Bump the allpip group across 1 directory with 7 updates

[dependabot]

Bumps the allpip group with 7 updates in the / directory:

Package	From	To
fastapi	0.110.3	0.111.0
pydantic	2.7.1	2.7.2
uvicorn	0.29.0	0.30.0
pytest	8.2.0	8.2.1
coverage	7.5.1	7.5.3
ruff	0.4.4	0.4.6
pyright	1.1.363	1.1.364

Updates fastapi from 0.110.3 to 0.111.0

Release notes

Sourced from fastapi's releases.

0.111.0

Features

• ✨ Add FastAPI CLI, the new fastapi command. PR #11522 by @​tiangolo.
  • New docs: FastAPI CLI.

Try it out with:

$ pip install --upgrade fastapi
$ fastapi dev main.py
╭────────── FastAPI CLI - Development mode ───────────╮
│                                                     │
│  Serving at: http://127.0.0.1:8000                  │
│                                                     │
│  API docs: http://127.0.0.1:8000/docs               │
│                                                     │
│  Running in development mode, for production use:   │
│                                                     │
│  fastapi run                                        │
│                                                     │
╰─────────────────────────────────────────────────────╯
INFO:     Will watch for changes in these directories: ['/home/user/code/awesomeapp']
INFO:     Uvicorn running on http://127.0.0.1:8000 (Press CTRL+C to quit)
INFO:     Started reloader process [2248755] using WatchFiles
INFO:     Started server process [2248757]
INFO:     Waiting for application startup.
INFO:     Application startup complete.

Refactors

• 🔧 Add configs and setup for fastapi-slim including optional extras fastapi-slim[standard], and fastapi including by default the same standard extras. PR #11503 by @​tiangolo.

Commits

• 1c3e691 📝 Update release notes
• ab8f557 📝 Update release notes
• 67da3bb 🔖 Release version 0.111.0
• 9ed94e4 📝 Update release notes
• d71be59 ✨ Add FastAPI CLI, the new fastapi command (#11522)
• a94ef33 📝 Update release notes
• ea1f219 🔧 Add configs and setup for fastapi-slim including optional extras `fastapi...
• See full diff in compare view

Updates pydantic from 2.7.1 to 2.7.2

Release notes

Sourced from pydantic's releases.

v2.7.2 (2024-05-28)

What's Changed

Packaging

• Bump pydantic-core to v2.18.3 by @​sydney-runkle in #9515

Fixes

• Replace __spec__.parent with __package__ by @​hramezani in #9331
• Fix validation of ints with leading unary minus by @​RajatRajdeep in pydantic/pydantic-core#1291
• Fix str subclass validation for enums by @​sydney-runklepydantic/pydantic-core#1273pydantic/pydantic-core#1273
• Support BigInts in Literals and Enums by @​samuelcolvinpydantic/pydantic-core#1297pydantic/pydantic-core#1297
• Fix: uuid - allow str subclass as input by @​davidhewittpydantic/pydantic-core#1296pydantic/pydantic-core#1296

Full Changelog: pydantic/pydantic@v2.7.1...v2.7.2/

Changelog

Sourced from pydantic's changelog.

v2.7.2 (2024-05-28)

GitHub release

What's Changed

Packaging

• Bump pydantic-core to v2.18.3 by @​sydney-runkle in #9515

Fixes

• Replace __spec__.parent with __package__ by @​hramezani in #9331
• Fix validation of ints with leading unary minus by @​RajatRajdeep in pydantic/pydantic-core#1291
• Fix str subclass validation for enums by @​sydney-runklepydantic/pydantic-core#1273pydantic/pydantic-core#1273
• Support BigInts in Literals and Enums by @​samuelcolvinpydantic/pydantic-core#1297pydantic/pydantic-core#1297
• Fix: uuid - allow str subclass as input by @​davidhewittpydantic/pydantic-core#1296pydantic/pydantic-core#1296

Commits

• 70ac7a0 fix version
• 08d6ed2 Merge branch '2.7' of https://github.com/pydantic/pydantic into 2.7
• 42f544a fix version
• a20da21 2.7.2 prep (#9515)
• f42ae9b Logfire annoucement (#9362)
• 451f780 Replace __spec__.parent with __package__ (#9331)
• See full diff in compare view

Updates uvicorn from 0.29.0 to 0.30.0

Release notes

Sourced from uvicorn's releases.

Version 0.30.0

Added

• New multiprocess manager (#2183)
• Allow ConfigParser or a io.IO[Any] on log_config (#1976)

Fixed

• Suppress side effects of signal propagation (#2317)
• Send content-length header on 5xx (#2304)

Deprecated

• Deprecate the uvicorn.workers module (#2302)

---

Full Changelog: encode/uvicorn@0.29.0...0.30.0

Changelog

Sourced from uvicorn's changelog.

0.30.0 (2024-05-28)

Added

• New multiprocess manager (#2183)
• Allow ConfigParser or a io.IO[Any] on log_config (#1976)

Fixed

• Suppress side-effects of signal propagation (#2317)
• Send content-length header on 5xx (#2304)

Deprecated

• Deprecate the uvicorn.workers module (#2302)

Commits

• 9a6b3a8 Version 0.30.0 (#2348)
• 53fa273 New multiprocess manager (#2183)
• 22873a9 Suppress side-effects of signal propagation (#2317)
• 14ffba8 Simplify CHANGELOG (#2337)
• 5c78192 Add favicon and logo to the documentation (#2336)
• b9c03a8 Improve type hints on WebSockets implementations (#2335)
• 14bdf04 Use pytestmark to simplify test suite (#2334)
• 0efd383 Send content-length header on 5xx (#2304)
• 772c24b Deprecate the uvicorn.workers module (#2302)
• 12c9ee3 Allow ConfigParser or a io.IO[Any] on log_config (#1976)
• Additional commits viewable in compare view

Updates pytest from 8.2.0 to 8.2.1

Release notes

Sourced from pytest's releases.

8.2.1

pytest 8.2.1 (2024-05-19)

Improvements

• #12334: Support for Python 3.13 (beta1 at the time of writing).

Bug Fixes

• #12120: Fix [PermissionError]{.title-ref} crashes arising from directories which are not selected on the command-line.
• #12191: Keyboard interrupts and system exits are now properly handled during the test collection.
• #12300: Fixed handling of 'Function not implemented' error under squashfuse_ll, which is a different way to say that the mountpoint is read-only.
• #12308: Fix a regression in pytest 8.2.0 where the permissions of automatically-created .pytest_cache directories became rwx------ instead of the expected rwxr-xr-x.

Trivial/Internal Changes

• #12333: pytest releases are now attested using the recent Artifact Attestation support from GitHub, allowing users to verify the provenance of pytest's sdist and wheel artifacts.

Commits

• 66ff8df Prepare release version 8.2.1
• 3ffcfd1 Merge pull request #12340 from pytest-dev/backport-12334-to-8.2.x
• 0b28313 [8.2.x] Add Python 3.13 (beta) support
• f3dd93a [8.2.x] Attest package provenance (#12335)
• bb5a125 [8.2.x] Spelling (#12331)
• f179bf2 Merge pull request #12327 from pytest-dev/backport-12325-to-8.2.x
• 2b671b5 [8.2.x] cacheprovider: fix .pytest_cache not being world-readable
• 65ab7cb Merge pull request #12324 from pytest-dev/backport-12320-to-8.2.x
• 4d5fb7d Merge pull request #12319 from pytest-dev/backport-12311-to-8.2.x
• cbe5996 [8.2.x] changelog: document unittest 8.2 change as breaking
• Additional commits viewable in compare view

Updates coverage from 7.5.1 to 7.5.3

Changelog

Sourced from coverage's changelog.

Version 7.5.3 — 2024-05-28

• Performance improvements for combining data files, especially when measuring line coverage. A few different quadratic behaviors were eliminated. In one extreme case of combining 700+ data files, the time dropped from more than three hours to seven minutes. Thanks for Kraken Tech for funding the fix.

• Performance improvements for generating HTML reports, with a side benefit of reducing memory use, closing issue 1791_. Thanks to Daniel Diniz for helping to diagnose the problem.

.. _issue 1791: nedbat/coveragepy#1791

.. _changes_7-5-2:

Version 7.5.2 — 2024-05-24

• Fix: nested matches of exclude patterns could exclude too much code, as reported in issue 1779_. This is now fixed.

• Changed: previously, coverage.py would consider a module docstring to be an executable statement if it appeared after line 1 in the file, but not executable if it was the first line. Now module docstrings are never counted as executable statements. This can change coverage.py's count of the number of statements in a file, which can slightly change the coverage percentage reported.

• In the HTML report, the filter term and "hide covered" checkbox settings are remembered between viewings, thanks to Daniel Diniz <pull 1776_>_.

• Python 3.13.0b1 is supported.

• Fix: parsing error handling is improved to ensure bizarre source files are handled gracefully, and to unblock oss-fuzz fuzzing, thanks to Liam DeVoe <pull 1788_>. Closes issue 1787.

.. _pull 1776: nedbat/coveragepy#1776 .. _issue 1779: nedbat/coveragepy#1779 .. _issue 1787: nedbat/coveragepy#1787 .. _pull 1788: nedbat/coveragepy#1788

.. _changes_7-5-1:

Commits

• f310d7e docs: sample HTML for 7.5.3
• a51d52f docs: prep for 7.5.3
• b666f3a perf: it's faster in all versions if we don't cache tokenize #1791
• a2b4929 docs: changelog entry for combine performance improvements
• b9aff50 perf: don't read full line_bits table each time
• c45ebac perf: cache alias mapping
• 390cb97 perf: avoid quadratic behavior when combining line coverage
• d3caf53 docs(build): tweaks to howto
• 909e887 build: bump version
• 242adea build: don't claim pre-alpha-1 in classifiers
• Additional commits viewable in compare view

Updates ruff from 0.4.4 to 0.4.6

Release notes

Sourced from ruff's releases.

v0.4.6

Changes

Breaking changes

• Use project-relative paths when calculating GitLab fingerprints (#11532)

Preview features

• [flake8-async] Sleep with >24 hour interval should usually sleep forever (ASYNC116) (#11498)

Rule changes

• [numpy] Add missing functions to NumPy 2.0 migration rule (#11528)
• [mccabe] Consider irrefutable pattern similar to if .. else for C901 (#11565)
• Consider match-case statements for C901, PLR0912, and PLR0915 (#11521)
• Remove empty strings when converting to f-string (UP032) (#11524)
• [flake8-bandit] request-without-timeout should warn for requests.request (#11548)
• [flake8-self] Ignore sunder accesses in flake8-self rules (#11546)
• [pyupgrade] Lint for TypeAliasType usages (UP040) (#11530)

Server

• Respect excludes in ruff server configuration discovery (#11551)
• Use default settings if initialization options is empty or not provided (#11566)
• ruff server correctly treats .pyi files as stub files (#11535)
• ruff server searches for configuration in parent directories (#11537)
• ruff server: An empty code action filter no longer returns notebook source actions (#11526)

Bug fixes

• [flake8-logging-format] Fix autofix title in logging-warn (G010) (#11514)
• [refurb] Avoid recommending operator.itemgetter with dependence on lambda arguments (#11574)
• [flake8-simplify] Avoid recommending context manager in __enter__ implementations (#11575)
• Create intermediary directories for --output-file (#11550)
• Propagate reads on global variables (#11584)
• Treat all singledispatch arguments as runtime-required (#11523)

Contributors

• @​AlexWaygood
• @​Amar1729
• @​MichaReiser
• @​akshetpandey
• @​alex-700
• @​blueraft
• @​chadell
• @​charliermarsh
• @​dhruvmanila
• @​ekohilas

... (truncated)

Changelog

Sourced from ruff's changelog.

0.4.6

Breaking changes

• Use project-relative paths when calculating GitLab fingerprints (#11532)

Preview features

• [flake8-async] Sleep with >24 hour interval should usually sleep forever (ASYNC116) (#11498)

Rule changes

• [numpy] Add missing functions to NumPy 2.0 migration rule (#11528)
• [mccabe] Consider irrefutable pattern similar to if .. else for C901 (#11565)
• Consider match-case statements for C901, PLR0912, and PLR0915 (#11521)
• Remove empty strings when converting to f-string (UP032) (#11524)
• [flake8-bandit] request-without-timeout should warn for requests.request (#11548)
• [flake8-self] Ignore sunder accesses in flake8-self rules (#11546)
• [pyupgrade] Lint for TypeAliasType usages (UP040) (#11530)

Server

• Respect excludes in ruff server configuration discovery (#11551)
• Use default settings if initialization options is empty or not provided (#11566)
• ruff server correctly treats .pyi files as stub files (#11535)
• ruff server searches for configuration in parent directories (#11537)
• ruff server: An empty code action filter no longer returns notebook source actions (#11526)

Bug fixes

• [flake8-logging-format] Fix autofix title in logging-warn (G010) (#11514)
• [refurb] Avoid recommending operator.itemgetter with dependence on lambda arguments (#11574)
• [flake8-simplify] Avoid recommending context manager in __enter__ implementations (#11575)
• Create intermediary directories for --output-file (#11550)
• Propagate reads on global variables (#11584)
• Treat all singledispatch arguments as runtime-required (#11523)

0.4.5

Ruff's language server is now in Beta

v0.4.5 marks the official Beta release of ruff server, an integrated language server built into Ruff. ruff server supports the same feature set as ruff-lsp, powering linting, formatting, and code fixes in Ruff's editor integrations -- but with superior performance and no installation required. We'd love your feedback!

You can enable ruff server in the VS Code extension today.

To read more about this exciting milestone, check out our blog post!

... (truncated)

Commits

• 49a5a9c Bump version to v0.4.6 (#11585)
• 69d9212 Propagate reads on global variables (#11584)
• 4a30558 [flake8-bandit] request-without-timeout should warn for `requests.request...
• 16acd49 Remove some unused pub functions (#11576)
• 3989cb8 Make ruff_notebook a workspace dependency in ruff_server (#11572)
• a38c05b Avoid recommending context manager in __enter__ implementations (#11575)
• ab107ef Avoid recomending operator.itemgetter with dependence on lambda arg (#11574)
• b36c713 Consider irrefutable pattern similar to if .. else for C901 (#11565)
• 34a5063 Respect excludes in ruff server configuration discovery (#11551)
• adc0a5d Rename document module to text_document (#11571)
• Additional commits viewable in compare view

Updates pyright from 1.1.363 to 1.1.364

Commits

• c5d4928 [pyright updated to 1.1.364] Update Version (#274)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

[berrydenhartog]

@dependabot rebase

[dependabot]

Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry!

If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

[dependabot]

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml