Tweak wording in help-fastapi.md. PR #11040 by @​tiangolo.
• 📝 Tweak docs for Behind a Proxy. PR #11038 by @​tiangolo.
• 📝 Add External Link: 10 Tips for adding SQLAlchemy to FastAPI. PR #11036 by @​Donnype.
• 📝 Add External Link: Tips on migrating from Flask to FastAPI and vice-versa. PR #11029 by @​jtemporal.
• 📝 Deprecate old tutorials: Peewee, Couchbase, encode/databases. PR #10979 by @​tiangolo.
• ✏️ Fix typo in fastapi/security/oauth2.py. PR #10972 by @​RafalSkolasinski.
• 📝 Update HTTPException details in docs/en/docs/tutorial/handling-errors.md. PR #5418 by @​papb.
• ✏️ A few tweaks in docs/de/docs/tutorial/first-steps.md. PR #10959 by @​nilslindemann.
• ✏️ Fix link in docs/en/docs/advanced/async-tests.md. PR #10960 by @​nilslindemann.
• ✏️ Fix typos for Spanish documentation. PR #10957 by @​jlopezlira.
• 📝 Add warning about lifespan functions and backwards compatibility with events. PR #10734 by @​jacob-indigo.
• ✏️ Fix broken link in docs/tutorial/sql-databases.md in several languages. PR #10716 by @​theoohoho.
• ✏️ Remove broken links from external_links.yml. PR #10943 by @​Torabek.
• 📝 Update template docs with more info about url_for. PR #5937 by @​EzzEddin.
• 📝 Update usage of Token model in security docs. PR #9313 by @​piotrszacilowski.
• ✏️ Update highlighted line in docs/en/docs/tutorial/bigger-applications.md. PR #5490 by @​papb.
• 📝 Add External Link: Explore How to Effectively Use JWT With FastAPI. PR #10212 by @​aanchlia.

... (truncated)

Commits

• 141e34f 📝 Update release notes
• 57b0983 🔖 Release FastAPI version 0.109.2
• 50e558e 📝 Update release notes
• 4a2be2a ⬆️ Upgrade version of Starlette to >= 0.36.3 (#11086)
• 43f9cbc 📝 Update release notes
• 739739c 🍱 Add new FastAPI logo (#11090)
• 6944ae1 📝 Update release notes
• e239c56 :globe_with_meridians: Update Turkish translation for `docs/tr/docs/fastapi-p...
• 3f3ee24 📝 Update release notes
• 7633d15 🔖 Release version 0.109.1
• Additional commits viewable in compare view

Updates boto3-stubs from 1.34.39 to 1.34.45

Commits

• See full diff in compare view

Updates mkdocs-material from 9.5.9 to 9.5.10

Release notes

Sourced from mkdocs-material's releases.

mkdocs-material-9.5.10

• Updated Bahasa Malaysia translations
• Fixed #6783: Hide continue reading link for blog posts without separators
• Fixed #6779: Incorrect positioning of integrated table of contents

Changelog

Sourced from mkdocs-material's changelog.

mkdocs-material-9.5.10 (2024-02-19)

• Updated Bahasa Malaysia translations
• Fixed #6783: Hide continue reading link for blog posts without separators
• Fixed #6779: Incorrect positioning of integrated table of contents

mkdocs-material-9.5.9 (2024-02-10)

• Fixed navigation pruning with tabs and sections enabled

mkdocs-material-9.5.8+insiders-4.52.2 (2024-02-07)

• Fixed #6735: Instant previews misplaced when below tabs

mkdocs-material-9.5.8 (2024-02-07)

• Added Tamil translations
• Updated Esperanto translations
• Fixed relative images not being resolved for instant navigation

mkdocs-material-9.5.7 (2024-02-03)

• Fixed #6731: Small images in figures are not centered
• Fixed #6719: Instant navigation breaks table of contents (9.5.5 regression)

mkdocs-material-9.5.6+insiders-4.52.1 (2024-01-30)

• Fixed #6705: Navigation path not being hidden when specified
• Fixed #6703: New tags plugin crashes on Windows (2nd attempt)

mkdocs-material-9.5.6+insiders-4.52.0 (2024-01-28)

• Added support for instant previews
• Fixed footnote tooltips positioning edge cases
• Fixed #6703: New tags plugin crashes on Windows

mkdocs-material-9.5.6 (2024-01-28)

• Fixed #6700: Missing styles for Mermaid.js labels with Markdown

mkdocs-material-9.5.5+insiders-4.51.0 (2024-01-24)

• Added support for footnote tooltips

mkdocs-material-9.5.5 (2024-01-24)

• Updated Tagalog translations
• Updated Pillow to 10.2 to mitigate security vulnerabilities
• Improved resilience of instant navigation
• Fixed #6687: Updated Mermaid.js to version 10.7.0 (latest)

... (truncated)

Commits

• b688cfd Updated changelog
• fea265d Prepare 9.5.10 release
• adf061e Updated dependencies
• 7bbc9f9 Fixed positioning of integrated table of contents
• 3e2a1fc Merge branch 'master' of github.com:squidfunk/mkdocs-material
• 2986aca Documentation
• 4fd52fd Merge pull request #6791 from squidfunk/docs/updating-faq
• 7922c8f Updated FAQs
• f1673ec Updated FAQs
• e423784 Updated FAQs
• Additional commits viewable in compare view

Updates connexion from 3.0.5 to 3.0.6

Release notes

Sourced from connexion's releases.

3.0.6

What's Changed

• Bugfix/starlette root path by @​Ruwann in spec-first/connexion#1833
• Fix quickstart WSGI example typo by @​rparini in spec-first/connexion#1845
• Fix ReverseProxied middleware and add docs by @​RobbeSneyders in spec-first/connexion#1873
• Fix two broken links in the docs. by @​Julian in spec-first/connexion#1854
• Fix for JSON array parsing in multipart/form-data (#1869) by @​alfechner in spec-first/connexion#1872
• Fix file upload for base64 encoded files by @​RobbeSneyders in spec-first/connexion#1843

New Contributors

• @​rparini made their first contribution in spec-first/connexion#1845
• @​Julian made their first contribution in spec-first/connexion#1854
• @​alfechner made their first contribution in spec-first/connexion#1872

Full Changelog: https://github.com/spec-first/connexion/compare/3.0.5...3.0.6

Commits

• 211bdb0 Fix file upload for base64 encoded files (#1843)
• 5de6dcc Fix for JSON array parsing in multipart/form-data (#1869) (#1872)
• 5d7eb0b Fix two broken links in the docs. (#1854)
• 3e64fe4 Fix ReverseProxied middleware and add docs (#1873)
• f8f461c Fix quickstart WSGI example typo (#1845)
• 0ae9ba8 Bugfix/starlette root path (#1833)
• See full diff in compare view

Updates pytest from 8.0.0 to 8.0.1

Release notes

Sourced from pytest's releases.

8.0.1

pytest 8.0.1 (2024-02-16)

Bug Fixes

• #11875: Correctly handle errors from getpass.getuser{.interpreted-text role="func"} in Python 3.13.
• #11879: Fix an edge case where ExceptionInfo._stringify_exception could crash pytest.raises{.interpreted-text role="func"}.
• #11906: Fix regression with pytest.warns{.interpreted-text role="func"} using custom warning subclasses which have more than one parameter in their [__init__]{.title-ref}.
• #11907: Fix a regression in pytest 8.0.0 whereby calling pytest.skip{.interpreted-text role="func"} and similar control-flow exceptions within a pytest.warns(){.interpreted-text role="func"} block would get suppressed instead of propagating.
• #11929: Fix a regression in pytest 8.0.0 whereby autouse fixtures defined in a module get ignored by the doctests in the module.
• #11937: Fix a regression in pytest 8.0.0 whereby items would be collected in reverse order in some circumstances.

Commits

• d7d320a Prepare release version 8.0.1
• 9369916 Merge pull request #11992 from bluetech/backport-11991
• a232abd [8.0.x] recwarn: fix pytest.warns handling of Warnings with multiple arguments
• 92203d2 Merge pull request #11990 from bluetech/backport-11920
• f1aa922 [8.0.x] recwarn: let base exceptions propagate through pytest.warns again
• d86d081 [8.0.x] Added logot to the plugin list (#11977)
• c554c3d Merge pull request #11968 from pytest-dev/backport-11957-to-8.0.x
• a6851e3 [8.0.x] main: fix reversed collection order in Session
• e6f6be3 [8.0.x] Improve error message when using @​pytest.fixture twice (#11958)
• 23b91d1 [8.0.x] Merge pull request #11941 from bluetech/doctest-parsefactories (#11948)
• Additional commits viewable in compare view

Updates hypothesis from 6.98.4 to 6.98.8

Commits

• 05971f0 Bump hypothesis-python version to 6.98.8 and update changelog
• 314480c Merge pull request #3888 from Zac-HD/ghostwriter-operator-upgrades
• ed231ae Merge pull request #3887 from HypothesisWorks/create-pull-request/patch
• 35546c4 Improved binop ghostwriting
• 4acbb91 Use canonical module names
• 4c18799 Add a note to researchers
• 0b36280 Make shrinker timeout patchable
• 9e8cb80 Update to new settings syntax
• ae2ff82 Bump hypothesis-python version to 6.98.7 and update changelog
• 387d3a3 Merge pull request #3886 from Zac-HD/ghostwriter-imports
• Additional commits viewable in compare view

Updates ruff from 0.2.1 to 0.2.2

Release notes

Sourced from ruff's releases.

v0.2.2

Highlights include:

• Initial support formatting f-strings (in --preview).
• Support for overriding arbitrary configuration options via the CLI through an expanded --config argument (e.g., --config "lint.isort.combine-as-imports=false").
• Significant performance improvements in Ruff's lexer, parser, and lint rules.

Changes

Preview features

• Implement minimal f-string formatting (#9642)
• [pycodestyle] Add blank line(s) rules (E301, E302, E303, E304, E305, E306) (#9266)
• [refurb] Implement readlines_in_for (FURB129) (#9880)

Rule changes

• [ruff] Ensure closing parentheses for multiline sequences are always on their own line (RUF022, RUF023) (#9793)
• [numpy] Add missing deprecation violations (NPY002) (#9862)
• [flake8-bandit] Detect mark_safe usages in decorators (#9887)
• [ruff] Expand asyncio-dangling-task (RUF006) to include new_event_loop (#9976)
• [flake8-pyi] Ignore 'unused' private type dicts in class scopes (#9952)

Formatter

• Docstring formatting: Preserve tab indentation when using indent-style=tabs (#9915)
• Disable top-level docstring formatting for notebooks (#9957)
• Stabilize quote-style's preserve mode (#9922)

CLI

• Allow arbitrary configuration options to be overridden via the CLI (#9599)

Bug fixes

• Make show-settings filters directory-agnostic (#9866)
• Respect duplicates when rewriting type aliases (#9905)
• Respect tuple assignments in typing analyzer (#9969)
• Use atomic write when persisting cache (#9981)
• Use non-parenthesized range for DebugText (#9953)
• [flake8-simplify] Avoid false positive with async for loops (SIM113) (#9996)
• [flake8-trio] Respect async with in timeout-without-await (#9859)
• [perflint] Catch a wider range of mutations in PERF101 (#9955)
• [pycodestyle] Fix E30X panics on blank lines with trailing white spaces (#9907)
• [pydocstyle] Allow using parameters as a subsection header (D405) (#9894)
• [pydocstyle] Fix blank-line docstring rules for module-level docstrings (#9878)
• [pylint] Accept 0.0 and 1.0 as common magic values (PLR2004) (#9964)
• [pylint] Avoid suggesting set rewrites for non-hashable types (#9956)
• [ruff] Avoid false negatives with string literals inside of method calls (RUF027) (#9865)

... (truncated)

Changelog

Sourced from ruff's changelog.

0.2.2

Highlights include:

• Initial support formatting f-strings (in --preview).
• Support for overriding arbitrary configuration options via the CLI through an expanded --config argument (e.g., --config "lint.isort.combine-as-imports=false").
• Significant performance improvements in Ruff's lexer, parser, and lint rules.

Preview features

• Implement minimal f-string formatting (#9642)
• [pycodestyle] Add blank line(s) rules (E301, E302, E303, E304, E305, E306) (#9266)
• [refurb] Implement readlines_in_for (FURB129) (#9880)

Rule changes

• [ruff] Ensure closing parentheses for multiline sequences are always on their own line (RUF022, RUF023) (#9793)
• [numpy] Add missing deprecation violations (NPY002) (#9862)
• [flake8-bandit] Detect mark_safe usages in decorators (#9887)
• [ruff] Expand asyncio-dangling-task (RUF006) to include new_event_loop (#9976)
• [flake8-pyi] Ignore 'unused' private type dicts in class scopes (#9952)

Formatter

• Docstring formatting: Preserve tab indentation when using indent-style=tabs (#9915)
• Disable top-level docstring formatting for notebooks (#9957)
• Stabilize quote-style's preserve mode (#9922)

CLI

• Allow arbitrary configuration options to be overridden via the CLI (#9599)

Bug fixes

• Make show-settings filters directory-agnostic (#9866)
• Respect duplicates when rewriting type aliases (#9905)
• Respect tuple assignments in typing analyzer (#9969)
• Use atomic write when persisting cache (#9981)
• Use non-parenthesized range for DebugText (#9953)
• [flake8-simplify] Avoid false positive with async for loops (SIM113) (#9996)
• [flake8-trio] Respect async with in timeout-without-await (#9859)
• [perflint] Catch a wider range of mutations in PERF101 (#9955)
• [pycodestyle] Fix E30X panics on blank lines with trailing white spaces (#9907)
• [pydocstyle] Allow using parameters as a subsection header (D405) (#9894)
• [pydocstyle] Fix blank-line docstring rules for module-level docstrings (#9878)
• [pylint] Accept 0.0 and 1.0 as common magic values (PLR2004) (#9964)
• [pylint] Avoid suggesting set rewrites for non-hashable types (#9956)
• [ruff] Avoid false negatives with string literals inside of method calls (RUF027) (#9865)
• [ruff] Fix panic on with f-string detection (RUF027) (#9990)

... (truncated)

Commits

• 235cfb7 Bump version to v0.2.2 (#10018)
• 91ae81b Move RUF001, RUF002 to AST checker (#9993)
• d46c5d8 docs: Formatter compatibility warning for D207 and D300 (#10007)
• 20217e9 Fix panic on RUF027 (#9990)
• 72bf1c2 Preview minimal f-string formatting (#9642)
• c47ff65 chore(docs): update Discord invite to permalink (#10005)
• c3bba54 Fix SIM113 false positive with async for loops (#9996)
• fe79798 split string module (#9987)
• bb8d203 Use atomic write when persisting cache (#9981)
• f40e012 Use name directly in RUF006 (#9979)
• Additional commits viewable in compare view

Updates yamllint from 1.34.0 to 1.35.1

Changelog

Sourced from yamllint's changelog.

1.35.1 (2024-02-16)

• Restore ignoration of files passed as command-line arguments
• Revert API change from version 1.35.0

1.35.0 (2024-02-15)

• Fix failure on broken symlinks that should be ignored
• API change: linter.run(stream, config) doesn't filter files anymore
• Docs: Restore official Read the Docs theme

Commits

• 81e9f98 yamllint version 1.35.1
• 9235c68 cli: Restore ignoration of files passed as command-line arguments
• 3a13803 yamllint version 1.35.0
• 2344380 cli: Cleanly skip broken symlinks that are ignored
• f66855b build: Restore official Read the Docs theme
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions

[dependabot[bot]]

Looks like these dependencies are updatable in another way, so this is no longer needed.