chore(deps): bump the pip group with 8 updates

[dependabot]

Bumps the pip group with 8 updates:

Package	From	To
mkdocs-material	9.5.39	9.5.40
mkdocstrings[python]	0.26.1	0.26.2
mkdocs-macros-plugin	1.2.0	1.3.5
mypy	1.11.2	1.12.0
semgrep	1.90.0	1.91.0
coverage[toml]	7.6.1	7.6.3
fastapi	0.115.0	0.115.2
pre-commit	4.0.0	4.0.1

Updates mkdocs-material from 9.5.39 to 9.5.40

Release notes

Sourced from mkdocs-material's releases.

mkdocs-material-9.5.40

• Updated Latvian translations
• Fixed #7597: Social cards not using site name on home page

Thanks go to @​pekkaklarck and @​klejejs for their contributions

Changelog

Sourced from mkdocs-material's changelog.

mkdocs-material-9.5.40 (2024-10-10)

• Updated Latvian translations
• Fixed #7597: Social cards not using site name on home page

mkdocs-material-9.5.39+insiders-4.53.14 (2024-09-29)

• Fixed #7567: Empty headlines when using typeset plugin with anchorlinks

mkdocs-material-9.5.39 (2024-09-29)

• Fixed #7226: not staying on page when using mike's canonical versioning

mkdocs-material-9.5.38 (2024-09-26)

• Added Albanian translations

mkdocs-material-9.5.37 (2024-09-25)

• Added 4th and 5th level ordered list styles
• Fixed #7548: Tags have no spacing in search

mkdocs-material-9.5.36 (2024-09-21)

• Fixed #7544: Social cards incorrectly rendering HTML entities
• Fixed #7542: Improved support for setting custom list styles

mkdocs-material-9.5.35 (2024-09-18)

• Fixed #7498: Search not showing for Vietnamese language

mkdocs-material-9.5.34+insiders-4.53.13 (2024-09-14)

• Fixed #7520: Social plugin errors for generated files (MkDocs 1.6+)

mkdocs-material-9.5.34 (2024-08-31)

• Updated Mermaid.js to version 11 (latest)

mkdocs-material-9.5.33 (2024-08-23)

• Fixed #7453: Incorrect position of tooltip when sorting table

mkdocs-material-9.5.32 (2024-08-19)

• Fixed RXSS vulnerability via deep link in search results
• Added support for fetching latest release from GitLab

mkdocs-material-9.5.31+insiders-4.53.12 (2024-08-02)

... (truncated)

Commits

• 921e522 Prepare 9.5.40 release
• 829d1c8 Fixed social cards not using site name on homepage (#7608)
• cf2b39d Documentation
• 10177cc Documentation (#7604)
• f0c99d8 Documentation (#7602)
• a9be026 Fixed file watching for Chokidar 4
• 2014b63 Fixed file watching for Chokidar 4
• 25b2107 Updated dependencies
• a83d44a Updated publishing guide (#7584)
• ffcabca Merge pull request #7582 from yanyongyu/schema/validation-anchors
• Additional commits viewable in compare view

Updates mkdocstrings[python] from 0.26.1 to 0.26.2

Release notes

Sourced from mkdocstrings[python]'s releases.

0.26.2

0.26.2 - 2024-10-12

Compare with 0.26.1

Build

• Drop support for Python 3.8 (f26edeb by Timothée Mazzucotelli).

Changelog

Sourced from mkdocstrings[python]'s changelog.

0.26.2 - 2024-10-12

Compare with 0.26.1

Build

• Drop support for Python 3.8 (f26edeb by Timothée Mazzucotelli).

Commits

• bcdfc70 chore: Prepare release 0.26.2
• f26edeb build: Drop support for Python 3.8
• b383527 chore: Template upgrade
• 7f35f56 docs: Remove sponsors only mention for mkdocstrings-shell
• See full diff in compare view

Updates mkdocs-macros-plugin from 1.2.0 to 1.3.5

Changelog

Sourced from mkdocs-macros-plugin's changelog.

Changelog: mkdocs-macros

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

Commits

• 6a9a0e4 Bump version number, for distribution (should solve #247)
• 32cd528 Test the hooks for external registration (#237)
• 16be58d Migrate all tests toward the mkdocs-test framework (#244)
• 59f82db Replacing local implementation of SuperDict by super-collections version
• 38b9681 Merge branch 'master' of github.com:fralau/mkdocs_macros_plugin into master
• eebbbd1 Merge pull request #246 from dwreeves/add-pathspec-as-dependency
• 6d99822 Add pathspec as dependency
• 69577e1 Separate standard DocProject and MarkdownPage classes
• 962472c Split test framework into DocProject (general) and MacrosDocProject
• e164982 Improve tests (#244)
• Additional commits viewable in compare view

Updates mypy from 1.11.2 to 1.12.0

Changelog

Sourced from mypy's changelog.

Mypy Release Notes

Next release

Mypy 1.12

We’ve just uploaded mypy 1.12 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features, performance improvements and bug fixes. You can install it as follows:

python3 -m pip install -U mypy

You can read the full documentation for this release on Read the Docs.

Support Python 3.12 Syntax for Generics (PEP 695)

Support for the new type parameter syntax introduced in Python 3.12 is now enabled by default, documented, and no longer experimental. It was available through a feature flag in mypy 1.11 as an experimental feature.

This example demonstrates the new syntax:

# Generic function
def f[T](https://github.com/python/mypy/blob/master/x: T) -> T: ...
reveal_type(f(1))  # Revealed type is 'int'
Generic class
class C[T]:
def init(self, x: T) -> None:
self.x = x
c = C('a')
reveal_type(c.x)  # Revealed type is 'str'
Type alias
type A[T] = C[list[T]]

For more information, refer to the documentation.

These improvements are included:

• Document Python 3.12 type parameter syntax (Jukka Lehtosalo, PR 17816)
• Further documentation updates (Jukka Lehtosalo, PR 17826)
• Allow Self return types with contravariance (Jukka Lehtosalo, PR 17786)
• Enable new type parameter syntax by default (Jukka Lehtosalo, PR 17798)
• Generate error if new-style type alias used as base class (Jukka Lehtosalo, PR 17789)
• Inherit variance if base class has explicit variance (Jukka Lehtosalo, PR 17787)

... (truncated)

Commits

• f2a39b1 Update version to 1.12.0
• b4ec37a Add one more 1.12 changelog item (#17936)
• cc1c679 Better handling of generic functions in partial plugin (#17925)
• d65a013 Add latest 1.12 changes to changelog (#17921)
• 2e38965 Fix union callees with functools.partial (#17903)
• c5d3673 Document ReadOnly (PEP 705) (#17905)
• 964a7a5 Make ReadOnly TypedDict items covariant (#17904)
• 24bfb34 Include CHANGELOG.md in sdists (#17882)
• 21d46ed documentation for TypeIs (#17821)
• c692943 Improvements to functools.partial of types (#17898)
• Additional commits viewable in compare view

Updates semgrep from 1.90.0 to 1.91.0

Release notes

Sourced from semgrep's releases.

Release v1.91.0

1.91.0 - 2024-10-10

Added

• Type inference in the Pro engine has been improved for class fields in TypeScript that are assigned a new instance but lack an explicit type definition. When no explicit type is provided for a class field, its type is inferred from the type of the expression assigned to it. For example, in the class definition class Foo { private readonly bar = new Bar(); }, the type of bar is inferred to be Bar. (code-7635)
• Cargo.lock parser can now associate dependencies with lockfile line numbers (sc-1140)

Fixed

• Address python rich.errors.LiveError where attempting to display multiple progress bars raises an exception as flagged in #10562. (grow-414)
• C: Fix a regression causing pattern -n to sometimes not match code -n. (saf-1592)
• When a scan runs into an exception, the app is appropriately notified about the failure. Previously, in the app, it would seem to the user that the scan is still in progress. (sms-502)

Changelog

Sourced from semgrep's changelog.

1.91.0 - 2024-10-10

Added

• Type inference in the Pro engine has been improved for class fields in TypeScript that are assigned a new instance but lack an explicit type definition. When no explicit type is provided for a class field, its type is inferred from the type of the expression assigned to it. For example, in the class definition class Foo { private readonly bar = new Bar(); }, the type of bar is inferred to be Bar. (code-7635)
• Cargo.lock parser can now associate dependencies with lockfile line numbers (sc-1140)

Fixed

• Address python rich.errors.LiveError where attempting to display multiple progress bars raises an exception as flagged in #10562. (grow-414)
• C: Fix a regression causing pattern -n to sometimes not match code -n. (saf-1592)
• When a scan runs into an exception, the app is appropriately notified about the failure. Previously, in the app, it would seem to the user that the scan is still in progress. (sms-502)

Commits

• 1de480b chore: release version 1.91.0
• 2497db0 Apparently it is
• 5a6d582 Try removing the opam update to validate if this was a caching issue
• 51ebb24 Try running opam update
• 8b0a9d8semgrep/semgrep-proprietary#2399
• c0b1947semgrep/semgrep-proprietary#2395
• c76c721semgrep/semgrep-proprietary#2394
• 5c0b82csemgrep/semgrep-proprietary#2395
• 3d47b3a pysemgrep test: skip the prook: and proruleid: annotations (semgrep/semgrep-p...
• 7414fa9 fix: cli does not notify app when scan has an exception (semgrep/semgrep-prop...
• Additional commits viewable in compare view

Updates coverage[toml] from 7.6.1 to 7.6.3

Release notes

Sourced from coverage[toml]'s releases.

7.6.3

Version 7.6.3 — 2024-10-13

• Fix: nested context managers could incorrectly be analyzed to flag a missing branch on the last context manager, as described in issue 1876. This is now fixed.
• Fix: the missing branch message about not exiting a module had an extra “didn’t,” as described in issue 1873. This is now fixed.

➡️  PyPI page: coverage 7.6.3. :arrow_right:  To install: python3 -m pip install coverage==7.6.3

7.6.2

Version 7.6.2 — 2024-10-09

• Dropped support for Python 3.8 and PyPy 3.8.
• Fix: a final wildcard match/case clause assigning to a name (case _ as value) was incorrectly marked as a missing branch. This is now fixed, closing issue 1860.
• Fewer things are considered branches now. Lambdas, comprehensions, and generator expressions are no longer marked as missing branches if they don’t complete execution. Closes issue 1852.
• Fix: the HTML report didn’t properly show multi-line f-strings that end with a backslash continuation. This is now fixed, closing issue 1836, thanks to LiuYinCarl and Marco Ricci.
• Fix: the LCOV report now has correct line numbers (fixing issue 1846) and better branch descriptions for BRDA records (fixing issue 1850). There are other changes to lcov also, including a new configuration option line_checksums to control whether line checksums are included in the lcov report. The default is false. To keep checksums set it to true. All this work is thanks to Zack Weinberg (pull 1849 and pull 1851).
• Fixed the docs for multi-line regex exclusions, closing issue 1863.
• Fixed a potential crash in the C tracer, closing issue 1835, thanks to Jan Kühle.

➡️  PyPI page: coverage 7.6.2. :arrow_right:  To install: python3 -m pip install coverage==7.6.2

Changelog

Sourced from coverage[toml]'s changelog.

Version 7.6.3 — 2024-10-13

• Fix: nested context managers could incorrectly be analyzed to flag a missing branch on the last context manager, as described in issue 1876_. This is now fixed.

• Fix: the missing branch message about not exiting a module had an extra "didn't," as described in issue 1873_. This is now fixed.

.. _issue 1873: nedbat/coveragepy#1873 .. _issue 1876: nedbat/coveragepy#1876

.. _changes_7-6-2:

Version 7.6.2 — 2024-10-09

• Dropped support for Python 3.8 and PyPy 3.8.

• Fix: a final wildcard match/case clause assigning to a name (case _ as value) was incorrectly marked as a missing branch. This is now fixed, closing issue 1860_.

• Fewer things are considered branches now. Lambdas, comprehensions, and generator expressions are no longer marked as missing branches if they don't complete execution. Closes issue 1852_.

• Fix: the HTML report didn't properly show multi-line f-strings that end with a backslash continuation. This is now fixed, closing issue 1836, thanks to LiuYinCarl and Marco Ricci <pull 1838_>.

• Fix: the LCOV report now has correct line numbers (fixing issue 1846) and better branch descriptions for BRDA records (fixing issue 1850). There are other changes to lcov also, including a new configuration option :ref:line_checksums <config_lcov_line_checksums> to control whether line checksums are included in the lcov report. The default is false. To keep checksums set it to true. All this work is thanks to Zack Weinberg (pull 1849_ and pull 1851_).

• Fixed the docs for multi-line regex exclusions, closing issue 1863_.

• Fixed a potential crash in the C tracer, closing issue 1835, thanks to Jan Kühle <pull 1843_>.

.. _issue 1835: nedbat/coveragepy#1835 .. _issue 1836: nedbat/coveragepy#1836 .. _pull 1838: nedbat/coveragepy#1838 .. _pull 1843: nedbat/coveragepy#1843

... (truncated)

Commits

• 342a4cb docs: sample HTML for 7.6.3
• df03796 docs: prep for 7.6.3
• 378c321 fix: nested context managers shouldn't cause a phantom missing branch #1876
• c8902ed build: pypy 3.9 doesn't seem to be available nightly
• c59a77b docs(build): put a header on the GitHub releases
• 65ac395 docs: fix a link in the changes
• 2d3e72c docs: add coverage-simple-excludes to the docs
• 474a363 fix: didn't-ectomy. #1873
• 5229fc3 docs: mention 1852 is fixed
• 6a4506f build(docs): upgrade doc dependencies
• Additional commits viewable in compare view

Updates fastapi from 0.115.0 to 0.115.2

Release notes

Sourced from fastapi's releases.

0.115.2

Upgrades

• ⬆️ Upgrade Starlette to >=0.37.2,<0.41.0. PR #12431 by @​tiangolo.

0.115.1

Fixes

• 🐛 Fix openapi generation with responses kwarg. PR #10895 by @​flxdot.
• 🐛 Remove Required shadowing from fastapi using Pydantic v2. PR #12197 by @​pachewise.

Refactors

• ♻️ Update type annotations for improved python-multipart. PR #12407 by @​tiangolo.

Docs

• ✨ Add new tutorial for SQL databases with SQLModel. PR #12285 by @​tiangolo.
• 📝 Add External Link: How to profile a FastAPI asynchronous request. PR #12389 by @​brouberol.
• 🔧 Remove base_path for mdx_include Markdown extension in MkDocs. PR #12391 by @​tiangolo.
• 📝 Update link to Swagger UI configuration docs. PR #12264 by @​makisukurisu.
• 📝 Adding links for Playwright and Vite in docs/project-generation.md. PR #12274 by @​kayqueGovetri.
• 📝 Fix small typos in the documentation. PR #12213 by @​svlandeg.

Translations

• 🌐 Add Portuguese translation for docs/pt/docs/tutorial/cookie-param-models.md. PR #12298 by @​ceb10n.
• 🌐 Add Portuguese translation for docs/pt/docs/how-to/graphql.md. PR #12215 by @​AnandaCampelo.
• 🌐 Add Portuguese translation for docs/pt/docs/advanced/security/oauth2-scopes.md. PR #12263 by @​ceb10n.
• 🌐 Add Portuguese translation for docs/pt/docs/deployment/concepts.md. PR #12219 by @​marcelomarkus.
• 🌐 Add Portuguese translation for docs/pt/docs/how-to/conditional-openapi.md. PR #12221 by @​marcelomarkus.
• 🌐 Add Portuguese translation for docs/pt/docs/advanced/response-directly.md. PR #12266 by @​Joao-Pedro-P-Holanda.
• 🌐 Update Portuguese translation for docs/pt/docs/tutorial/cookie-params.md. PR #12297 by @​ceb10n.
• 🌐 Fix Korean translation for docs/ko/docs/tutorial/index.md. PR #12278 by @​kkotipy.
• 🌐 Update Portuguese translation for docs/pt/docs/advanced/security/http-basic-auth.md. PR #12275 by @​andersonrocha0.
• 🌐 Add Portuguese translation for docs/pt/docs/deployment/cloud.md. PR #12217 by @​marcelomarkus.
• ✏️ Fix typo in docs/es/docs/python-types.md. PR #12235 by @​JavierSanchezCastro.
• 🌐 Add Dutch translation for docs/nl/docs/environment-variables.md. PR #12200 by @​maxscheijen.
• 🌐 Add Portuguese translation for docs/pt/docs/deployment/manually.md. PR #12210 by @​JoaoGustavoRogel.
• 🌐 Add Portuguese translation for docs/pt/docs/deployment/server-workers.md. PR #12220 by @​marcelomarkus.
• 🌐 Add Portuguese translation for docs/pt/docs/how-to/configure-swagger-ui.md. PR #12222 by @​marcelomarkus.

Internal

• ⬆ [pre-commit.ci] pre-commit autoupdate. PR #12396 by @​pre-commit-ci[bot].
• 🔨 Add script to generate variants of files. PR #12405 by @​tiangolo.
• 🔧 Add speakeasy-api to sponsors_badge.yml. PR #12404 by @​tiangolo.
• ➕ Add docs dependency: markdown-include-variants. PR #12399 by @​tiangolo.
• 📝 Fix extra mdx-base-path paths. PR #12397 by @​tiangolo.
• 👷 Tweak labeler to not override custom labels. PR #12398 by @​tiangolo.

... (truncated)

Commits

• 07684ae 🔖 Release version 0.115.2
• 63c428f 📝 Update release notes
• b77f235 ⬆️ Upgrade Starlette to >=0.37.2,<0.41.0 (#12431)
• 113da5b 🔖 Release version 0.115.1
• f0be768 📝 Update release notes
• e049fc4 🐛 Fix openapi generation with responses kwarg (#10895)
• b29cf16 📝 Update release notes
• 8ae4603 🐛 Remove Required shadowing from fastapi using Pydantic v2 (#12197)
• 529155e 📝 Update release notes
• 104dc0b ⬆ [pre-commit.ci] pre-commit autoupdate (#12396)
• Additional commits viewable in compare view

Updates pre-commit from 4.0.0 to 4.0.1

Release notes

Sourced from pre-commit's releases.

pre-commit v4.0.1

Fixes

• Fix pre-commit migrate-config for unquoted deprecated stages names with purelib pyyaml.
  • #3324 PR by @​asottile.
  • pre-commit-ci/issues#234 issue by @​lorenzwalthert.

Changelog

Sourced from pre-commit's changelog.

4.0.1 - 2024-10-08

Fixes

• Fix pre-commit migrate-config for unquoted deprecated stages names with purelib pyyaml.
  • #3324 PR by @​asottile.
  • pre-commit-ci/issues#234 issue by @​lorenzwalthert.

Commits

• cc4a522 v4.0.1
• 772d7d4 Merge pull request #3324 from pre-commit/migrate-config-purelib
• 222c62b fix migrate-config for purelib yaml
• 3d5548b Merge pull request #3323 from pre-commit/pre-commit-ci-update-config
• 4235a87 [pre-commit.ci] pre-commit autoupdate
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions