mirror of
https://github.com/evroon/bracket.git
synced 2026-06-11 10:15:19 -04:00
master
364 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
dependabot[bot]
|
e0a455995f |
Bump mypy from 1.20.0 to 2.0.0 in /backend (#1709)
Bumps [mypy](https://github.com/python/mypy) from 1.20.0 to 2.0.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/python/mypy/blob/master/CHANGELOG.md">mypy's changelog</a>.</em></p> <blockquote> <h1>Mypy Release Notes</h1> <h2>Next Release</h2> <h2>Mypy 2.1</h2> <p>We’ve just uploaded mypy 2.1.0 to the Python Package Index (<a href="https://pypi.org/project/mypy/">PyPI</a>). Mypy is a static type checker for Python. This release includes new features, performance improvements and bug fixes. You can install it as follows:</p> <pre><code>python3 -m pip install -U mypy </code></pre> <p>You can read the full documentation for this release on <a href="http://mypy.readthedocs.io">Read the Docs</a>.</p> <h3>librt.vecs: Fast Growable Array Type for Mypyc</h3> <p>The new <code>librt.vecs</code> module provides an efficient growable array type <code>vec</code> that is optimized for mypyc use. It provides fast, packed arrays with integer and floating point value types, which can be <strong>several times faster</strong> than <code>list</code>, and tens of times faster than <code>array.array</code> in code compiled using mypyc. It also supports nested <code>vec</code> objects and non-value-type items, such as <code>vec[vec[str]]</code>.</p> <p>Refer to the <a href="https://mypyc.readthedocs.io/en/latest/librt_vecs.html">documentation</a> for the details.</p> <p>Contributed by Jukka Lehtosalo.</p> <h3>librt.random: Fast Pseudo-Random Number Generation</h3> <p>The new <code>librt.random</code> module provides fast pseudo-random number generation that is optimized for code compiled using mypyc. It can be 3x to 10x faster than the stdlib <code>random</code> module in compiled code.</p> <p>Refer to the <a href="https://mypyc.readthedocs.io/en/latest/librt_random.html">documentation</a> for the details.</p> <p>Contributed by Jukka Lehtosalo (PR <a href="https://redirect.github.com/python/mypy/pull/21433">21433</a>).</p> <h3>Mypyc Improvements</h3> <ul> <li>Enable incremental self-compilation (Vaggelis Danias, PR <a href="https://redirect.github.com/python/mypy/pull/21369">21369</a>)</li> <li>Make compilation order with multiple files consistent (Piotr Sawicki, PR <a href="https://redirect.github.com/python/mypy/pull/21419">21419</a>)</li> <li>Fix crash on accessing <code>StopAsyncIteration</code> (Piotr Sawicki, PR <a href="https://redirect.github.com/python/mypy/pull/21406">21406</a>)</li> <li>Fix incremental compilation with <code>separate</code> flag (Vaggelis Danias, PR <a href="https://redirect.github.com/python/mypy/pull/21299">21299</a>)</li> </ul> <h3>Fixes to Crashes</h3> <ul> <li>Fix crash on partial type with <code>--allow-redefinition</code> and <code>global</code> declaration (Jukka Lehtosalo, PR <a href="https://redirect.github.com/python/mypy/pull/21428">21428</a>)</li> <li>Fix broken awaitable generator patching (Ivan Levkivskyi, PR <a href="https://redirect.github.com/python/mypy/pull/21435">21435</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
4f1dc6ae80 |
Bump pyrefly from 0.63.1 to 0.64.1 in /backend (#1710)
Bumps [pyrefly](https://github.com/facebook/pyrefly) from 0.63.1 to 0.64.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/facebook/pyrefly/releases">pyrefly's releases</a>.</em></p> <blockquote> <h2>Pyrefly v0.64.1</h2> <p><strong>Full Changelog</strong>: <a href="https://github.com/facebook/pyrefly/compare/0.64.0...0.64.1">https://github.com/facebook/pyrefly/compare/0.64.0...0.64.1</a></p> <h2>Pyrefly v0.64.0</h2> <p><strong>Status : BETA</strong> <em>Release date: May 05, 2026</em></p> <p>Pyrefly v0.64.0 bundles <strong>190 commits</strong> from <strong>20 contributors</strong>.</p> <hr /> <h2>✨ New & Improved</h2> <table> <thead> <tr> <th>Area</th> <th>What's new</th> </tr> </thead> <tbody> <tr> <td><strong>Type Checking</strong></td> <td>- You can now pass generic or overloaded callables to higher-order functions and Pyrefly will preserve their structure in the return type. For example, <code>identity(identity)</code> now correctly returns a generic callable instead of degrading to <code>Unknown</code>. <!-- raw HTML omitted --><!-- raw HTML omitted -->- Same-scope class rebinds (like <code>Real = Dummy</code> after <code>class Real</code>) are now checked against the original class as if it were an implicit <code>type[Real]</code> annotation, preventing silent type changes and fixing spurious constructor-call errors. <!-- raw HTML omitted --><!-- raw HTML omitted -->- Generic classes with missing type arguments in lax mode now default to <code>Any</code> instead of raising variance errors, improving consistency with how we handle other incomplete types. <!-- raw HTML omitted --><!-- raw HTML omitted -->- Pydantic <code>field_validator</code> decorators with <code>mode='before'</code> and <code>mode='plain'</code> are now supported, allowing validators to accept broader input types before coercion. <!-- raw HTML omitted --><!-- raw HTML omitted -->- Spurious unpack diagnostics are no longer emitted when the right-hand side involves <code>Never</code> (e.g. <code>a, b, c = never()</code> or <code>a, b = (never(), 1)</code>). The unpack solver is now <code>Never</code>-aware, recognizing that the producing expression cannot complete and any error message at the unpack site would be misleading. <!-- raw HTML omitted --><!-- raw HTML omitted -->- <code>assert</code> statements now check that <code>__bool__</code> is callable on the test expression, matching the behavior already in place for <code>if</code>, <code>while</code>, and ternary expressions (and aligning with mypy and pyright).</td> </tr> <tr> <td><strong>Language Server</strong></td> <td>- The language server now advertises both <code>source.fixAll</code> and <code>source.fixAll.pyrefly</code> code action kinds, enabling selective fix-on-save configuration across editors that implement the LSP protocol. <!-- raw HTML omitted --><!-- raw HTML omitted -->- Document highlights now correctly distinguish between read and write references, setting <code>DocumentHighlightKind::WRITE</code> for assignments and declarations. <!-- raw HTML omitted --><!-- raw HTML omitted -->- Go-to-definition on relative imports in site-packages files now correctly resolves to the package source instead of returning null when a <code>pyproject.toml</code> exists at the project root. <!-- raw HTML omitted --><!-- raw HTML omitted -->- Notebook cell index resolution has been fixed to prevent mismatches between code cells and markdown cells, eliminating panics and incorrect byte offset calculations in Jupyter notebooks. <!-- raw HTML omitted --><!-- raw HTML omitted -->- Cross-module "find references" (external references) is now enabled by default, returning references across the entire project rather than just the current file. <!-- raw HTML omitted --><!-- raw HTML omitted -->- A new quick fix turns the existing "Did you mean <code>Foo.BAR</code>?" diagnostic note for missing enum members into a code action that replaces the offending string literal with the proper enum member access. <!-- raw HTML omitted --><!-- raw HTML omitted -->- A new <code># pyrefly: ignore</code> quick fix inserts a suppression comment for the diagnostic at the cursor, automatically merging into an existing pyrefly-ignore directive on the same line or on a comment-only line above when present. <!-- raw HTML omitted --><!-- raw HTML omitted -->- Numeric parameter defaults now preserve their source spelling (e.g. <code>0o777</code>, <code>0xFF</code>, <code>0b101</code>) in hover and signature display rather than being normalized to decimal. <!-- raw HTML omitted --><!-- raw HTML omitted -->- Code actions documentation has been added to the IDE Supported Features page, covering quick fixes and <code>source.fixAll.pyrefly</code> configuration.</td> </tr> <tr> <td><strong>Onboarding & VS Code Extension</strong></td> <td>- A redesigned unconfigured-project experience: when no <code>pyrefly.toml</code> is found, Pyrefly auto-detects nearby <code>mypy.ini</code>, <code>pyrightconfig.json</code>, or <code>[tool.mypy]</code>/<code>[tool.pyright]</code> sections in <code>pyproject.toml</code> and synthesizes an in-memory configuration migrated from those settings (using the <code>legacy</code> or <code>default</code> preset respectively). With no detectable configuration, the new <code>basic</code> preset is used. <!-- raw HTML omitted --><!-- raw HTML omitted -->- A new <code>python.pyrefly.typeCheckingMode</code> workspace setting (auto / off / basic / legacy / default / strict, default <code>auto</code>) lets users pick a preset for files not covered by an explicit Pyrefly configuration, directly from the VS Code settings UI. The legacy <code>python.pyrefly.displayTypeErrors</code> setting is now deprecated, with values transparently mapped to the new model. <!-- raw HTML omitted --><!-- raw HTML omitted -->- A new <code>python.pyrefly.disableTypeErrors</code> workspace setting provides a clean per-workspace kill switch for diagnostics, independent of the type-checking mode. <!-- raw HTML omitted --><!-- raw HTML omitted -->- The VS Code status bar has been redesigned: it now shows the active preset (e.g. "Pyrefly (Legacy)", "Pyrefly (Basic)") and the tooltip explains why that preset was chosen and links to the relevant docs. <!-- raw HTML omitted --><!-- raw HTML omitted -->- After a <code>pyrefly check</code> on an unconfigured project, the CLI now prints a short upsell to <strong>stderr</strong> explaining what configuration was synthesized and pointing at <code>pyrefly init</code>. The message is routed to stderr so machine-readable stdout formats (e.g. <code>--output-format json</code>) remain untouched.</td> </tr> <tr> <td><strong>Configuration</strong></td> <td>- Configuration presets (<code>off</code>, <code>basic</code>, <code>legacy</code>, <code>default</code>, <code>strict</code>) are now available via the <code>preset</code> option, providing named collections of error severities and behavior settings as a base configuration that user settings can override. <!-- raw HTML omitted --><!-- raw HTML omitted -->- The <code>legacy</code> preset is now used by <code>pyrefly init</code> for mypy migration, disabling checks mypy doesn't have and setting looser inference defaults. <!-- raw HTML omitted --><!-- raw HTML omitted -->- The <code>implicit-any</code> error code has been split into sub-kinds (<code>implicit-any-attribute</code>, <code>implicit-any-empty-container</code>, <code>implicit-any-parameter</code>, <code>implicit-any-type-argument</code>) with <code>implicit-any</code> as the parent, allowing finer-grained control over where implicit <code>Any</code> is flagged. <!-- raw HTML omitted --><!-- raw HTML omitted -->- The <code>unbound-name</code> error is now disabled in the <code>legacy</code> preset to match mypy's default behavior, which does not flag possibly-undefined variables.</td> </tr> <tr> <td><strong>Error Reporting</strong></td> <td>- A new <code>incompatible-overload-residual</code> error kind has been introduced for cases where all branches of an overloaded callable are pruned during higher-order function analysis, making it easier to configure these errors independently. <!-- raw HTML omitted --><!-- raw HTML omitted -->- Error messages for all-pruned overload residuals now describe the incompatibility in terms of "solved type variables" rather than "solved type constraints" for better clarity. <!-- raw HTML omitted --><!-- raw HTML omitted -->- The <code>pyrefly suppress</code> command now correctly handles removal of unused ignores via the <code>--remove-unused</code> flag, which was previously broken.</td> </tr> <tr> <td><strong>Factory Boy Support</strong></td> <td>- Pyrefly now infers the correct model return types for <code>create()</code>, <code>build()</code>, <code>create_batch()</code>, and <code>build_batch()</code> methods on <code>DjangoModelFactory</code> subclasses by reading the inner <code>Meta.model</code> attribute. <!-- raw HTML omitted --><!-- raw HTML omitted -->- False-positive <code>bad-override</code> errors on the inner <code>Meta</code> class in factory-boy factories are now suppressed, matching how we handle Django and Marshmallow.</td> </tr> <tr> <td><strong>Reporting</strong></td> <td>- The <code>pyrefly report</code> JSON output now includes a <code>path</code> field on each <code>ModuleReport</code>, for compatibility with typestats and similar tooling.</td> </tr> <tr> <td><strong>Performance</strong></td> <td>- Deeply-nested dict literals no longer cause exponential memory growth during type inference. A depth-25 dict literal that previously consumed ~7.7 GB now uses ~239 MB by computing the union of field types on demand instead of storing it redundantly. <!-- raw HTML omitted --><!-- raw HTML omitted -->- Callable residual finalization has been optimized to avoid redundant type cloning and traversals, reducing memory churn in attribute-heavy code. <!-- raw HTML omitted --><!-- raw HTML omitted -->- Eliminated some bugs that caused Pyrefly to unnecessarily analyze dependencies, improving latency and memory use, especially in the IDE.</td> </tr> </tbody> </table> <hr /> <h2>🐛 bug fixes</h2> <p>We closed <strong>15</strong> bug issues this release 👏</p> <ul> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/3057">#3057</a>: Fixed an issue where string concatenation with the <code>+</code> operator was incorrectly flagging <code>str</code> as not assignable to <code>LiteralString</code> attributes. Pyrefly now preserves <code>LiteralString</code> style when adding two explicit string literals and uses implicit style otherwise.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/105">#105</a>: Fixed premature type pinning in function calls where arguments were incorrectly narrowed before all constraints were solved. For example, <code>foo(x, y)</code> with <code>x: int | None</code> and <code>y: int | None</code> no longer incorrectly narrows <code>x</code> to <code>None</code> when passed to a generic <code>foo[T](https://github.com/facebook/pyrefly/blob/HEAD/a: T, b: T)</code>.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/3198">#3198</a>: Fixed <code>pyrefly suppress --remove-unused</code> which was not actually removing unused error suppressions. The command now correctly processes the <code>--remove-unused</code> flag.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/3024">#3024</a>: The language server now advertises <code>source.fixAll.pyrefly</code> in addition to <code>source.fixAll</code>, allowing users to selectively enable or disable Pyrefly's fix-all actions in editors that support LSP code action kinds.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2819">#2819</a>: Fixed incorrect variance errors when using generic classes like Pydantic's <code>RootModel</code> in lax mode. Missing type arguments now degrade to <code>Any</code> instead of raising errors, matching our handling of other incomplete types.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/3000">#3000</a>: Fixed "find references" failures in Cursor and other editors caused by relative imports in site-packages not resolving correctly when a <code>pyproject.toml</code> existed at the project root.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2563">#2563</a>: Fixed go-to-definition on relative imports in virtual environment site-packages, which was returning null because the project root's import path was matching before the more specific site-package prefix.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/3193">#3193</a>: Fixed an error where <code>list["A|B"]</code> was incorrectly rejected as <code>not-a-type</code>. Type argument subscripts are now bound as type expressions even in value context, allowing forward-ref strings to be parsed.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/3286">#3286</a>: Fixed exponential memory blowup when type-checking deeply-nested dict literals, which could cause VSCode to be killed by the OS. Memory usage for a depth-25 dict dropped from ~7.7 GB to ~239 MB.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/3261">#3261</a>: Fixed a false positive <code>bad-class-definition</code> when a dataclass field was assigned inside a <code>@classmethod</code> or <code>__init_subclass__</code>. Pyrefly was incorrectly extracting these as dataclass fields, even though Python's <code>dataclasses.dataclass</code> ignores them at runtime.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2914">#2914</a>: <code>assert</code> statements now flag a non-callable <code>__bool__</code> on the test expression, closing a gap that previously only caught the issue inside <code>if</code>, <code>while</code>, and ternary expressions.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2867">#2867</a>: Fixed <code>urlunparse</code> being inferred as returning <code>Literal[b'']</code> instead of <code>str</code>. The fix reworks <code>as_superclass</code> so tuple-like <code>NamedTuple</code> subclasses are upcast through their erased tuple element types, which stops <code>ParseResult</code> from spuriously matching <code>Iterable[None]</code> and selecting the bytes overload.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/3266">#3266</a>: Added a quick fix for the existing "Did you mean <code>Foo.BAR</code>?" diagnostic note for missing enum members, turning the suggestion into a code action that rewrites the surrounding string literal.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/3230">#3230</a>: Numeric parameter defaults now preserve their original spelling (e.g. <code>0o777</code>) in hover and signature display rather than being normalized to a decimal value.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/3302">#3302</a>: Added a <code>path</code> field to the <code>pyrefly report</code> JSON <code>ModuleReport</code>, restoring compatibility with typestats.</li> </ul> <p>Thank-you to all our contributors who found these bugs and reported them! Did you know this is one of the most helpful contributions you can make to an open-source project? If you find any bugs in Pyrefly we want to know about them! Please open a bug report issue <a href="https://github.com/facebook/pyrefly/issues">here</a></p> <hr /> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
9a47d9cf6a |
Bump gunicorn from 25.3.0 to 26.0.0 in /backend (#1708)
Bumps [gunicorn](https://github.com/benoitc/gunicorn) from 25.3.0 to 26.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/benoitc/gunicorn/releases">gunicorn's releases</a>.</em></p> <blockquote> <h2>26.0.0</h2> <h2>Breaking Changes</h2> <ul> <li><strong>Eventlet worker removed</strong>: The <code>eventlet</code> worker class has been dropped. Migrate to <code>gevent</code>, <code>gthread</code>, or <code>tornado</code>.</li> </ul> <h2>New Features</h2> <ul> <li><strong>ASGI Framework Compatibility Suite</strong>: New end-to-end compatibility test harness covering Starlette, FastAPI, Litestar, Quart, Sanic, and BlackSheep. Current grid passes 438/444 tests (98%).</li> <li><strong>ASGI Test Suite Expansion</strong>: 134 additional ASGI unit tests covering protocol semantics, lifespan, websockets, and chunked framing.</li> </ul> <h2>Security</h2> <ul> <li><strong>HTTP/1.1 Request-Target Validation</strong> (RFC 9112 sections 3.2.3, 3.2.4): <ul> <li>Reject <code>authority-form</code> request-target outside <code>CONNECT</code></li> <li>Reject <code>asterisk-form</code> request-target outside <code>OPTIONS</code></li> <li>Reject <code>relative-reference</code> request-targets</li> </ul> </li> <li><strong>Header Field Hardening</strong> (RFC 9110): <ul> <li>Reject control characters in header field-value (section 5.5)</li> <li>Reject forbidden trailer field-names (section 6.5.1)</li> <li>Reject <code>Content-Length</code> list form (RFC 9112 section 6.3)</li> </ul> </li> <li><strong>Request Smuggling Hardening</strong>: <ul> <li>Tighten keepalive gate and scope <code>finish_body</code> byte cap</li> <li>Keep <code>_body_receiver</code> alive across the keepalive smuggling gate so pipelined requests cannot re-enter a closed body</li> <li>Address parser/protocol findings from a six-point WSGI/ASGI audit</li> </ul> </li> <li><strong>PROXY Protocol (ASGI)</strong>: Enforce <code>proxy_allow_ips</code> and tighten v1/v2 parsing in the ASGI callback parser.</li> <li><strong>Connection Draining</strong>: Drain the connection on close per RFC 9112 section 9.6 to prevent reset-on-close truncation.</li> </ul> <h2>Bug Fixes</h2> <ul> <li><strong>Body Framing on HEAD/204/304</strong>: <ul> <li>Keep <code>Content-Length</code> on HEAD and 304 responses (<a href="https://redirect.github.com/benoitc/gunicorn/issues/3621">#3621</a>)</li> <li>Drop body framing on HEAD/204/304 even when the framework set it</li> <li>Warn once when an ASGI app emits a body for a no-body response</li> </ul> </li> <li><strong>HTTP/2 ASGI</strong>: <ul> <li>Fix <code>_handle_stream_ended</code> to set <code>_body_complete</code> in the async HTTP/2 handler so request bodies finalize correctly on stream end</li> <li>Add <code>InvalidChunkExtension</code> mapping and fast-parser support in ASGI tests (<a href="https://redirect.github.com/benoitc/gunicorn/issues/3565">#3565</a>)</li> </ul> </li> <li><strong>HTTP/1.1 100-Continue</strong>: Stop adding <code>Transfer-Encoding: chunked</code> to 100-Continue interim responses.</li> <li><strong>WebSocket Close Handshake</strong> (RFC 6455): <ul> <li>Comply with the close handshake state machine</li> <li>Close the transport after the close handshake completes</li> <li>Fix binary send when the <code>text</code> key is <code>None</code></li> </ul> </li> <li><strong>Early Hints</strong>: Validate headers in the <code>early_hints</code> callback to match <code>process_headers</code>; pass only the header name to <code>InvalidHeader</code> (<a href="https://redirect.github.com/benoitc/gunicorn/issues/3588">#3588</a>).</li> <li><strong>ASGI Framework Fixes</strong>: <ul> <li>Fix ASGI disconnect handling for Django-style apps</li> <li>Fix Litestar request handling (use raw ASGI receive for body/headers)</li> <li>Fix Litestar HTTP endpoints for compatibility tests</li> <li>Fix Quart headers endpoint to normalize keys to lowercase</li> <li>Fix Quart WebSocket close test app (missing <code>accept()</code>)</li> <li>Fix duplicate <code>Transfer-Encoding</code> header for BlackSheep streaming</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
280a573976 |
Bump starlette from 1.0.0 to 1.0.1 in /backend (#1706)
Bumps [starlette](https://github.com/Kludex/starlette) from 1.0.0 to 1.0.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/Kludex/starlette/releases">starlette's releases</a>.</em></p> <blockquote> <h2>Version 1.0.1</h2> <h2>What's Changed</h2> <ul> <li>Ignore malformed <code>Host</code> header when constructing <code>request.url</code> by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/starlette/pull/3279">Kludex/starlette#3279</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/Kludex/starlette/compare/1.0.0...1.0.1">https://github.com/Kludex/starlette/compare/1.0.0...1.0.1</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Kludex/starlette/blob/main/docs/release-notes.md">starlette's changelog</a>.</em></p> <blockquote> <h2>1.0.1 (May 21, 2026)</h2> <h4>Fixed</h4> <ul> <li>Ignore malformed <code>Host</code> header when constructing <code>request.url</code> <a href="https://redirect.github.com/encode/starlette/pull/3279">#3279</a>.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
0b8e32af0a |
Bump sentry-sdk from 2.58.0 to 2.59.0 in /backend (#1704)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 2.58.0 to 2.59.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-python/releases">sentry-sdk's releases</a>.</em></p> <blockquote> <h2>2.59.0</h2> <h3>New Features ✨</h3> <h4>Langchain</h4> <ul> <li>Record <code>run_name</code> as <code>gen_ai.function_id</code> on Invoke Agent Spans by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5926">#5926</a></li> <li>Record <code>run_name</code> in <code>on_tool_start</code> by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5925">#5925</a></li> <li>Record <code>run_name</code> in <code>on_chat_model_start</code> by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5924">#5924</a></li> </ul> <h4>Other</h4> <ul> <li>(ci) Cancel in-progress PR workflows on new commit push by <a href="https://github.com/joshuarli"><code>@joshuarli</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5994">#5994</a></li> <li>(consts) Add updated span convention constants to SPANDATA by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/6093">#6093</a></li> <li>(fastapi) Support span streaming in active thread tracking by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/6118">#6118</a></li> <li>(httpx) Migrate to span first by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/6084">#6084</a></li> <li>(huggingface_hub) Migrate to span first by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/6124">#6124</a></li> <li>(mcp) Migrate to span first by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/6131">#6131</a></li> <li>Add <code>db.driver.name</code> spans to database integrations by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/6082">#6082</a></li> </ul> <h3>Bug Fixes 🐛</h3> <p>We've put additional data that might contain sensitive information, like GraphQL documents, behind the <code>send_default_pii</code> option.</p> <h4>Httpx</h4> <ul> <li>Consistently early-exit when adding request source by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/6151">#6151</a></li> <li>Set <code>code.namespace</code> and <code>code.function</code> instead of <code>code.function.name</code> in span streaming by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/6150">#6150</a></li> </ul> <h4>Langchain</h4> <ul> <li>Record <code>run_name</code> as <code>gen_ai.function_id</code> for text completions by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/6073">#6073</a></li> <li>Set agent name as <code>gen_ai.agent.name</code> for chat and tool spans by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5877">#5877</a></li> </ul> <h4>Other</h4> <ul> <li>(asgi) Use <code>inspect.iscoroutinefunction</code> on Python 3.14+ by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/6135">#6135</a></li> <li>(batcher) Reset lock and flusher in child after fork by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/6163">#6163</a></li> <li>(google_genai) Redact binary data in inline_data and fix multi-part message extraction by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5977">#5977</a></li> <li>(grpc) Add isolation_scope to async server interceptor by <a href="https://github.com/robinvd"><code>@robinvd</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5940">#5940</a></li> <li>(metrics,logs) Don't attach <code>span_id</code> if no active span by <a href="https://github.com/sentrivana"><code>@sentrivana</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/6162">#6162</a></li> <li>(monitor) Release <code>Monitor._thread_lock</code> after fork (<a href="https://redirect.github.com/getsentry/sentry-python/issues/6148">#6148</a>) by <a href="https://github.com/vokracko"><code>@vokracko</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/6159">#6159</a></li> <li>(openai-agents) Resolve agent from <code>bindings</code> for openai-agents >= 0.14 by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/6102">#6102</a></li> <li>(profiler) Stop nulling buffer on teardown by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/6075">#6075</a></li> <li>(quart) Use <code>inspect.iscoroutinefunction</code> when Quart does by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/6133">#6133</a></li> <li>(security) Prevent GitHub script injection in update-tox workflow by <a href="https://github.com/fix-it-felix-sentry"><code>@fix-it-felix-sentry</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/6171">#6171</a></li> <li>(starlette/fastapi) Use <code>inspect.iscoroutinefunction</code> when Starlette does by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/6134">#6134</a></li> <li>(tornado) Make sure context manager doesn't double yield by <a href="https://github.com/sentrivana"><code>@sentrivana</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/6152">#6152</a></li> <li>Introduce <code>_get_current_streamed_span()</code> to keep types backwards compatible by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/6177">#6177</a></li> </ul> <h3>Internal Changes 🔧</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md">sentry-sdk's changelog</a>.</em></p> <blockquote> <h2>2.59.0</h2> <h3>New Features ✨</h3> <h4>Langchain</h4> <ul> <li>Record <code>run_name</code> as <code>gen_ai.function_id</code> on Invoke Agent Spans by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5926">#5926</a></li> <li>Record <code>run_name</code> in <code>on_tool_start</code> by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5925">#5925</a></li> <li>Record <code>run_name</code> in <code>on_chat_model_start</code> by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5924">#5924</a></li> </ul> <h4>Other</h4> <ul> <li>(ci) Cancel in-progress PR workflows on new commit push by <a href="https://github.com/joshuarli"><code>@joshuarli</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5994">#5994</a></li> <li>(consts) Add updated span convention constants to SPANDATA by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/6093">#6093</a></li> <li>(fastapi) Support span streaming in active thread tracking by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/6118">#6118</a></li> <li>(httpx) Migrate to span first by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/6084">#6084</a></li> <li>(huggingface_hub) Migrate to span first by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/6124">#6124</a></li> <li>(mcp) Migrate to span first by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/6131">#6131</a></li> <li>Add <code>db.driver.name</code> spans to database integrations by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/6082">#6082</a></li> </ul> <h3>Bug Fixes 🐛</h3> <p>We've put additional data that might contain sensitive information, like GraphQL documents, behind the <code>send_default_pii</code> option.</p> <h4>Httpx</h4> <ul> <li>Consistently early-exit when adding request source by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/6151">#6151</a></li> <li>Set <code>code.namespace</code> and <code>code.function</code> instead of <code>code.function.name</code> in span streaming by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/6150">#6150</a></li> </ul> <h4>Langchain</h4> <ul> <li>Record <code>run_name</code> as <code>gen_ai.function_id</code> for text completions by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/6073">#6073</a></li> <li>Set agent name as <code>gen_ai.agent.name</code> for chat and tool spans by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5877">#5877</a></li> </ul> <h4>Other</h4> <ul> <li>(asgi) Use <code>inspect.iscoroutinefunction</code> on Python 3.14+ by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/6135">#6135</a></li> <li>(batcher) Reset lock and flusher in child after fork by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/6163">#6163</a></li> <li>(google_genai) Redact binary data in inline_data and fix multi-part message extraction by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5977">#5977</a></li> <li>(grpc) Add isolation_scope to async server interceptor by <a href="https://github.com/robinvd"><code>@robinvd</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5940">#5940</a></li> <li>(metrics,logs) Don't attach <code>span_id</code> if no active span by <a href="https://github.com/sentrivana"><code>@sentrivana</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/6162">#6162</a></li> <li>(monitor) Release <code>Monitor._thread_lock</code> after fork (<a href="https://redirect.github.com/getsentry/sentry-python/issues/6148">#6148</a>) by <a href="https://github.com/vokracko"><code>@vokracko</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/6159">#6159</a></li> <li>(openai-agents) Resolve agent from <code>bindings</code> for openai-agents >= 0.14 by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/6102">#6102</a></li> <li>(profiler) Stop nulling buffer on teardown by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/6075">#6075</a></li> <li>(quart) Use <code>inspect.iscoroutinefunction</code> when Quart does by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/6133">#6133</a></li> <li>(security) Prevent GitHub script injection in update-tox workflow by <a href="https://github.com/fix-it-felix-sentry"><code>@fix-it-felix-sentry</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/6171">#6171</a></li> <li>(starlette/fastapi) Use <code>inspect.iscoroutinefunction</code> when Starlette does by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/6134">#6134</a></li> <li>(tornado) Make sure context manager doesn't double yield by <a href="https://github.com/sentrivana"><code>@sentrivana</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/6152">#6152</a></li> <li>Introduce <code>_get_current_streamed_span()</code> to keep types backwards compatible by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/6177">#6177</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
119d097795 |
Bump pyrefly from 0.62.0 to 0.63.1 in /backend (#1703)
Bumps [pyrefly](https://github.com/facebook/pyrefly) from 0.62.0 to 0.63.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/facebook/pyrefly/releases">pyrefly's releases</a>.</em></p> <blockquote> <h2>Pyrefly v0.63.1</h2> <p><strong>Full Changelog</strong>: <a href="https://github.com/facebook/pyrefly/compare/0.63.0...0.63.1">https://github.com/facebook/pyrefly/compare/0.63.0...0.63.1</a></p> <h2>Pyrefly v0.63.0</h2> <p><strong>Status : BETA</strong> <em>Release date: April 27, 2026</em></p> <p>Pyrefly v0.63.0 bundles <strong>129 commits</strong> from <strong>26 contributors</strong>.</p> <hr /> <h2>✨ New & Improved</h2> <table> <thead> <tr> <th>Area</th> <th>What's new</th> </tr> </thead> <tbody> <tr> <td><strong>Type Checking</strong></td> <td>- Enum member types are preserved even when the metaclass conflicts with <code>EnumMeta</code>, reducing noise in projects using custom metaclasses with enums. <!-- raw HTML omitted --><!-- raw HTML omitted -->- Constrained <code>TypeVar</code>s no longer get pinned to a specific constraint when matched against <code>Any</code>, preventing false positives. <!-- raw HTML omitted --><!-- raw HTML omitted -->- Self/cls annotations on all methods and classmethods are validated to ensure they reference the defining class or a superclass, catching more annotation errors.</td> </tr> <tr> <td><strong>Language Server</strong></td> <td>- The LSP now reports <code>unused-ignore</code> diagnostics when configured to do so, helping you clean up stale suppression comments. <!-- raw HTML omitted --><!-- raw HTML omitted -->- Completions for attribute override definitions are available in class bodies, surfacing base-class members filtered by fuzzy match. <!-- raw HTML omitted --><!-- raw HTML omitted -->- The LSP server no longer crashes on Jupyter notebook cell URIs (<code>vscode-notebook-cell:</code>), with full support for resolving notebook cell paths and position offsets. <!-- raw HTML omitted --><!-- raw HTML omitted -->- Workspace symbol search uses the correct location for re-exported symbols, preventing panics on multi-byte UTF-8 characters. <!-- raw HTML omitted --><!-- raw HTML omitted -->- Inlay hints are clickable for built-in types like <code>tuple</code>, <code>dict</code>, and <code>str</code>, enabling go-to-definition directly from hint overlays.</td> </tr> <tr> <td><strong>Error Messages</strong></td> <td>- A new <code>unnecessary-type-conversion</code> lint warns when <code>str()</code>, <code>int()</code>, or <code>float()</code> is called on an argument that is already of that exact type.</td> </tr> <tr> <td><strong>Reporting & Coverage</strong></td> <td>- Public symbol filtering is available via <code>pyrefly report --public-only</code>, using cross-module tracing to report only public symbols.</td> </tr> <tr> <td><strong>Performance</strong></td> <td>- TypedDict subset checks are now cached on the Solver, reducing CPU time by ~5.3x and wall time by ~6.7x on pydantic (from 9.5s to 1.4s).</td> </tr> <tr> <td><strong>Configuration & Initialization</strong></td> <td>- <code>pyrefly init</code> supports <code>--dry-run</code> for safe previews without writing files, and <code>--print-config</code> for machine-readable TOML output.</td> </tr> </tbody> </table> <hr /> <h2>🐛 bug fixes</h2> <p>We closed <strong>9</strong> bug issues this release 👏</p> <ul> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/3099">#3099</a>: Fixed an issue where property setters and deleters inflated typable counts in <code>pyrefly report</code> by incorrectly counting their trivial <code>-> None</code> return types.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/3098">#3098</a>: Fixed an issue where overloads in <code>pyrefly report</code> were not deduplicated, causing parameters and callable signatures to be counted multiple times and inflate coverage metrics.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/3067">#3067</a>: Fixed an issue where the type display path was dropping the unpack marker (<code>*</code>) for direct <code>TypeVarTuple</code> arguments, causing <code>Shape</code> to render bare instead of <code>*Shape</code>.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/3040">#3040</a>: Fixed an issue where properties on metaclasses were not taking precedence over properties on the class during class-level attribute access, causing false <code>bad-assignment</code> and <code>bad-return</code> errors.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/3150">#3150</a>: Fixed an issue where type aliases were inflating type coverage in <code>pyrefly report</code> by being counted as typable entities.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/3041">#3041</a>: Fixed a panic during workspace/symbol requests on re-exported symbols with multi-byte UTF-8 characters, caused by using the canonical module's byte offset against the re-exporting file's buffer.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/3109">#3109</a>: Added a new <code>unnecessary-type-conversion</code> lint that warns when <code>str()</code>, <code>int()</code>, or <code>float()</code> is called on an argument that is already of that exact type, making the conversion redundant.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/3187">#3187</a>: Fixed a panic in <code>pyrefly report</code> when <code>@no_type_check</code> decorator was used, caused by a missing key lookup for skipped parameter annotations.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/3090">#3090</a>: Improved the unused-coroutine error message when an <code>await</code> expression already has <code>await</code> but produces a coroutine due to an incorrect return type annotation on the function definition.</li> </ul> <p>Thank-you to all our contributors who found these bugs and reported them! Did you know this is one of the most helpful contributions you can make to an open-source project? If you find any bugs in Pyrefly we want to know about them! Please open a bug report issue <a href="https://github.com/facebook/pyrefly/issues">here</a></p> <hr /> <h2>📦 Upgrade</h2> <pre lang="bash"><code>pip install --upgrade pyrefly==0.63.0 </code></pre> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
1e1e1788e6 |
Bump uvicorn from 0.44.0 to 0.46.0 in /backend (#1698)
Bumps [uvicorn](https://github.com/Kludex/uvicorn) from 0.44.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/Kludex/uvicorn/releases">uvicorn's releases</a>.</em></p> <blockquote> <h2>Version 0.46.0</h2> <h2>What's Changed</h2> <ul> <li>Support <code>ws_max_size</code> in <code>wsproto</code> implementation by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/uvicorn/pull/2915">Kludex/uvicorn#2915</a></li> <li>Support <code>ws_ping_interval</code> and <code>ws_ping_timeout</code> in <code>wsproto</code> implementation by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/uvicorn/pull/2916">Kludex/uvicorn#2916</a></li> <li>Use <code>bytearray</code> for incoming WebSocket message buffer in websockets-sansio by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/uvicorn/pull/2917">Kludex/uvicorn#2917</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/Kludex/uvicorn/compare/0.45.0...0.46.0">https://github.com/Kludex/uvicorn/compare/0.45.0...0.46.0</a></p> <h2>Version 0.45.0</h2> <h2>What's Changed</h2> <ul> <li>Preserve forwarded client ports in proxy headers middleware by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/uvicorn/pull/2903">Kludex/uvicorn#2903</a></li> <li>Accept <code>os.PathLike</code> for <code>log_config</code> by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/uvicorn/pull/2905">Kludex/uvicorn#2905</a></li> <li>Accept <code>log_level</code> strings case-insensitively by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/uvicorn/pull/2907">Kludex/uvicorn#2907</a></li> <li>Raise helpful <code>ImportError</code> when PyYAML is missing for YAML log config by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/uvicorn/pull/2906">Kludex/uvicorn#2906</a></li> <li>Revert empty context for ASGI runs by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/uvicorn/pull/2911">Kludex/uvicorn#2911</a></li> <li>Add <code>--reset-contextvars</code> flag to isolate ASGI request context by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/uvicorn/pull/2912">Kludex/uvicorn#2912</a></li> <li>Revert "Emit <code>http.disconnect</code> on server shutdown for streaming responses" (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2829">#2829</a>) by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/uvicorn/pull/2913">Kludex/uvicorn#2913</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/Krishnachaitanyakc"><code>@Krishnachaitanyakc</code></a> made their first contribution in <a href="https://redirect.github.com/Kludex/uvicorn/pull/2870">Kludex/uvicorn#2870</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/Kludex/uvicorn/compare/0.44.0...0.45.0">https://github.com/Kludex/uvicorn/compare/0.44.0...0.45.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Kludex/uvicorn/blob/main/docs/release-notes.md">uvicorn's changelog</a>.</em></p> <blockquote> <h2>0.46.0 (April 23, 2026)</h2> <h3>Added</h3> <ul> <li>Support <code>ws_max_size</code> in <code>wsproto</code> implementation (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2915">#2915</a>)</li> <li>Support <code>ws_ping_interval</code> and <code>ws_ping_timeout</code> in <code>wsproto</code> implementation (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2916">#2916</a>)</li> </ul> <h3>Changed</h3> <ul> <li>Use <code>bytearray</code> for incoming WebSocket message buffer in <code>websockets-sansio</code> (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2917">#2917</a>)</li> </ul> <h2>0.45.0 (April 21, 2026)</h2> <h3>Added</h3> <ul> <li>Add <code>--reset-contextvars</code> flag to isolate ASGI request context (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2912">#2912</a>)</li> <li>Accept <code>os.PathLike</code> for <code>log_config</code> (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2905">#2905</a>)</li> <li>Accept <code>log_level</code> strings case-insensitively (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2907">#2907</a>)</li> </ul> <h3>Changed</h3> <ul> <li>Revert "Emit <code>http.disconnect</code> on server shutdown for streaming responses" (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2913">#2913</a>)</li> <li>Revert "Explicitly start ASGI run with empty context" (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2911">#2911</a>)</li> </ul> <h3>Fixed</h3> <ul> <li>Preserve forwarded client ports in proxy headers middleware (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2903">#2903</a>)</li> <li>Raise helpful <code>ImportError</code> when PyYAML is missing for YAML log config (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2906">#2906</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
38efd1e2b9 |
Bump pydantic-settings from 2.13.0 to 2.14.0 in /backend (#1697)
Bumps [pydantic-settings](https://github.com/pydantic/pydantic-settings) from 2.13.0 to 2.14.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pydantic/pydantic-settings/releases">pydantic-settings's releases</a>.</em></p> <blockquote> <h2>v2.14.0</h2> <h2>What's Changed</h2> <ul> <li>Fix parsing env vars into Optional Strict types by <a href="https://github.com/hramezani"><code>@hramezani</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/792">pydantic/pydantic-settings#792</a></li> <li>Fix RecursionError with mutually recursive models in CLI by <a href="https://github.com/hramezani"><code>@hramezani</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/794">pydantic/pydantic-settings#794</a></li> <li>Fix env_file from model_config ignored in CliApp.run() (<a href="https://redirect.github.com/pydantic/pydantic-settings/issues/795">#795</a>) by <a href="https://github.com/hramezani"><code>@hramezani</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/796">pydantic/pydantic-settings#796</a></li> <li>Update dependencies by <a href="https://github.com/hramezani"><code>@hramezani</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/798">pydantic/pydantic-settings#798</a></li> <li>Add Dependabot configuration by <a href="https://github.com/hramezani"><code>@hramezani</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/801">pydantic/pydantic-settings#801</a></li> <li>Bump samuelcolvin/check-python-version from 4.1 to 5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/802">pydantic/pydantic-settings#802</a></li> <li>Bump actions/upload-artifact from 4 to 7 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/803">pydantic/pydantic-settings#803</a></li> <li>Bump actions/checkout from 4 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/804">pydantic/pydantic-settings#804</a></li> <li>Bump astral-sh/setup-uv from 5 to 7 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/805">pydantic/pydantic-settings#805</a></li> <li>Bump actions/setup-python from 5 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/806">pydantic/pydantic-settings#806</a></li> <li>Ignore chardet and group GitHub Actions in Dependabot by <a href="https://github.com/hramezani"><code>@hramezani</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/808">pydantic/pydantic-settings#808</a></li> <li>Bump actions/download-artifact from 4 to 8 in the github-actions group by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/809">pydantic/pydantic-settings#809</a></li> <li>Bump the python-packages group with 2 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/810">pydantic/pydantic-settings#810</a></li> <li>Support reading .env files from FIFOs (e.g. 1Password Environments) by <a href="https://github.com/JacobHayes"><code>@JacobHayes</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/776">pydantic/pydantic-settings#776</a></li> <li>Fix AliasChoices ignored when changing provider priority by <a href="https://github.com/hramezani"><code>@hramezani</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/813">pydantic/pydantic-settings#813</a></li> <li>fix: resolve KeyError in run_subcommand for underscore field names by <a href="https://github.com/bradykieffer"><code>@bradykieffer</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/799">pydantic/pydantic-settings#799</a></li> <li>Bump the python-packages group with 3 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/814">pydantic/pydantic-settings#814</a></li> <li>Fix <code>Literal[numeric Enum]</code> coercion for CLI and env vars by <a href="https://github.com/m9810223"><code>@m9810223</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/811">pydantic/pydantic-settings#811</a></li> <li>Fix nested discriminated unions not discovered by env/CLI providers by <a href="https://github.com/hramezani"><code>@hramezani</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/816">pydantic/pydantic-settings#816</a></li> <li>Bump the python-packages group with 3 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/820">pydantic/pydantic-settings#820</a></li> <li>CLI ensure env nested max split internally. by <a href="https://github.com/kschwab"><code>@kschwab</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/821">pydantic/pydantic-settings#821</a></li> <li>Bump the python-packages group with 4 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/824">pydantic/pydantic-settings#824</a></li> <li>Migrate <code>boto3-stubs</code> to <code>types-boto3</code> by <a href="https://github.com/hramezani"><code>@hramezani</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/831">pydantic/pydantic-settings#831</a></li> <li>Fix CLI not recognizing field name with validate_by_name and AliasChoices by <a href="https://github.com/hramezani"><code>@hramezani</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/826">pydantic/pydantic-settings#826</a></li> <li>Allow customisation of the dotevn setting source to filter variables by <a href="https://github.com/CaselIT"><code>@CaselIT</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/832">pydantic/pydantic-settings#832</a></li> <li>Bump the python-packages group with 3 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/833">pydantic/pydantic-settings#833</a></li> <li>Introduce yamlfmt by <a href="https://github.com/Viicos"><code>@Viicos</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/836">pydantic/pydantic-settings#836</a></li> <li>Bump boto3 from 1.42.82 to 1.42.83 in the python-packages group by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/837">pydantic/pydantic-settings#837</a></li> <li>Introduce zizmor by <a href="https://github.com/Viicos"><code>@Viicos</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/838">pydantic/pydantic-settings#838</a></li> <li>Fix CliPositionalArg[list[CustomType]] crash for custom types by <a href="https://github.com/hramezani"><code>@hramezani</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/839">pydantic/pydantic-settings#839</a></li> <li>Add note about Mypy plugin for <code>BaseSettings.__init__()</code> by <a href="https://github.com/Viicos"><code>@Viicos</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/842">pydantic/pydantic-settings#842</a></li> <li>Fix <code>cli_ignore_unknown_args=True</code> not working on subcommands by <a href="https://github.com/hramezani"><code>@hramezani</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/844">pydantic/pydantic-settings#844</a></li> <li>Bump the python-packages group with 4 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/847">pydantic/pydantic-settings#847</a></li> <li>Fix CLI descriptions lost under <code>python -OO</code> by falling back to <code>json_schema_extra</code> by <a href="https://github.com/hramezani"><code>@hramezani</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/843">pydantic/pydantic-settings#843</a></li> <li>Prepare release 2.14.0 by <a href="https://github.com/hramezani"><code>@hramezani</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/848">pydantic/pydantic-settings#848</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] made their first contribution in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/802">pydantic/pydantic-settings#802</a></li> <li><a href="https://github.com/JacobHayes"><code>@JacobHayes</code></a> made their first contribution in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/776">pydantic/pydantic-settings#776</a></li> <li><a href="https://github.com/bradykieffer"><code>@bradykieffer</code></a> made their first contribution in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/799">pydantic/pydantic-settings#799</a></li> <li><a href="https://github.com/CaselIT"><code>@CaselIT</code></a> made their first contribution in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/832">pydantic/pydantic-settings#832</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/pydantic/pydantic-settings/compare/v2.13.1...v2.14.0">https://github.com/pydantic/pydantic-settings/compare/v2.13.1...v2.14.0</a></p> <h2>v2.13.1</h2> <h2>What's Changed</h2> <ul> <li>Fix regression for bool fields since 2.13.0 by <a href="https://github.com/hramezani"><code>@hramezani</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/784">pydantic/pydantic-settings#784</a></li> <li>Fix RecursionError with self-referential models in CliApp by <a href="https://github.com/hramezani"><code>@hramezani</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/783">pydantic/pydantic-settings#783</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
4fb0d150f5 |
Bump pyrefly from 0.61.1 to 0.62.0 in /backend (#1696)
Bumps [pyrefly](https://github.com/facebook/pyrefly) from 0.61.1 to 0.62.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/facebook/pyrefly/releases">pyrefly's releases</a>.</em></p> <blockquote> <h2>Pyrefly v0.62.0</h2> <p><strong>Status : BETA</strong> <em>Release date: April 20, 2026</em></p> <p>Pyrefly v0.62.0 bundles <strong>87 commits</strong> from <strong>23 contributors</strong>.</p> <hr /> <h2>✨ New & Improved</h2> <table> <thead> <tr> <th>Area</th> <th>What's new</th> </tr> </thead> <tbody> <tr> <td><strong>Type Checking</strong></td> <td>- <code>TypeVarTuple</code> inference has been changed to be consistent with <code>TypeVar</code>, per a recent change to the typing spec. <!-- raw HTML omitted --><!-- raw HTML omitted -->- Errors logged during speculative union checks and overload calls are now reverted, eliminating a source of confusing false positives. <!-- raw HTML omitted --><!-- raw HTML omitted -->- Union-typed decorators that return fully unknown types (either <code>Unknown</code> or callables with all-unknown signatures) preserve the original function signature instead of replacing it with <code>Unknown</code>, reducing false positives by ~23% on TensorFlow.</td> </tr> <tr> <td><strong>Language Server</strong></td> <td>- Semantic tokens and completions work for <code>inmemory://</code> documents on Windows. <!-- raw HTML omitted --><!-- raw HTML omitted -->- LSP server crashes from out-of-range line numbers in client requests are prevented by clamping positions to the buffer's valid range.</td> </tr> <tr> <td><strong>Error Reporting</strong></td> <td>- Error kinds can now have sub-kinds that can be disabled using their shared prefix. <!-- raw HTML omitted --><!-- raw HTML omitted -->- Invariance checks for mutable attributes (corresponding to mypy's <code>mutable-override</code> opt-in behavior) have been moved to a new <code>bad-override-mutable-attribute</code> error code that is a sub-kind of <code>bad-override</code>. <!-- raw HTML omitted --><!-- raw HTML omitted -->- The <code>bad-param-name-override</code> error has been renamed to <code>bad-override-param-name</code> and made a sub-kind of <code>bad-override</code>. <!-- raw HTML omitted --><!-- raw HTML omitted -->- Sub-configs that define <code>[errors]</code> inherit the root config's error severity overrides for any codes they don't explicitly set.</td> </tr> <tr> <td><strong>Configuration</strong></td> <td>- When migrating from mypy via <code>pyrefly init</code>, <code>bad-override-mutable-attribute</code> is disabled by default to match mypy's behavior. <!-- raw HTML omitted --><!-- raw HTML omitted -->- Project excludes (e.g., <code>project-excludes = ["**/*.ipynb"]</code>) no longer block discovery of <code>.py</code> files when the default <code>project-includes</code> contains both <code>**/*.py*</code> and <code>**/*.ipynb</code>.</td> </tr> </tbody> </table> <hr /> <h2>🐛 bug fixes</h2> <p>We closed 12 bug issues this release 👏</p> <ul> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/3118">#3118</a>: Fixed incorrect stub package recommendations for typeshed third-party libraries. Pyrefly now suggests the correct package name (e.g., <code>types-python-dateutil</code> for the <code>dateutil</code> module, not <code>types-dateutil</code>) by extracting the module→package mapping from the bundled typeshed archive, preventing potential typosquatting.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/3081">#3081</a>: Fixed NewType wrappers with NoneType bases being incorrectly rejected or treated inconsistently. <code>NewType("NewNoneType", NoneType)</code> is now accepted as a valid nominal type declaration, and plain <code>None</code> is correctly rejected where <code>NewNoneType</code> is required.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/3052">#3052</a>: Fixed false positive <code>unexpected-keyword</code> errors for named parameters before <code>*args: P.args</code>. Functions like <code>call_with_retry(f, max_attempts=10, *args: P.args, **kwargs: P.kwargs)</code> now correctly allow <code>max_attempts</code> to be passed as a keyword argument, matching mypy and pyright behavior.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/3110">#3110</a>: Fixed LSP server crashes when the client sends a position with a line number beyond the end of the buffer (e.g., after a <code>DidChangeTextDocument</code> race where the file was truncated). Out-of-range positions now map to EOF instead of panicking.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2912">#2912</a>: Fixed false positive <code>bad-argument-type</code> for <code>list(null_values.items())</code> when the return type hint is a union like <code>Sequence[str] | list[tuple[str, str]]</code>. Pyrefly now tries constructing the class with each union member independently and unions the results, ensuring the inferred type is assignable to the hint.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2644">#2644</a>: Fixed false positive <code>bad-argument-type</code> when calling a method with <code>AnyStr</code>. Placeholder variables used during overload resolution are now saved and restored around overload calls, preventing <code>AnyStr</code> from being incorrectly specialized to <code>str</code> and polluting subsequent checks.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2872">#2872</a>: Fixed false positive <code>invalid-type-var</code> for generic functions captured as closure default arguments. The <code>Visit</code> implementation for <code>DefaultValue</code> now calls <code>visit</code> instead of <code>recurse</code>, ensuring type-level visitors see the <code>Type</code> node stored in the default value.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/3159">#3159</a>: Fixed incorrect type inference for <code>.value</code> on enum members with non-data-type mixins. Mixins that don't define <code>__new__</code> (e.g., <code>class Meta: pass</code>) are no longer treated as data type mixins, so <code>Foo.bar.value</code> correctly returns <code>Literal[1]</code> instead of <code>Meta</code>.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/3161">#3161</a>: Fixed false positive <code>bad-argument-type</code> for overloaded functions with vararg unpacking (e.g., <code>*args: *tuple[int, str]</code>). Type check errors for unpacked varargs are now sent to <code>call_errors</code> instead of <code>arg_errors</code>, so they don't cause the overload to be incorrectly rejected.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/3047">#3047</a>: Fixed false positive <code>bad-specialization</code> when matching a type variable against a union like <code>N | Iterable[N]</code>. Pyrefly now uses snapshot-based rollback when trying each union member, ensuring specialization errors from one branch don't leak into the final result if another branch succeeds without errors.</li> <li>And more! <a href="https://redirect.github.com/facebook/pyrefly/issues/3122">#3122</a>, <a href="https://redirect.github.com/facebook/pyrefly/issues/3080">#3080</a>, <a href="https://redirect.github.com/facebook/pyrefly/issues/3074">#3074</a></li> </ul> <p>Thank-you to all our contributors who found these bugs and reported them! Did you know this is one of the most helpful contributions you can make to an open-source project? If you find any bugs in Pyrefly we want to know about them! Please open a bug report issue <a href="https://github.com/facebook/pyrefly/issues">here</a></p> <hr /> <h2>📦 Upgrade</h2> <pre lang="bash"><code>pip install --upgrade pyrefly==0.62.0 </code></pre> <h3>How to safely upgrade your codebase</h3> <p>Upgrading the version of Pyrefly you're using or a third-party library you depend on can reveal new type errors in your code. Fixing them all at once is often unrealistic. We've written scripts to help you temporarily silence them. After upgrading, follow these steps:</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
a6eba4cbe4 |
Bump idna from 3.11 to 3.15 in /backend (#1692)
Bumps [idna](https://github.com/kjd/idna) from 3.11 to 3.15. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/kjd/idna/blob/master/HISTORY.md">idna's changelog</a>.</em></p> <blockquote> <h2>3.15 (2026-05-12)</h2> <ul> <li>Enforce DNS-length cap on individual labels early in <code>check_label</code>, short-circuiting contextual-rule processing for oversized input while staying compatible with UTS 46 usage.</li> <li>Tidy core helpers: hoist bidi category sets to module-level frozensets (avoiding per-codepoint list construction), simplify length checks, and reuse the shared <code>_unicode_dots_re</code> from <code>idna.core</code> in the codec module.</li> <li>Use <code>raise ... from err</code> for proper exception chaining and switch internal string formatting to f-strings.</li> <li>Allow <code>flit_core</code> 4.x in the build backend.</li> <li>Expand the ruff lint set (flake8-bugbear, flake8-simplify, pyupgrade, perflint) and apply the surfaced fixes; pin lint CI to Python 3.14.</li> <li>Add Dependabot configuration for GitHub Actions.</li> <li>Convert README and HISTORY from reStructuredText to Markdown.</li> <li>Reference CVE-2026-45409 for the 3.14 advisory in place of the initial GHSA identifier.</li> </ul> <p>Thanks to Felix Yan, Stan Ulbrych, and metsw24-max for contributions to this release.</p> <h2>3.14 (2026-05-10)</h2> <ul> <li>Removed opportunity to process long inputs into quadratic time by rejecting oversize inputs up-front. Closes a bypass of the CVE-2024-3651 mitigation. [CVE-2026-45409]</li> </ul> <p>Thanks to Stan Ulbrych for reporting the issue.</p> <h2>3.13 (2026-04-22)</h2> <ul> <li>Correct classification error for codepoint U+A7F1</li> </ul> <h2>3.12 (2026-04-21)</h2> <ul> <li>Update to Unicode 17.0.0.</li> <li>Issue a deprecation warning for the transitional argument.</li> <li>Added lazy-loading to provide some performance improvements.</li> <li>Removed vestiges of code related to Python 2 support, including segmentation of data structures specific to Jython.</li> </ul> <p>Thanks to Rodrigo Nogueira for contributions to this release.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
a4ebc13c6b |
Bump pydantic from 2.12.4 to 2.13.2 in /backend (#1691)
Bumps [pydantic](https://github.com/pydantic/pydantic) from 2.12.4 to 2.13.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pydantic/pydantic/releases">pydantic's releases</a>.</em></p> <blockquote> <h2>v2.13.2 2026-04-17</h2> <h2>v2.13.2 (2026-04-17)</h2> <h3>What's Changed</h3> <h4>Fixes</h4> <ul> <li>Fix <code>ValidationInfo.field_name</code> missing with <code>model_validate_json()</code> by <a href="https://github.com/Viicos"><code>@Viicos</code></a> in <a href="https://redirect.github.com/pydantic/pydantic/pull/13084">#13084</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/pydantic/pydantic/compare/v2.13.1...v2.13.2">https://github.com/pydantic/pydantic/compare/v2.13.1...v2.13.2</a></p> <h2>v2.13.1 2026-04-15</h2> <h2>v2.13.1 (2026-04-15)</h2> <h3>What's Changed</h3> <h4>Fixes</h4> <ul> <li>Fix <code>ValidationInfo.data</code> missing with <code>model_validate_json()</code> by <a href="https://github.com/davidhewitt"><code>@davidhewitt</code></a> in <a href="https://redirect.github.com/pydantic/pydantic/pull/13079">#13079</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/pydantic/pydantic/compare/v2.13.0...v2.13.1">https://github.com/pydantic/pydantic/compare/v2.13.0...v2.13.1</a></p> <h2>v2.13.0 2026-04-13</h2> <h2>v2.13.0 (2026-04-13)</h2> <p>The highlights of the v2.13 release are available in the <a href="https://pydantic.dev/articles/pydantic-v2-13-release">blog post</a>. Several minor changes (considered non-breaking changes according to our <a href="https://pydantic.dev/docs/validation/2.13/get-started/version-policy/#pydantic-v2">versioning policy</a>) are also included in this release. Make sure to look into them before upgrading.</p> <p>This release contains the updated <code>pydantic.v1</code> namespace, matching version 1.10.26 which includes support for Python 3.14.</p> <h3>What's Changed</h3> <p>See the beta releases for all changes sinces 2.12.</p> <h4>Packaging</h4> <ul> <li>Add zizmor for GitHub Actions workflow linting by <a href="https://github.com/Viicos"><code>@Viicos</code></a> in <a href="https://redirect.github.com/pydantic/pydantic/pull/13039">#13039</a></li> <li>Update jiter to v0.14.0 to fix a segmentation fault on musl Linux by <a href="https://github.com/Viicos"><code>@Viicos</code></a> in <a href="https://redirect.github.com/pydantic/pydantic/pull/13064">#13064</a></li> </ul> <h4>New Features</h4> <ul> <li>Allow default factories of private attributes to take validated model data by <a href="https://github.com/Viicos"><code>@Viicos</code></a> in <a href="https://redirect.github.com/pydantic/pydantic/pull/13013">#13013</a></li> </ul> <h4>Changes</h4> <ul> <li>Warn when serializing fixed length tuples with too few items by <a href="https://github.com/arvindsaripalli"><code>@arvindsaripalli</code></a> in <a href="https://redirect.github.com/pydantic/pydantic/pull/13016">#13016</a></li> </ul> <h4>Fixes</h4> <ul> <li>Change type of <code>Any</code> when synthesizing <code>_build_sources</code> for <code>BaseSettings.__init__()</code> signature in the mypy plugin by <a href="https://github.com/Viicos"><code>@Viicos</code></a> in <a href="https://redirect.github.com/pydantic/pydantic/pull/13049">#13049</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pydantic/pydantic/blob/main/HISTORY.md">pydantic's changelog</a>.</em></p> <blockquote> <h2>v2.13.2 (2026-04-17)</h2> <p><a href="https://github.com/pydantic/pydantic/releases/tag/v2.13.2">GitHub release</a></p> <h3>What's Changed</h3> <h4>Fixes</h4> <ul> <li>Fix <code>ValidationInfo.field_name</code> missing with <code>model_validate_json()</code> by <a href="https://github.com/Viicos"><code>@Viicos</code></a> in <a href="https://redirect.github.com/pydantic/pydantic/pull/13084">#13084</a></li> </ul> <h2>v2.13.1 (2026-04-15)</h2> <p><a href="https://github.com/pydantic/pydantic/releases/tag/v2.13.1">GitHub release</a></p> <h3>What's Changed</h3> <h4>Fixes</h4> <ul> <li>Fix <code>ValidationInfo.data</code> missing with <code>model_validate_json()</code> by <a href="https://github.com/davidhewitt"><code>@davidhewitt</code></a> in <a href="https://redirect.github.com/pydantic/pydantic/pull/13079">#13079</a></li> </ul> <h2>v2.13.0 (2026-04-13)</h2> <p><a href="https://github.com/pydantic/pydantic/releases/tag/v2.13.0">GitHub release</a></p> <p>The highlights of the v2.13 release are available in the <a href="https://pydantic.dev/articles/pydantic-v2-13-release">blog post</a>. Several minor changes (considered non-breaking changes according to our <a href="https://pydantic.dev/docs/validation/2.13/get-started/version-policy/#pydantic-v2">versioning policy</a>) are also included in this release. Make sure to look into them before upgrading.</p> <p>This release contains the updated <code>pydantic.v1</code> namespace, matching version 1.10.26 which includes support for Python 3.14.</p> <h3>What's Changed</h3> <p>See the beta releases for all changes sinces 2.12.</p> <h4>New Features</h4> <ul> <li>Allow default factories of private attributes to take validated model data by <a href="https://github.com/Viicos"><code>@Viicos</code></a> in <a href="https://redirect.github.com/pydantic/pydantic/pull/13013">#13013</a></li> </ul> <h4>Changes</h4> <ul> <li>Warn when serializing fixed length tuples with too few items by <a href="https://github.com/arvindsaripalli"><code>@arvindsaripalli</code></a> in <a href="https://redirect.github.com/pydantic/pydantic/pull/13016">#13016</a></li> </ul> <h4>Fixes</h4> <ul> <li>Change type of <code>Any</code> when synthesizing <code>_build_sources</code> for <code>BaseSettings.__init__()</code> signature in the mypy plugin by <a href="https://github.com/Viicos"><code>@Viicos</code></a> in <a href="https://redirect.github.com/pydantic/pydantic/pull/13049">#13049</a></li> <li>Fix model equality when using runtime <code>extra</code> configuration by <a href="https://github.com/Viicos"><code>@Viicos</code></a> in <a href="https://redirect.github.com/pydantic/pydantic/pull/13062">#13062</a></li> </ul> <h4>Packaging</h4> <ul> <li>Add zizmor for GitHub Actions workflow linting by <a href="https://github.com/Viicos"><code>@Viicos</code></a> in <a href="https://redirect.github.com/pydantic/pydantic/pull/13039">#13039</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
c5be5378bf |
Bump pyrefly from 0.60.0 to 0.61.1 in /backend (#1690)
Bumps [pyrefly](https://github.com/facebook/pyrefly) from 0.60.0 to 0.61.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/facebook/pyrefly/releases">pyrefly's releases</a>.</em></p> <blockquote> <h2>Pyrefly v0.61.1</h2> <p><strong>Full Changelog</strong>: <a href="https://github.com/facebook/pyrefly/compare/0.61.0...0.61.1">https://github.com/facebook/pyrefly/compare/0.61.0...0.61.1</a></p> <h2>Pyrefly v0.61.0</h2> <p><strong>Status : BETA</strong> <em>Release date: April 13, 2026</em></p> <p>Pyrefly v0.61.0 bundles <strong>85 commits</strong> from <strong>21 contributors</strong>.</p> <hr /> <h2>✨ New & Improved</h2> <table> <thead> <tr> <th>Area</th> <th>What's new</th> </tr> </thead> <tbody> <tr> <td><strong>Type Checking</strong></td> <td>- Division, floor division, and modulo operations with a literal zero divisor (e.g., <code>x / 0</code>, <code>y // 0</code>, <code>z % 0</code>) are flagged as errors, catching runtime <code>ZeroDivisionError</code> before execution. <!-- raw HTML omitted --><!-- raw HTML omitted -->- Multiple inheritance with conflicting <code>__slots__</code> definitions is detected and reported as an error, matching CPython's runtime behavior and preventing layout conflicts. <!-- raw HTML omitted --><!-- raw HTML omitted -->- Protocol members assigned a value without an explicit type annotation (e.g., <code>x = None</code> in a <code>Protocol</code> class body) are flagged as errors, ensuring protocol members have declared types as required by the typing specification.</td> </tr> <tr> <td><strong>Language Server</strong></td> <td>- Variables used exclusively within f-string format specifiers (e.g., <code>f"{key:<{max_len}}"</code>) are correctly recognized as used, eliminating false positive unused-variable warnings. <!-- raw HTML omitted --><!-- raw HTML omitted -->- The VS Code extension explicitly declares workspace trust capabilities, requiring trusted workspaces to run and allowing machine-overridable scope for <code>lspPath</code> and <code>lspArguments</code> settings for improved security.</td> </tr> <tr> <td><strong>Coverage Reporting</strong></td> <td>- The <code>pyrefly report</code> command now excludes some dunder methods and typing-only constructs from coverage metrics. <!-- raw HTML omitted --><!-- raw HTML omitted -->- Per-module JSON output includes entity counts (n_functions, n_methods, n_function_params, n_method_params, n_classes, n_attrs, n_properties, n_type_ignores) for downstream consumers. <!-- raw HTML omitted --><!-- raw HTML omitted -->- A new <code>--module <name></code> CLI flag allows overriding the module name in JSON output, supporting callers that need canonical package names instead of filesystem-derived names.</td> </tr> <tr> <td><strong>Pydantic</strong></td> <td>- Pydantic lax conversion special-cases regex patterns, fixing false positives when passing compiled patterns to Pydantic models.</td> </tr> <tr> <td><strong>Performance</strong></td> <td>- Fixed a bug in overload evaluation that caused exponential memory consumption and indefinite hangs on code with many overloaded calls.</td> </tr> </tbody> </table> <hr /> <h2>🐛 bug fixes</h2> <p>We closed <strong>9</strong> bug issues this release 👏</p> <ul> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/3031">#3031</a>: Fixed a crash in mypy_primer caused by a variable leak in <code>LitEnum</code> — types are now deep-forced before storage to prevent leaking vars into the solver.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2915">#2915</a>: Division, floor division, and modulo by literal <code>0</code> are now flagged as errors, catching <code>ZeroDivisionError</code> at static analysis time instead of runtime.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/3009">#3009</a>: Fixed false positive unused-variable warnings for variables used exclusively within f-string format specifiers (e.g., <code>f"{key:<{max_len}}"</code>). The AST visitor now correctly descends into <code>format_spec</code> nodes.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2799">#2799</a>: Fixed false positive <code>[missing-attribute]</code> errors for <code>dict.setdefault(key, []).append(val)</code> on unannotated dicts. Overload resolution now creates fresh partial variables for each overload, preventing incorrect pinning.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2991">#2991</a>: Fixed Pydantic lax-mode rewriting <code>re.Pattern[str]</code> to <code>Pattern[LaxStr]</code> and rejecting <code>re.Pattern[str]</code>. Regex patterns now expand to <code>re.Pattern[T] | T</code> instead of recursively widening the inner type.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2916">#2916</a>: Fixed runtime <code>TypeError</code> from multiple inheritance with conflicting <code>__slots__</code> (same slot names). Pyrefly now detects and reports this layout conflict during class metadata computation.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2917">#2917</a>: Fixed runtime <code>TypeError</code> from multiple inheritance with conflicting <code>__slots__</code> (different slot names). Pyrefly now detects non-empty <code>__slots__</code> in multiple bases and reports the conflict.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/3064">#3064</a>: Fixed false positive when using <code>issubclass()</code> after <code>isinstance()</code> narrowing with custom metaclasses (e.g., Django's <code>ModelBase</code>). Metaclass instances are now correctly accepted as valid class objects.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/3030">#3030</a>: Fixed false positive <code>LiteralString</code> type error in <code>map(str.strip, ...)</code>. Overloads with narrower <code>self</code>-type annotations are now filtered out during unbound method resolution.</li> </ul> <p>Thank-you to all our contributors who found these bugs and reported them! Did you know this is one of the most helpful contributions you can make to an open-source project? If you find any bugs in Pyrefly we want to know about them! Please open a bug report issue <a href="https://github.com/facebook/pyrefly/issues">here</a></p> <hr /> <h2>📦 Upgrade</h2> <pre lang="bash"><code>pip install --upgrade pyrefly==0.61.0 </code></pre> <h3>How to safely upgrade your codebase</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
2146f245a0 |
Bump sentry-sdk from 2.57.0 to 2.58.0 in /backend (#1689)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 2.57.0 to 2.58.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-python/releases">sentry-sdk's releases</a>.</em></p> <blockquote> <h2>2.58.0</h2> <h3>New Features ✨</h3> <ul> <li>(ai) Redact base64 data URLs in image_url content blocks by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5953">#5953</a></li> <li>(integrations) Instrument pyreqwest tracing by <a href="https://github.com/servusdei2018"><code>@servusdei2018</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5682">#5682</a></li> <li>(litellm) Add async callbacks by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5969">#5969</a></li> </ul> <h3>Bug Fixes 🐛</h3> <h4>Anthropic</h4> <ul> <li>Capture exceptions for <code>stream()</code> calls by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5950">#5950</a></li> <li>Stop setting transaction status when child span fails by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5717">#5717</a></li> <li>Only finish relevant spans in .create() patches by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5716">#5716</a></li> </ul> <h4>Pydantic Ai</h4> <ul> <li>Adapt import for new library versions by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5984">#5984</a></li> <li>Use first-class hooks when available by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5947">#5947</a></li> </ul> <h4>Other</h4> <ul> <li>(huggingface_hub) Stop setting transaction status when a child span fails by <a href="https://github.com/Zenithatic"><code>@Zenithatic</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5952">#5952</a></li> <li>(litellm) Avoid double span exits when streaming by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5933">#5933</a></li> <li>(wsgi) Respect HTTP_X_FORWARDED_PROTO in request.url construction by <a href="https://github.com/sl0thentr0py"><code>@sl0thentr0py</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5963">#5963</a></li> </ul> <h3>Internal Changes 🔧</h3> <h4>Litellm</h4> <ul> <li>Replace mocks with <code>httpx</code> types in rate-limit test by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5975">#5975</a></li> <li>Replace mocks with <code>httpx</code> types in embedding tests by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5970">#5970</a></li> <li>Replace mocks with <code>httpx</code> types in nonstreaming <code>completion()</code> tests by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5937">#5937</a></li> <li>Remove dead attributes by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5985">#5985</a></li> </ul> <h4>Other</h4> <ul> <li>(ai) Remove <code>gen_ai.tool.type</code> span attribute by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5964">#5964</a></li> <li>(anthropic) Separate sync and async .create() patches by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5715">#5715</a></li> <li>(openai) Split token counting by API for easier deprecation by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5930">#5930</a></li> <li>(openai-agents) Remove error attributes by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5986">#5986</a></li> <li>(opentelemetry) Ignore mypy error by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5927">#5927</a></li> <li>🤖 Update test matrix with new releases (04/13) by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5983">#5983</a></li> <li>Fix license metadata in setup.py by <a href="https://github.com/sl0thentr0py"><code>@sl0thentr0py</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5934">#5934</a></li> <li>Update validate-pr workflow by <a href="https://github.com/stephanie-anderson"><code>@stephanie-anderson</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5931">#5931</a></li> </ul> <h3>Other</h3> <ul> <li>Handle <code>None</code> span context in the span processor and pin tokenizers version for anthropic tests on Python 3.8 by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5967">#5967</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md">sentry-sdk's changelog</a>.</em></p> <blockquote> <h2>2.58.0</h2> <h3>New Features ✨</h3> <ul> <li>(ai) Redact base64 data URLs in image_url content blocks by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5953">#5953</a></li> <li>(integrations) Instrument pyreqwest tracing by <a href="https://github.com/servusdei2018"><code>@servusdei2018</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5682">#5682</a></li> <li>(litellm) Add async callbacks by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5969">#5969</a></li> </ul> <h3>Bug Fixes 🐛</h3> <h4>Anthropic</h4> <ul> <li>Capture exceptions for <code>stream()</code> calls by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5950">#5950</a></li> <li>Stop setting transaction status when child span fails by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5717">#5717</a></li> <li>Only finish relevant spans in .create() patches by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5716">#5716</a></li> </ul> <h4>Pydantic Ai</h4> <ul> <li>Adapt import for new library versions by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5984">#5984</a></li> <li>Use first-class hooks when available by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5947">#5947</a></li> </ul> <h4>Other</h4> <ul> <li>(huggingface_hub) Stop setting transaction status when a child span fails by <a href="https://github.com/Zenithatic"><code>@Zenithatic</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5952">#5952</a></li> <li>(litellm) Avoid double span exits when streaming by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5933">#5933</a></li> <li>(wsgi) Respect HTTP_X_FORWARDED_PROTO in request.url construction by <a href="https://github.com/sl0thentr0py"><code>@sl0thentr0py</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5963">#5963</a></li> </ul> <h3>Internal Changes 🔧</h3> <h4>Litellm</h4> <ul> <li>Replace mocks with <code>httpx</code> types in rate-limit test by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5975">#5975</a></li> <li>Replace mocks with <code>httpx</code> types in embedding tests by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5970">#5970</a></li> <li>Replace mocks with <code>httpx</code> types in nonstreaming <code>completion()</code> tests by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5937">#5937</a></li> <li>Remove dead attributes by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5985">#5985</a></li> </ul> <h4>Other</h4> <ul> <li>(ai) Remove <code>gen_ai.tool.type</code> span attribute by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5964">#5964</a></li> <li>(anthropic) Separate sync and async .create() patches by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5715">#5715</a></li> <li>(openai) Split token counting by API for easier deprecation by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5930">#5930</a></li> <li>(openai-agents) Remove error attributes by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5986">#5986</a></li> <li>(opentelemetry) Ignore mypy error by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5927">#5927</a></li> <li>🤖 Update test matrix with new releases (04/13) by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5983">#5983</a></li> <li>Fix license metadata in setup.py by <a href="https://github.com/sl0thentr0py"><code>@sl0thentr0py</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5934">#5934</a></li> <li>Update validate-pr workflow by <a href="https://github.com/stephanie-anderson"><code>@stephanie-anderson</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5931">#5931</a></li> </ul> <h3>Other</h3> <ul> <li>Handle <code>None</code> span context in the span processor and pin tokenizers version for anthropic tests on Python 3.8 by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5967">#5967</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
48551b09f7 |
Bump fastapi from 0.135.3 to 0.136.0 in /backend (#1688)
Bumps [fastapi](https://github.com/fastapi/fastapi) from 0.135.3 to 0.136.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/fastapi/fastapi/releases">fastapi's releases</a>.</em></p> <blockquote> <h2>0.136.0</h2> <h3>Upgrades</h3> <ul> <li>⬆️ Support free-threaded Python 3.14t. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15149">#15149</a> by <a href="https://github.com/svlandeg"><code>@svlandeg</code></a>.</li> </ul> <h2>0.135.4</h2> <h3>Refactors</h3> <ul> <li>🔥 Remove April Fool's <code>@app.vibe()</code> 🤪. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15363">#15363</a> by <a href="https://github.com/tiangolo"><code>@tiangolo</code></a>.</li> </ul> <h3>Internal</h3> <ul> <li>⬆ Bump cryptography from 46.0.5 to 46.0.7. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15314">#15314</a> by <a href="https://github.com/apps/dependabot"><code>@dependabot[bot]</code></a>.</li> <li>⬆ Bump strawberry-graphql from 0.307.1 to 0.312.3. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15309">#15309</a> by <a href="https://github.com/apps/dependabot"><code>@dependabot[bot]</code></a>.</li> <li>🔨 Add pre-commit hook to ensure latest release header has date. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15293">#15293</a> by <a href="https://github.com/YuriiMotov"><code>@YuriiMotov</code></a>.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
e6abd7d282 |
Bump urllib3 from 2.6.3 to 2.7.0 in /backend (#1681)
Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.6.3 to 2.7.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/releases">urllib3's releases</a>.</em></p> <blockquote> <h2>2.7.0</h2> <h2>🚀 urllib3 is fundraising for HTTP/2 support</h2> <p><a href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3 is raising ~$40,000 USD</a> to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects <a href="https://opencollective.com/urllib3">please consider contributing financially</a> to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.</p> <p>Thank you for your support.</p> <h2>Security</h2> <p>Addressed high-severity security issues. Impact was limited to specific use cases detailed in the accompanying advisories; overall user exposure was estimated to be marginal.</p> <ul> <li> <p>Decompression-bomb safeguards of the streaming API were bypassed:</p> <ol> <li>When <code>HTTPResponse.drain_conn()</code> was called after the response had been read and decompressed partially. (Reported by <a href="https://github.com/Cycloctane"><code>@Cycloctane</code></a>)</li> <li>During the second <code>HTTPResponse.read(amt=N)</code> or <code>HTTPResponse.stream(amt=N)</code> call when the response was decompressed using the official <a href="https://pypi.org/project/brotli/">Brotli</a> library. (Reported by <a href="https://github.com/kimkou2024"><code>@kimkou2024</code></a>)</li> </ol> <p>See GHSA-mf9v-mfxr-j63j for details.</p> </li> <li> <p>HTTP pools created using <code>ProxyManager.connection_from_url</code> did not strip sensitive headers specified in <code>Retry.remove_headers_on_redirect</code> when redirecting to a different host. (GHSA-qccp-gfcp-xxvc reported by <a href="https://github.com/christos-spearbit"><code>@christos-spearbit</code></a>)</p> </li> </ul> <h2>Deprecations and Removals</h2> <ul> <li>Used <code>FutureWarning</code> instead of <code>DeprecationWarning</code> for better visibility of existing deprecation notices. Rescheduled the removal of deprecated features to version 3.0. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3763">urllib3/urllib3#3763</a>)</li> <li>Removed support for end-of-life Python 3.9. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3720">urllib3/urllib3#3720</a>)</li> <li>Removed support for end-of-life PyPy3.10. (<a href="https://redirect.github.com/urllib3/urllib3/issues/4979">urllib3/urllib3#4979</a>)</li> <li>Bumped the minimum supported pyOpenSSL version to 19.0.0. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3777">urllib3/urllib3#3777</a>)</li> </ul> <h2>Bugfixes</h2> <ul> <li>Fixed a bug where <code>HTTPResponse.read(amt=None)</code> was ignoring decompressed data buffered from previous partial reads. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3636">urllib3/urllib3#3636</a>)</li> <li>Fixed a bug where <code>HTTPResponse.read()</code> could cache only part of the response after a partial read when <code>cache_content=True</code>. (<a href="https://redirect.github.com/urllib3/urllib3/issues/4967">urllib3/urllib3#4967</a>)</li> <li>Fixed <code>HTTPResponse.stream()</code> and <code>HTTPResponse.read_chunked()</code> to handle <code>amt=0</code>. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3793">urllib3/urllib3#3793</a>)</li> <li>Updated <code>_TYPE_BODY</code> type alias to include missing <code>Iterable[str]</code>, matching the documented and runtime behavior of chunked request bodies. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3798">urllib3/urllib3#3798</a>)</li> <li>Fixed <code>LocationParseError</code> when paths resembling schemeless URIs were passed to <code>HTTPConnectionPool.urlopen()</code>. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3352">urllib3/urllib3#3352</a>)</li> <li>Fixed <code>BaseHTTPResponse.readinto()</code> type annotation to accept <code>memoryview</code> in addition to <code>bytearray</code>, matching the <code>io.RawIOBase.readinto</code> contract and enabling use with <code>io.BufferedReader</code> without type errors. (<a href="https://redirect.github.com/urllib3/urllib3/issues/3764">urllib3/urllib3#3764</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's changelog</a>.</em></p> <blockquote> <h1>2.7.0 (2026-05-07)</h1> <h2>Security</h2> <p>Addressed high-severity security issues. Impact was limited to specific use cases detailed in the accompanying advisories; overall user exposure was estimated to be marginal.</p> <ul> <li> <p>Decompression-bomb safeguards of the streaming API were bypassed:</p> <ol> <li>When <code>HTTPResponse.drain_conn()</code> was called after the response had been read and decompressed partially.</li> <li>During the second <code>HTTPResponse.read(amt=N)</code> or <code>HTTPResponse.stream(amt=N)</code> call when the response was decompressed using the official <code>Brotli <https://pypi.org/project/brotli/></code>__ library.</li> </ol> <p>See <code>GHSA-mf9v-mfxr-j63j <https://github.com/urllib3/urllib3/security/advisories/GHSA-mf9v-mfxr-j63j></code>__ for details.</p> </li> <li> <p>HTTP pools created using <code>ProxyManager.connection_from_url</code> did not strip sensitive headers specified in <code>Retry.remove_headers_on_redirect</code> when redirecting to a different host. (<code>GHSA-qccp-gfcp-xxvc <https://github.com/urllib3/urllib3/security/advisories/GHSA-qccp-gfcp-xxvc></code>__)</p> </li> </ul> <h2>Deprecations and Removals</h2> <ul> <li>Used <code>FutureWarning</code> instead of <code>DeprecationWarning</code> for better visibility of existing deprecation notices. Rescheduled the removal of deprecated features to version 3.0. (<code>[#3763](https://github.com/urllib3/urllib3/issues/3763) <https://github.com/urllib3/urllib3/issues/3763></code>__)</li> <li>Removed support for end-of-life Python 3.9. (<code>[#3720](https://github.com/urllib3/urllib3/issues/3720) <https://github.com/urllib3/urllib3/issues/3720></code>__)</li> <li>Removed support for end-of-life PyPy3.10. (<code>[#4979](https://github.com/urllib3/urllib3/issues/4979) <https://github.com/urllib3/urllib3/issues/4979></code>__)</li> <li>Bumped the minimum supported pyOpenSSL version to 19.0.0. (<code>[#3777](https://github.com/urllib3/urllib3/issues/3777) <https://github.com/urllib3/urllib3/issues/3777></code>__)</li> </ul> <h2>Bugfixes</h2> <ul> <li>Fixed a bug where <code>HTTPResponse.read(amt=None)</code> was ignoring decompressed data buffered from previous partial reads. (<code>[#3636](https://github.com/urllib3/urllib3/issues/3636) <https://github.com/urllib3/urllib3/issues/3636></code>__)</li> <li>Fixed a bug where <code>HTTPResponse.read()</code> could cache only part of the response after a partial read when <code>cache_content=True</code>.</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
7a1c2b0c4e |
Bump python-multipart from 0.0.26 to 0.0.27 in /backend (#1680)
Bumps [python-multipart](https://github.com/Kludex/python-multipart) from 0.0.26 to 0.0.27. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/Kludex/python-multipart/releases">python-multipart's releases</a>.</em></p> <blockquote> <h2>0.0.27</h2> <h2>What's Changed</h2> <ul> <li>Pass parse offsets via constructors by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/python-multipart/pull/268">Kludex/python-multipart#268</a></li> <li>Add multipart header limits by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/python-multipart/pull/267">Kludex/python-multipart#267</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/Kludex/python-multipart/compare/0.0.26...0.0.27">https://github.com/Kludex/python-multipart/compare/0.0.26...0.0.27</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Kludex/python-multipart/blob/main/CHANGELOG.md">python-multipart's changelog</a>.</em></p> <blockquote> <h2>0.0.27 (2026-04-27)</h2> <ul> <li>Add multipart header limits <a href="https://redirect.github.com/Kludex/python-multipart/pull/267">#267</a>.</li> <li>Pass parse offsets via constructors <a href="https://redirect.github.com/Kludex/python-multipart/pull/268">#268</a>.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
0f626c344b |
Bump mako from 1.3.11 to 1.3.12 in /backend (#1679)
Bumps [mako](https://github.com/sqlalchemy/mako) from 1.3.11 to 1.3.12. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sqlalchemy/mako/releases">mako's releases</a>.</em></p> <blockquote> <h1>1.3.12</h1> <p>Released: Tue Apr 28 2026</p> <h2>bug</h2> <ul> <li> <p><strong>[bug] [template]</strong> Fixed issue in <code>TemplateLookup</code> where a URI with backslash path separators (e.g. <code>\..\secret.txt</code>) could bypass the directory traversal check on Windows, allowing reads of arbitrary files outside of the template directory. Backslash characters in URIs are now normalized to forward slashes before path resolution.</p> <p>References: <a href="https://redirect.github.com/sqlalchemy/mako/issues/435">#435</a></p> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/sqlalchemy/mako/commits">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/evroon/bracket/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
110833b014 |
Bump starlette from 0.52.1 to 1.0.0 in /backend (#1675)
Bumps [starlette](https://github.com/Kludex/starlette) from 0.52.1 to 1.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/Kludex/starlette/releases">starlette's releases</a>.</em></p> <blockquote> <h2>Version 1.0.0</h2> <p>Starlette 1.0 is here! 🎉</p> <p>After nearly eight years since its creation, Starlette has reached its first stable release.</p> <p>A special thank you to <a href="https://github.com/lovelydinosaur"><code>@lovelydinosaur</code></a>, the creator of Starlette, Uvicorn, HTTPX and MkDocs, whose work helped to lay the foundation for the modern async Python ecosystem. 🙏</p> <p>Thank you to <a href="https://github.com/adriangb"><code>@adriangb</code></a>, <a href="https://github.com/graingert"><code>@graingert</code></a>, <a href="https://github.com/agronholm"><code>@agronholm</code></a>, <a href="https://github.com/florimondmanca"><code>@florimondmanca</code></a>, <a href="https://github.com/aminalaee"><code>@aminalaee</code></a>, <a href="https://github.com/tiangolo"><code>@tiangolo</code></a>, <a href="https://github.com/alex-oleshkevich"><code>@alex-oleshkevich</code></a>, <a href="https://github.com/abersheeran"><code>@abersheeran</code></a>, and <a href="https://github.com/uSpike"><code>@uSpike</code></a> for helping make Starlette what it is today. And to all my sponsors - especially <a href="https://github.com/tiangolo"><code>@tiangolo</code></a>, <a href="https://github.com/huggingface"><code>@huggingface</code></a>, and <a href="https://github.com/elevenlabs"><code>@elevenlabs</code></a> - thank you for your support!</p> <p>Thank you to all <a href="https://github.com/encode/starlette/graphs/contributors">290+ contributors</a> who have shaped Starlette over the years! ❤️</p> <p>Read more on the <a href="https://marcelotryle.com/blog/2026/03/22/starlette-10-is-here/">blog post</a>.</p> <p>Check out the full release notes at <a href="https://www.starlette.io/release-notes/#100-march-22-2026">https://www.starlette.io/release-notes/#100-march-22-2026</a></p> <hr /> <p><strong>Full Changelog</strong>: <a href="https://github.com/encode/starlette/compare/1.0.0rc1...1.0.0">https://github.com/encode/starlette/compare/1.0.0rc1...1.0.0</a></p> <h2>Version 1.0.0rc1</h2> <p>We're ready! 🚀</p> <p>The first release candidate for Starlette 1.0 is here! After years on ZeroVer, we're finally making the jump.</p> <p>This release removes all deprecated features marked for 1.0.0, along with some last-minute bug fixes.</p> <p>A special thank you to <a href="https://github.com/lovelydinosaur"><code>@lovelydinosaur</code></a>, the creator of Starlette, Uvicorn, HTTPX and MkDocs, whose work helped to lay the foundation for the modern async Python ecosystem. 🙏</p> <p>Thank you to <a href="https://github.com/adriangb"><code>@adriangb</code></a>, <a href="https://github.com/graingert"><code>@graingert</code></a>, <a href="https://github.com/agronholm"><code>@agronholm</code></a>, <a href="https://github.com/florimondmanca"><code>@florimondmanca</code></a>, <a href="https://github.com/aminalaee"><code>@aminalaee</code></a>, <a href="https://github.com/tiangolo"><code>@tiangolo</code></a>, <a href="https://github.com/alex-oleshkevich"><code>@alex-oleshkevich</code></a>, and <a href="https://github.com/abersheeran"><code>@abersheeran</code></a> for helping make Starlette what it is today. And to all my sponsors - especially <a href="https://github.com/tiangolo"><code>@tiangolo</code></a>, <a href="https://github.com/huggingface"><code>@huggingface</code></a>, and <a href="https://github.com/elevenlabs"><code>@elevenlabs</code></a> - thank you for your support!</p> <p>Thank you to all <a href="https://github.com/encode/starlette/graphs/contributors">290+ contributors</a> who have shaped Starlette over the years!</p> <p>Check out the full release notes at <a href="https://www.starlette.io/release-notes/#100rc1-february-23-2026">https://www.starlette.io/release-notes/#100rc1-february-23-2026</a></p> <hr /> <p><strong>Full Changelog</strong>: <a href="https://github.com/Kludex/starlette/compare/0.52.1...1.0.0rc1">https://github.com/Kludex/starlette/compare/0.52.1...1.0.0rc1</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Kludex/starlette/blob/main/docs/release-notes.md">starlette's changelog</a>.</em></p> <blockquote> <h2>1.0.0 (March 22, 2026)</h2> <p>Starlette 1.0 is here!</p> <p>After nearly eight years since its creation, Starlette has reached its first stable release. Thank you to everyone who tested the release candidate and reported issues.</p> <p>You can read more on the <a href="https://marcelotryle.com/blog/2026/03/22/starlette-10-is-here/">blog post</a>.</p> <h4>Added</h4> <ul> <li>Track session access and modification in <code>SessionMiddleware</code> <a href="https://redirect.github.com/encode/starlette/pull/3166">#3166</a>.</li> </ul> <h4>Fixed</h4> <ul> <li>Handle websocket denial responses in <code>StreamingResponse</code> and <code>FileResponse</code> <a href="https://redirect.github.com/encode/starlette/pull/3189">#3189</a>.</li> <li>Use <code>bytearray</code> for field accumulation in <code>FormParser</code> <a href="https://redirect.github.com/encode/starlette/pull/3179">#3179</a>.</li> <li>Move <code>parser.finalize()</code> inside try/except in <code>MultiPartParser.parse()</code> <a href="https://redirect.github.com/encode/starlette/pull/3153">#3153</a>.</li> </ul> <h2>1.0.0rc1 (February 23, 2026)</h2> <p>We're ready! I'm thrilled to announce the first release candidate for Starlette 1.0.</p> <p>Starlette was created in June 2018 by Tom Christie, and has been on ZeroVer for years. Today, it's downloaded almost <a href="https://pypistats.org/packages/starlette">10 million times a day</a>, serves as the foundation for FastAPI, and has inspired many other frameworks. In the age of AI, Starlette continues to play an important role as a dependency of the Python MCP SDK.</p> <p>This release focuses on removing deprecated features that were marked for removal in 1.0.0, along with some last minute bug fixes. It's a release candidate, so we can gather feedback from the community before the final 1.0.0 release soon.</p> <p>A huge thank you to all the contributors who have helped make Starlette what it is today. In particular, I'd like to recognize:</p> <ul> <li><a href="https://github.com/lovelydinosaur">Kim Christie</a> - The original creator of Starlette, Uvicorn, and MkDocs, and the current maintainer of HTTPX. Kim's work helped lay the foundation for the modern async Python ecosystem.</li> <li><a href="https://github.com/adriangb">Adrian Garcia Badaracco</a> - One of the smartest people I know, whom I have the pleasure of working with at Pydantic.</li> <li><a href="https://github.com/graingert">Thomas Grainger</a> - My async teacher, always ready to help with questions.</li> <li><a href="https://github.com/agronholm">Alex Grönholm</a> - Another async mentor, always prompt to help with questions.</li> <li><a href="https://github.com/florimondmanca">Florimond Manca</a> - Always present in the early days of both Starlette and Uvicorn, and helped a lot in the ecosystem.</li> <li><a href="https://github.com/aminalaee">Amin Alaee</a> - Contributed a lot with file-related PRs.</li> <li><a href="https://github.com/tiangolo">Sebastián Ramírez</a> - Maintains FastAPI upstream, and always in contact to help with upstream issues.</li> <li><a href="https://github.com/alex-oleshkevich">Alex Oleshkevich</a> - Helped a lot on templates and many discussions.</li> <li><a href="https://github.com/abersheeran">abersheeran</a> - My go-to person when I need help on many subjects.</li> </ul> <p>I'd also like to thank my sponsors for their support. A special thanks to <a href="https://github.com/tiangolo"><code>@tiangolo</code></a>, <a href="https://github.com/huggingface"><code>@huggingface</code></a>, and <a href="https://github.com/elevenlabs"><code>@elevenlabs</code></a> for their generous sponsorship, and to all my other sponsors:</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
454bdf4538 |
Bump python-dotenv from 1.2.1 to 1.2.2 in /backend (#1668)
Bumps [python-dotenv](https://github.com/theskumar/python-dotenv) from 1.2.1 to 1.2.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/theskumar/python-dotenv/releases">python-dotenv's releases</a>.</em></p> <blockquote> <h2>v1.2.2</h2> <h3>Added</h3> <ul> <li>Support for Python 3.14, including the free-threaded (3.14t) build. (#)</li> </ul> <h3>Changed</h3> <ul> <li>The <code>dotenv run</code> command now forwards flags directly to the specified command by <a href="https://github.com/bbc2"><code>@bbc2</code></a> in <a href="https://redirect.github.com/theskumar/python-dotenv/pull/607">theskumar/python-dotenv#607</a></li> <li>Improved documentation clarity regarding override behavior and the reference page.</li> <li>Updated PyPy support to version 3.11.</li> <li>Documentation for FIFO file support.</li> <li>Support for Python 3.9.</li> </ul> <h3>Fixed</h3> <ul> <li>Improved <code>set_key</code> and <code>unset_key</code> behavior when interacting with symlinks by <a href="https://github.com/bbc2"><code>@bbc2</code></a> in <a href=" |
||
|
dependabot[bot]
|
3b61f5c979 |
Bump mako from 1.3.10 to 1.3.11 in /backend (#1665)
Bumps [mako](https://github.com/sqlalchemy/mako) from 1.3.10 to 1.3.11. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sqlalchemy/mako/releases">mako's releases</a>.</em></p> <blockquote> <h1>1.3.11</h1> <p>Released: Tue Apr 14 2026</p> <h2>bug</h2> <ul> <li> <p><strong>[bug] [template]</strong> Fixed issue in <code>TemplateLookup</code> where a URI with a double-slash prefix (e.g. <code>//../../</code>) could bypass the directory traversal check in <code>Template</code>, allowing reads of arbitrary files outside of the template directory. The issue was caused by an inconsistency in how leading slashes were stripped between <code>TemplateLookup.get_template()</code> and <code>Template</code> initialization.</p> <p>References: <a href="https://redirect.github.com/sqlalchemy/mako/issues/434">#434</a></p> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/sqlalchemy/mako/commits">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/evroon/bracket/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
c4b05352a3 |
Bump python-multipart from 0.0.22 to 0.0.26 in /backend (#1662)
Bumps [python-multipart](https://github.com/Kludex/python-multipart) from 0.0.22 to 0.0.26. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/Kludex/python-multipart/releases">python-multipart's releases</a>.</em></p> <blockquote> <h2>Version 0.0.26</h2> <h2>What's Changed</h2> <ul> <li>Skip preamble before first multipart boundary by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/python-multipart/pull/262">Kludex/python-multipart#262</a></li> <li>Silently discard epilogue data after the closing boundary by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/python-multipart/pull/259">Kludex/python-multipart#259</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/Kludex/python-multipart/compare/0.0.25...0.0.26">https://github.com/Kludex/python-multipart/compare/0.0.25...0.0.26</a></p> <h2>Version 0.0.25</h2> <h2>What's Changed</h2> <ul> <li>Apply Apache-2.0 properly by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/python-multipart/pull/247">Kludex/python-multipart#247</a></li> <li>Handle multipart headers case-insensitively by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/python-multipart/pull/252">Kludex/python-multipart#252</a></li> <li>Emit <code>field_end</code> for trailing bare field names on finalize by <a href="https://github.com/bysiber"><code>@bysiber</code></a> in <a href="https://redirect.github.com/Kludex/python-multipart/pull/230">Kludex/python-multipart#230</a></li> <li>Add <code>UPLOAD_DELETE_TMP</code> to <code>FormParser</code> config by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/python-multipart/pull/254">Kludex/python-multipart#254</a></li> <li>Remove custom FormParser classes by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/python-multipart/pull/257">Kludex/python-multipart#257</a></li> <li>Handle CTE values case-insensitively by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/python-multipart/pull/258">Kludex/python-multipart#258</a></li> <li>Add MIME content type info to File by <a href="https://github.com/jhnstrk"><code>@jhnstrk</code></a> in <a href="https://redirect.github.com/Kludex/python-multipart/pull/143">Kludex/python-multipart#143</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/Kludex/python-multipart/compare/0.0.24...0.0.25">https://github.com/Kludex/python-multipart/compare/0.0.24...0.0.25</a></p> <h2>Version 0.0.24</h2> <h2>What's Changed</h2> <ul> <li>Validate <code>chunk_size</code> in <code>parse_form()</code> by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/python-multipart/pull/244">Kludex/python-multipart#244</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/Kludex/python-multipart/compare/0.0.23...0.0.24">https://github.com/Kludex/python-multipart/compare/0.0.23...0.0.24</a></p> <h2>Version 0.0.23</h2> <h2>What's Changed</h2> <ul> <li>Remove unused <code>trust_x_headers</code> parameter and <code>X-File-Name</code> fallback by <a href="https://github.com/jhnstrk"><code>@jhnstrk</code></a> in <a href="https://redirect.github.com/Kludex/python-multipart/pull/196">Kludex/python-multipart#196</a></li> <li>Return processed length from <code>QuerystringParser._internal_write</code> by <a href="https://github.com/bysiber"><code>@bysiber</code></a> in <a href="https://redirect.github.com/Kludex/python-multipart/pull/229">Kludex/python-multipart#229</a></li> <li>Cleanup metadata dunders from <code>__init__.py</code> by <a href="https://github.com/Chesars"><code>@Chesars</code></a> in <a href="https://redirect.github.com/Kludex/python-multipart/pull/227">Kludex/python-multipart#227</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/Chesars"><code>@Chesars</code></a> made their first contribution in <a href="https://redirect.github.com/Kludex/python-multipart/pull/227">Kludex/python-multipart#227</a></li> <li><a href="https://github.com/bysiber"><code>@bysiber</code></a> made their first contribution in <a href="https://redirect.github.com/Kludex/python-multipart/pull/229">Kludex/python-multipart#229</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/Kludex/python-multipart/compare/0.0.22...0.0.23">https://github.com/Kludex/python-multipart/compare/0.0.22...0.0.23</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Kludex/python-multipart/blob/master/CHANGELOG.md">python-multipart's changelog</a>.</em></p> <blockquote> <h2>0.0.26 (2026-04-10)</h2> <ul> <li>Skip preamble before the first multipart boundary more efficiently <a href="https://redirect.github.com/Kludex/python-multipart/pull/262">#262</a>.</li> <li>Silently discard epilogue data after the closing multipart boundary <a href="https://redirect.github.com/Kludex/python-multipart/pull/259">#259</a>.</li> </ul> <h2>0.0.25 (2026-04-10)</h2> <ul> <li>Add MIME content type info to <code>File</code> <a href="https://redirect.github.com/Kludex/python-multipart/pull/143">#143</a>.</li> <li>Handle CTE values case-insensitively <a href="https://redirect.github.com/Kludex/python-multipart/pull/258">#258</a>.</li> <li>Remove custom <code>FormParser</code> classes <a href="https://redirect.github.com/Kludex/python-multipart/pull/257">#257</a>.</li> <li>Add <code>UPLOAD_DELETE_TMP</code> to <code>FormParser</code> config <a href="https://redirect.github.com/Kludex/python-multipart/pull/254">#254</a>.</li> <li>Emit <code>field_end</code> for trailing bare field names on finalize <a href="https://redirect.github.com/Kludex/python-multipart/pull/230">#230</a>.</li> <li>Handle multipart headers case-insensitively <a href="https://redirect.github.com/Kludex/python-multipart/pull/252">#252</a>.</li> <li>Apply Apache-2.0 properly <a href="https://redirect.github.com/Kludex/python-multipart/pull/247">#247</a>.</li> </ul> <h2>0.0.24 (2026-04-05)</h2> <ul> <li>Validate <code>chunk_size</code> in <code>parse_form()</code> <a href="https://redirect.github.com/Kludex/python-multipart/pull/244">#244</a>.</li> </ul> <h2>0.0.23 (2026-04-05)</h2> <ul> <li>Remove unused <code>trust_x_headers</code> parameter and <code>X-File-Name</code> fallback <a href="https://redirect.github.com/Kludex/python-multipart/pull/196">#196</a>.</li> <li>Return processed length from <code>QuerystringParser._internal_write</code> <a href="https://redirect.github.com/Kludex/python-multipart/pull/229">#229</a>.</li> <li>Cleanup metadata dunders from <code>__init__.py</code> <a href="https://redirect.github.com/Kludex/python-multipart/pull/227">#227</a>.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Copilot
|
1044914a48 |
fix: enforce dashboard_public check for unauthenticated API access (GHSA-9mjc-6fp2-hm9v) (#1660)
## Summary
Fixes the missing `dashboard_public` check security vulnerability
(GHSA-9mjc-6fp2-hm9v).
### Root cause
The `user_authenticated_or_public_dashboard` dependency in `auth.py`
only verified that the tournament existed in the database, but never
checked whether `dashboard_public = True`. This allowed unauthenticated
users to access sensitive tournament data on the following endpoints
even when the tournament was not publicly shared:
- `GET /tournaments/{tournament_id}` (partially protected by an explicit
post-dependency check)
- `GET /tournaments/{tournament_id}/courts`
- `GET /tournaments/{tournament_id}/teams`
- `GET /tournaments/{tournament_id}/rankings`
- `GET /tournaments/{tournament_id}/stages`
### Changes
- **`backend/bracket/routes/auth.py`**: Added `not
tournaments_fetched[0].dashboard_public` to the check in
`user_authenticated_or_public_dashboard`. Unauthenticated requests to a
tournament with `dashboard_public=False` now receive a 401 response.
- **`backend/bracket/routes/tournaments.py`**: Removed the now-redundant
explicit `dashboard_public` check in `get_tournament` (the dependency
handles it now).
- **`backend/tests/integration_tests/api/tournaments_test.py`**: Added
`test_non_public_tournament_endpoints_blocked_for_unauthenticated_users`
to assert that all affected endpoints return 401 for unauthenticated
requests when `dashboard_public=False`.
Note: `user_authenticated_or_public_dashboard_by_endpoint_name` (used
for the `GET /tournaments?endpoint_name=` route) was not affected — it
delegates to `sql_get_tournament_by_endpoint_name` which already
includes `AND dashboard_public IS TRUE` in its SQL query.
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: evroon <11857441+evroon@users.noreply.github.com>
|
||
|
dependabot[bot]
|
561467a342 |
Bump pytest from 9.0.1 to 9.0.3 in /backend (#1659)
Bumps [pytest](https://github.com/pytest-dev/pytest) from 9.0.1 to 9.0.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pytest-dev/pytest/releases">pytest's releases</a>.</em></p> <blockquote> <h2>9.0.3</h2> <h1>pytest 9.0.3 (2026-04-07)</h1> <h2>Bug fixes</h2> <ul> <li> <p><a href="https://redirect.github.com/pytest-dev/pytest/issues/12444">#12444</a>: Fixed <code>pytest.approx</code> which now correctly takes into account <code>~collections.abc.Mapping</code> keys order to compare them.</p> </li> <li> <p><a href="https://redirect.github.com/pytest-dev/pytest/issues/13634">#13634</a>: Blocking a <code>conftest.py</code> file using the <code>-p no:</code> option is now explicitly disallowed.</p> <p>Previously this resulted in an internal assertion failure during plugin loading.</p> <p>Pytest now raises a clear <code>UsageError</code> explaining that conftest files are not plugins and cannot be disabled via <code>-p</code>.</p> </li> <li> <p><a href="https://redirect.github.com/pytest-dev/pytest/issues/13734">#13734</a>: Fixed crash when a test raises an exceptiongroup with <code>__tracebackhide__ = True</code>.</p> </li> <li> <p><a href="https://redirect.github.com/pytest-dev/pytest/issues/14195">#14195</a>: Fixed an issue where non-string messages passed to <!-- raw HTML omitted -->unittest.TestCase.subTest()<!-- raw HTML omitted --> were not printed.</p> </li> <li> <p><a href="https://redirect.github.com/pytest-dev/pytest/issues/14343">#14343</a>: Fixed use of insecure temporary directory (CVE-2025-71176).</p> </li> </ul> <h2>Improved documentation</h2> <ul> <li><a href="https://redirect.github.com/pytest-dev/pytest/issues/13388">#13388</a>: Clarified documentation for <code>-p</code> vs <code>PYTEST_PLUGINS</code> plugin loading and fixed an incorrect <code>-p</code> example.</li> <li><a href="https://redirect.github.com/pytest-dev/pytest/issues/13731">#13731</a>: Clarified that capture fixtures (e.g. <code>capsys</code> and <code>capfd</code>) take precedence over the <code>-s</code> / <code>--capture=no</code> command-line options in <code>Accessing captured output from a test function <accessing-captured-output></code>.</li> <li><a href="https://redirect.github.com/pytest-dev/pytest/issues/14088">#14088</a>: Clarified that the default <code>pytest_collection</code> hook sets <code>session.items</code> before it calls <code>pytest_collection_finish</code>, not after.</li> <li><a href="https://redirect.github.com/pytest-dev/pytest/issues/14255">#14255</a>: TOML integer log levels must be quoted: Updating reference documentation.</li> </ul> <h2>Contributor-facing changes</h2> <ul> <li> <p><a href="https://redirect.github.com/pytest-dev/pytest/issues/12689">#12689</a>: The test reports are now published to Codecov from GitHub Actions. The test statistics is visible <a href="https://app.codecov.io/gh/pytest-dev/pytest/tests">on the web interface</a>.</p> <p>-- by <code>aleguy02</code></p> </li> </ul> <h2>9.0.2</h2> <h1>pytest 9.0.2 (2025-12-06)</h1> <h2>Bug fixes</h2> <ul> <li> <p><a href="https://redirect.github.com/pytest-dev/pytest/issues/13896">#13896</a>: The terminal progress feature added in pytest 9.0.0 has been disabled by default, except on Windows, due to compatibility issues with some terminal emulators.</p> <p>You may enable it again by passing <code>-p terminalprogress</code>. We may enable it by default again once compatibility improves in the future.</p> <p>Additionally, when the environment variable <code>TERM</code> is <code>dumb</code>, the escape codes are no longer emitted, even if the plugin is enabled.</p> </li> <li> <p><a href="https://redirect.github.com/pytest-dev/pytest/issues/13904">#13904</a>: Fixed the TOML type of the <code>tmp_path_retention_count</code> settings in the API reference from number to string.</p> </li> <li> <p><a href="https://redirect.github.com/pytest-dev/pytest/issues/13946">#13946</a>: The private <code>config.inicfg</code> attribute was changed in a breaking manner in pytest 9.0.0. Due to its usage in the ecosystem, it is now restored to working order using a compatibility shim. It will be deprecated in pytest 9.1 and removed in pytest 10.</p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
16af31c7b9 |
Bump starlette from 0.49.1 to 0.52.1 in /backend (#1657)
Bumps [starlette](https://github.com/Kludex/starlette) from 0.49.1 to 0.52.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/Kludex/starlette/releases">starlette's releases</a>.</em></p> <blockquote> <h2>Version 0.52.1</h2> <h2>What's Changed</h2> <ul> <li>Only use <code>typing_extensions</code> in older Python versions by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/starlette/pull/3109">Kludex/starlette#3109</a></li> </ul> <hr /> <p><strong>Full Changelog</strong>: <a href="https://github.com/Kludex/starlette/compare/0.52.0...0.52.1">https://github.com/Kludex/starlette/compare/0.52.0...0.52.1</a></p> <h2>Version 0.52.0</h2> <p>In this release, <code>State</code> can be accessed using dictionary-style syntax for improved type safety (<a href="https://redirect.github.com/Kludex/starlette/pull/3036">#3036</a>).</p> <pre lang="python"><code>from collections.abc import AsyncIterator from contextlib import asynccontextmanager from typing import TypedDict <p>import httpx</p> <p>from starlette.applications import Starlette from starlette.requests import Request</p> <p>class State(TypedDict): http_client: httpx.AsyncClient</p> <p><a href="https://github.com/asynccontextmanager"><code>@asynccontextmanager</code></a> async def lifespan(app: Starlette) -> AsyncIterator[State]: async with httpx.AsyncClient() as client: yield {"http_client": client}</p> <p>async def homepage(request: Request[State]): client = request.state["http_client"] # If you run the below line with mypy or pyright, it will reveal the correct type. reveal_type(client) # Revealed type is 'httpx.AsyncClient' </code></pre></p> <p>See <a href="https://github.com/Kludex/starlette/blob/HEAD/lifespan.md#accessing-state">Accessing State</a> for more details.</p> <hr /> <p><strong>Full Changelog</strong>: <a href="https://github.com/Kludex/starlette/compare/0.51.0...0.52.0">https://github.com/Kludex/starlette/compare/0.51.0...0.52.0</a></p> <h2>Version 0.51.0</h2> <h2>Added</h2> <ul> <li>Add <code>allow_private_network</code> in <code>CORSMiddleware</code> <a href="https://redirect.github.com/Kludex/starlette/pull/3065">#3065</a>.</li> </ul> <h2>Changed</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Kludex/starlette/blob/main/docs/release-notes.md">starlette's changelog</a>.</em></p> <blockquote> <h2>0.52.1 (January 18, 2026)</h2> <h4>Fixed</h4> <ul> <li>Only use <code>typing_extensions</code> in older Python versions <a href="https://redirect.github.com/Kludex/starlette/pull/3109">#3109</a>.</li> </ul> <h2>0.52.0 (January 18, 2026)</h2> <p>In this release, <code>State</code> can be accessed using dictionary-style syntax for improved type safety (<a href="https://redirect.github.com/Kludex/starlette/pull/3036">#3036</a>).</p> <pre lang="python"><code>from collections.abc import AsyncIterator from contextlib import asynccontextmanager from typing import TypedDict <p>import httpx</p> <p>from starlette.applications import Starlette from starlette.requests import Request</p> <p>class State(TypedDict): http_client: httpx.AsyncClient</p> <p><a href="https://github.com/asynccontextmanager"><code>@asynccontextmanager</code></a> async def lifespan(app: Starlette) -> AsyncIterator[State]: async with httpx.AsyncClient() as client: yield {"http_client": client}</p> <p>async def homepage(request: Request[State]): client = request.state["http_client"] # If you run the below line with mypy or pyright, it will reveal the correct type. reveal_type(client) # Revealed type is 'httpx.AsyncClient' </code></pre></p> <p>See <a href="https://github.com/Kludex/starlette/blob/main/docs/lifespan.md#accessing-state">Accessing State</a> for more details.</p> <h2>0.51.0 (January 10, 2026)</h2> <h4>Added</h4> <ul> <li>Add <code>allow_private_network</code> in <code>CORSMiddleware</code> <a href="https://redirect.github.com/Kludex/starlette/pull/3065">#3065</a>.</li> </ul> <h4>Changed</h4> <ul> <li>Increase warning stacklevel on <code>DeprecationWarning</code> for wsgi module <a href="https://redirect.github.com/Kludex/starlette/pull/3082">#3082</a>.</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
0d8ee4adf9 |
Bump pyrefly from 0.58.0 to 0.60.0 in /backend (#1647)
Bumps [pyrefly](https://github.com/facebook/pyrefly) from 0.58.0 to 0.60.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/facebook/pyrefly/releases">pyrefly's releases</a>.</em></p> <blockquote> <h2>Pyrefly v0.60.0</h2> <p><strong>Full Changelog</strong>: <a href="https://github.com/facebook/pyrefly/compare/0.59.1...0.60.0">https://github.com/facebook/pyrefly/compare/0.59.1...0.60.0</a></p> <h2>Pyrefly v0.59.1</h2> <p>Fixed a performance regression in 0.59.0.</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/facebook/pyrefly/compare/0.59.0...0.59.1">https://github.com/facebook/pyrefly/compare/0.59.0...0.59.1</a></p> <h2>Pyrefly v0.59.0</h2> <p><strong>Status : Beta</strong><br /> <em><strong>Release date:</strong> March 30, 2026</em></p> <p>Pyrefly v0.59.0 bundles <strong>153 commits</strong> from <strong>20 contributors</strong>.</p> <hr /> <h2>✨ New & Improved</h2> <table> <thead> <tr> <th align="left">Area</th> <th align="left">What’s new</th> </tr> </thead> <tbody> <tr> <td align="left"><strong>Type Checking</strong></td> <td align="left">- You can now use <code>while...else</code> statements with returns in the <code>else</code> clause without triggering a false positive <code>missing-explicit-return</code> error. <!-- raw HTML omitted --><!-- raw HTML omitted -->- Pyrefly now correctly handles type inference for nested empty dictionaries when constructing TypedDict instances, avoiding <code>implicit-any</code> errors. <!-- raw HTML omitted --><!-- raw HTML omitted -->- Error messages now highlight related code with inline labels; for example, an unsupported * operation will show the types of both operands directly in the source snippet</td> </tr> <tr> <td align="left"><strong>Language Server</strong></td> <td align="left">- LSP hover information for classes now displays constructor signature and docstring. <!-- raw HTML omitted --><!-- raw HTML omitted -->- Support additional LSP functionality for notebooks, including find-references and rename.</td> </tr> <tr> <td align="left"><strong>Performance</strong></td> <td align="left">- Faster typechecking in large pythonc codebases, up to 2x faster on recent benchmarks on real world projects <!-- raw HTML omitted --><!-- raw HTML omitted -->- Reduced CPU usage through smarter caching of module resolution results <!-- raw HTML omitted --><!-- raw HTML omitted -->- Improved performance of the LSP server by reducing redundant workspace diagnostic publishes.</td> </tr> </tbody> </table> <hr /> <h2>🐛 bug fixes</h2> <p>We closed 16 bug issues this release 👏</p> <ul> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2026">#2026</a>: Fixed an issue where recursive bounded generics were incorrectly reported as <code>object</code>, ensuring accurate type checking.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2812">#2812</a>: Resolved a false positive <code>invalid-type-var</code> error when persisting the <code>get</code> method of a fully-annotated <code>dict</code>.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2804">#2804</a>: Fixed an <code>implicit-any</code> false positive that occurred with TypedDict items, improving code readability.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2868">#2868</a>: Pyrefly now correctly recognizes <code>while...else</code> statements with returns in the <code>else</code> clause as exhaustive.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2814">#2814</a>: Enhanced hover information for <code>datetime.datetime</code> imports to display constructor signatures and docstrings.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2896">#2896</a>: Fixed a <code>bad-argument-type</code> error that occurred when using double-underscore arguments.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2893">#2893</a>: Pyrefly now correctly handles dict Literal key types as subtypes of str key types.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2865">#2865</a>: Resolved an issue where tuple subclasses with overridden <code>__getitem__</code> were not recognized.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2871">#2871</a>: Fixed a false positive error when using <code>isinstance</code> with <code>type | X</code>.</li> <li>And more! <a href="https://redirect.github.com/facebook/pyrefly/issues/2444">#2444</a>, <a href="https://redirect.github.com/facebook/pyrefly/issues/1270">#1270</a>, <a href="https://redirect.github.com/facebook/pyrefly/issues/2900">#2900</a>, <a href="https://redirect.github.com/facebook/pyrefly/issues/2862">#2862</a>, <a href="https://redirect.github.com/facebook/pyrefly/issues/2853">#2853</a></li> </ul> <p>Thank-you to all our contributors who found these bugs and reported them! Did you know this is one of the most helpful contributions you can make to an open-source project? If you find any bugs in Pyrefly we want to know about them! Please open a bug report issue <a href="https://github.com/facebook/pyrefly/issues">here</a></p> <hr /> <h2>📦 Upgrade</h2> <pre lang="shell"><code>pip install --upgrade pyrefly==0.59.0 </code></pre> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
5ee9fcbacf |
Bump fastapi from 0.128.0 to 0.135.3 in /backend (#1650)
Bumps [fastapi](https://github.com/fastapi/fastapi) from 0.128.0 to 0.135.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/fastapi/fastapi/releases">fastapi's releases</a>.</em></p> <blockquote> <h2>0.135.3</h2> <h3>Features</h3> <ul> <li>✨ Add support for <code>@app.vibe()</code>. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15280">#15280</a> by <a href="https://github.com/tiangolo"><code>@tiangolo</code></a>. <ul> <li>New docs: <a href="https://fastapi.tiangolo.com/advanced/vibe/">Vibe Coding</a>.</li> </ul> </li> </ul> <h3>Docs</h3> <ul> <li>✏️ Fix typo for <code>client_secret</code> in OAuth2 form docstrings. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/14946">#14946</a> by <a href="https://github.com/bysiber"><code>@bysiber</code></a>.</li> </ul> <h3>Internal</h3> <ul> <li>👥 Update FastAPI People - Experts. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15279">#15279</a> by <a href="https://github.com/tiangolo"><code>@tiangolo</code></a>.</li> <li>⬆ Bump orjson from 3.11.7 to 3.11.8. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15276">#15276</a> by <a href="https://github.com/apps/dependabot"><code>@dependabot[bot]</code></a>.</li> <li>⬆ Bump ruff from 0.15.0 to 0.15.8. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15277">#15277</a> by <a href="https://github.com/apps/dependabot"><code>@dependabot[bot]</code></a>.</li> <li>👥 Update FastAPI GitHub topic repositories. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15274">#15274</a> by <a href="https://github.com/tiangolo"><code>@tiangolo</code></a>.</li> <li>⬆ Bump fastmcp from 2.14.5 to 3.2.0. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15267">#15267</a> by <a href="https://github.com/apps/dependabot"><code>@dependabot[bot]</code></a>.</li> <li>👥 Update FastAPI People - Contributors and Translators. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15270">#15270</a> by <a href="https://github.com/tiangolo"><code>@tiangolo</code></a>.</li> <li>⬆ Bump requests from 2.32.5 to 2.33.0. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15228">#15228</a> by <a href="https://github.com/apps/dependabot"><code>@dependabot[bot]</code></a>.</li> <li>👷 Add ty check to <code>lint.sh</code>. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15136">#15136</a> by <a href="https://github.com/svlandeg"><code>@svlandeg</code></a>.</li> </ul> <h2>0.135.2</h2> <h3>Upgrades</h3> <ul> <li>⬆️ Increase lower bound to <code>pydantic >=2.9.0.</code> and fix the test suite. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15139">#15139</a> by <a href="https://github.com/svlandeg"><code>@svlandeg</code></a>.</li> </ul> <h3>Docs</h3> <ul> <li>📝 Add missing last release notes dates. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15202">#15202</a> by <a href="https://github.com/tiangolo"><code>@tiangolo</code></a>.</li> <li>📝 Update docs for contributors and team members regarding translation PRs. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15200">#15200</a> by <a href="https://github.com/YuriiMotov"><code>@YuriiMotov</code></a>.</li> <li>💄 Fix code blocks in reference docs overflowing table width. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15094">#15094</a> by <a href="https://github.com/YuriiMotov"><code>@YuriiMotov</code></a>.</li> <li>📝 Fix duplicated words in docstrings. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15116">#15116</a> by <a href="https://github.com/AhsanSheraz"><code>@AhsanSheraz</code></a>.</li> <li>📝 Add docs for <code>pyproject.toml</code> with <code>entrypoint</code>. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15075">#15075</a> by <a href="https://github.com/tiangolo"><code>@tiangolo</code></a>.</li> <li>📝 Update links in docs to no longer use the classes external-link and internal-link. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15061">#15061</a> by <a href="https://github.com/tiangolo"><code>@tiangolo</code></a>.</li> <li>🔨 Add JS and CSS handling for automatic <code>target=_blank</code> for links in docs. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15063">#15063</a> by <a href="https://github.com/tiangolo"><code>@tiangolo</code></a>.</li> <li>💄 Update styles for internal and external links in new tab. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15058">#15058</a> by <a href="https://github.com/tiangolo"><code>@tiangolo</code></a>.</li> <li>📝 Add documentation for the FastAPI VS Code extension. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15008">#15008</a> by <a href="https://github.com/savannahostrowski"><code>@savannahostrowski</code></a>.</li> <li>📝 Fix doctrings for <code>max_digits</code> and <code>decimal_places</code>. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/14944">#14944</a> by <a href="https://github.com/YuriiMotov"><code>@YuriiMotov</code></a>.</li> <li>📝 Add dates to release notes. PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15001">#15001</a> by <a href="https://github.com/YuriiMotov"><code>@YuriiMotov</code></a>.</li> </ul> <h3>Translations</h3> <ul> <li>🌐 Update translations for zh (update-outdated). PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15177">#15177</a> by <a href="https://github.com/tiangolo"><code>@tiangolo</code></a>.</li> <li>🌐 Update translations for zh-hant (update-outdated). PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15178">#15178</a> by <a href="https://github.com/tiangolo"><code>@tiangolo</code></a>.</li> <li>🌐 Update translations for zh-hant (add-missing). PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15176">#15176</a> by <a href="https://github.com/tiangolo"><code>@tiangolo</code></a>.</li> <li>🌐 Update translations for zh (add-missing). PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15175">#15175</a> by <a href="https://github.com/tiangolo"><code>@tiangolo</code></a>.</li> <li>🌐 Update translations for ja (update-outdated). PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15171">#15171</a> by <a href="https://github.com/tiangolo"><code>@tiangolo</code></a>.</li> <li>🌐 Update translations for ko (update-outdated). PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15170">#15170</a> by <a href="https://github.com/tiangolo"><code>@tiangolo</code></a>.</li> <li>🌐 Update translations for tr (update-outdated). PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15172">#15172</a> by <a href="https://github.com/tiangolo"><code>@tiangolo</code></a>.</li> <li>🌐 Update translations for ko (add-missing). PR <a href="https://redirect.github.com/fastapi/fastapi/pull/15168">#15168</a> by <a href="https://github.com/tiangolo"><code>@tiangolo</code></a>.</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
c3329869fb |
Bump sentry-sdk from 2.56.0 to 2.57.0 in /backend (#1649)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 2.56.0 to 2.57.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-python/releases">sentry-sdk's releases</a>.</em></p> <blockquote> <h2>2.57.0</h2> <h3>New Features ✨</h3> <h4>Langchain</h4> <ul> <li>Set <code>gen_ai.operation.name</code> and <code>gen_ai.pipeline.name</code> on LLM spans by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5849">#5849</a></li> <li>Broaden AI provider detection beyond OpenAI and Anthropic by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5707">#5707</a></li> <li>Update LLM span operation to <code>gen_ai.generate_text</code> by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5796">#5796</a></li> </ul> <h4>Other</h4> <ul> <li> <p>Add experimental async transport by <a href="https://github.com/BYK"><code>@BYK</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5646">#5646</a></p> <p>See <a href="https://github.com/getsentry/sentry-python/discussions/5919">https://github.com/getsentry/sentry-python/discussions/5919</a> for details.</p> </li> </ul> <h3>Bug Fixes 🐛</h3> <h4>Openai</h4> <ul> <li>Only wrap types with <code>_iterator</code> for streamed responses by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5917">#5917</a></li> <li>Always set <code>gen_ai.response.streaming</code> for Responses by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5697">#5697</a></li> <li>Simplify Responses input handling by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5695">#5695</a></li> <li>Use <code>max_output_tokens</code> for Responses API by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5693">#5693</a></li> <li>Always set <code>gen_ai.response.streaming</code> for Completions by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5692">#5692</a></li> <li>Simplify Completions input handling by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5690">#5690</a></li> <li>Simplify embeddings input handling by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5688">#5688</a></li> </ul> <h4>Other</h4> <ul> <li>(google-genai) Guard response extraction by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5869">#5869</a></li> <li>Add cycle detection to exceptions_from_error by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5880">#5880</a></li> </ul> <h3>Internal Changes 🔧</h3> <h4>Ai</h4> <ul> <li>Remove unused GEN_AI_PIPELINE operation constant by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5886">#5886</a></li> <li>Rename generate_text to text_completion by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5885">#5885</a></li> </ul> <h4>Langchain</h4> <ul> <li>Add text completion test by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5740">#5740</a></li> <li>Add tool execution test by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5739">#5739</a></li> <li>Add basic agent test with Responses call by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5726">#5726</a></li> <li>Replace mocks with <code>httpx</code> types by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5724">#5724</a></li> <li>Consolidate span origin assertion by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5723">#5723</a></li> <li>Consolidate available tools assertion by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5721">#5721</a></li> </ul> <h4>Openai</h4> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md">sentry-sdk's changelog</a>.</em></p> <blockquote> <h2>2.57.0</h2> <h3>New Features ✨</h3> <h4>Langchain</h4> <ul> <li>Set <code>gen_ai.operation.name</code> and <code>gen_ai.pipeline.name</code> on LLM spans by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5849">#5849</a></li> <li>Broaden AI provider detection beyond OpenAI and Anthropic by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5707">#5707</a></li> <li>Update LLM span operation to <code>gen_ai.generate_text</code> by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5796">#5796</a></li> </ul> <h4>Other</h4> <ul> <li> <p>Add experimental async transport by <a href="https://github.com/BYK"><code>@BYK</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5646">#5646</a></p> <p>See <a href="https://github.com/getsentry/sentry-python/discussions/5919">https://github.com/getsentry/sentry-python/discussions/5919</a> for details.</p> </li> </ul> <h3>Bug Fixes 🐛</h3> <h4>Openai</h4> <ul> <li>Only wrap types with <code>_iterator</code> for streamed responses by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5917">#5917</a></li> <li>Always set <code>gen_ai.response.streaming</code> for Responses by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5697">#5697</a></li> <li>Simplify Responses input handling by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5695">#5695</a></li> <li>Use <code>max_output_tokens</code> for Responses API by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5693">#5693</a></li> <li>Always set <code>gen_ai.response.streaming</code> for Completions by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5692">#5692</a></li> <li>Simplify Completions input handling by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5690">#5690</a></li> <li>Simplify embeddings input handling by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5688">#5688</a></li> </ul> <h4>Other</h4> <ul> <li>(google-genai) Guard response extraction by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5869">#5869</a></li> <li>Add cycle detection to exceptions_from_error by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5880">#5880</a></li> </ul> <h3>Internal Changes 🔧</h3> <h4>Ai</h4> <ul> <li>Remove unused GEN_AI_PIPELINE operation constant by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5886">#5886</a></li> <li>Rename generate_text to text_completion by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5885">#5885</a></li> </ul> <h4>Langchain</h4> <ul> <li>Add text completion test by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5740">#5740</a></li> <li>Add tool execution test by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5739">#5739</a></li> <li>Add basic agent test with Responses call by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5726">#5726</a></li> <li>Replace mocks with <code>httpx</code> types by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5724">#5724</a></li> <li>Consolidate span origin assertion by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5723">#5723</a></li> <li>Consolidate available tools assertion by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5721">#5721</a></li> </ul> <h4>Openai</h4> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
ef1693d389 |
Bump mypy from 1.19.0 to 1.20.0 in /backend (#1648)
Bumps [mypy](https://github.com/python/mypy) from 1.19.0 to 1.20.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/python/mypy/blob/master/CHANGELOG.md">mypy's changelog</a>.</em></p> <blockquote> <h1>Mypy Release Notes</h1> <h2>Next Release</h2> <h2>Mypy 1.20</h2> <p>We’ve just uploaded mypy 1.20.0 to the Python Package Index (<a href="https://pypi.org/project/mypy/">PyPI</a>). Mypy is a static type checker for Python. This release includes new features, performance improvements and bug fixes. You can install it as follows:</p> <pre><code>python3 -m pip install -U mypy </code></pre> <p>You can read the full documentation for this release on <a href="http://mypy.readthedocs.io">Read the Docs</a>.</p> <h3>Planned Changes to Defaults and Flags in Mypy 2.0</h3> <p>As a reminder, we are planning to enable <code>--local-partial-types</code> by default in mypy 2.0, which will likely be the next feature release. This will often require at least minor code changes. This option is implicitly enabled by mypy daemon, so this makes the behavior of daemon and non-daemon modes consistent.</p> <p>Note that this release improves the compatibility of <code>--local-partial-types</code> significantly to make the switch easier (see below for more).</p> <p>This can also be configured in a mypy configuration file (use <code>False</code> to disable):</p> <pre><code>local_partial_types = True </code></pre> <p>For more information, refer to the <a href="https://mypy.readthedocs.io/en/stable/command_line.html#cmdoption-mypy-local-partial-types">documentation</a>.</p> <p>We will also enable <code>--strict-bytes</code> by default in mypy 2.0. This usually requires at most minor code changes to adopt. For more information, refer to the <a href="https://mypy.readthedocs.io/en/stable/command_line.html#cmdoption-mypy-strict-bytes">documentation</a>.</p> <p>Finally, <code>--allow-redefinition-new</code> will be renamed to <code>--allow-redefinition</code>. If you want to continue using the older <code>--allow-redefinition</code> semantics which are less flexible (e.g. limited support for conditional redefinitions), you can switch to <code>--allow-redefinition-old</code>, which is currently supported as an alias to the legacy <code>--allow-redefinition</code> behavior. To use <code>--allow-redefinition</code> in the upcoming mypy 2.0, you can't use <code>--no-local-partial-types</code>. For more information, refer to the <a href="https://mypy.readthedocs.io/en/stable/command_line.html#cmdoption-mypy-allow-redefinition-new">documentation</a>.</p> <h3>Better Type Narrowing</h3> <p>Mypy's implementation of narrowing has been substantially reworked. Mypy will now narrow more aggressively, more consistently, and more correctly. In particular, you are likely to notice new narrowing behavior in equality expressions (<code>==</code>), containment expressions (<code>in</code>),</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
b95f381f0d |
Bump uvicorn from 0.42.0 to 0.44.0 in /backend (#1646)
Bumps [uvicorn](https://github.com/Kludex/uvicorn) from 0.42.0 to 0.44.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/Kludex/uvicorn/releases">uvicorn's releases</a>.</em></p> <blockquote> <h2>Version 0.44.0</h2> <h2>What's Changed</h2> <ul> <li>Implement websocket keepalive pings for websockets-sansio by <a href="https://github.com/Kludex"><code>@Kludex</code></a> in <a href="https://redirect.github.com/Kludex/uvicorn/pull/2888">Kludex/uvicorn#2888</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/Kludex/uvicorn/compare/0.43.0...0.44.0">https://github.com/Kludex/uvicorn/compare/0.43.0...0.44.0</a></p> <h2>Version 0.43.0</h2> <h2>Changed</h2> <ul> <li>Emit <code>http.disconnect</code> ASGI <code>receive()</code> event on server shutting down for streaming responses (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2829">#2829</a>)</li> <li>Use native <code>context</code> parameter for <code>create_task</code> on Python 3.11+ (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2859">#2859</a>)</li> <li>Drop cast in ASGI types (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2875">#2875</a>)</li> </ul> <hr /> <p><strong>Full Changelog</strong>: <a href="https://github.com/Kludex/uvicorn/compare/0.42.0...0.43.0">https://github.com/Kludex/uvicorn/compare/0.42.0...0.43.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Kludex/uvicorn/blob/main/docs/release-notes.md">uvicorn's changelog</a>.</em></p> <blockquote> <h2>0.44.0 (April 6, 2026)</h2> <h3>Added</h3> <ul> <li>Implement websocket keepalive pings for websockets-sansio (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2888">#2888</a>)</li> </ul> <h2>0.43.0 (April 3, 2026)</h2> <p>You can quit Uvicorn now. We heard you, <a href="https://github.com/pamelafox"><code>@pamelafox</code></a> - all 47 of your Ctrl+C's (thanks for flagging it, and thanks to <a href="https://github.com/tiangolo"><code>@tiangolo</code></a> for the fix 🙏). <a href="https://x.com/pamelafox/status/2039097686155227623">See the tweet</a>.</p> <h3>Changed</h3> <ul> <li>Emit <code>http.disconnect</code> ASGI <code>receive()</code> event on server shutting down for streaming responses (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2829">#2829</a>)</li> <li>Use native <code>context</code> parameter for <code>create_task</code> on Python 3.11+ (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2859">#2859</a>)</li> <li>Drop cast in ASGI types (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2875">#2875</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
75c2574eec |
Bump aiohttp from 3.13.3 to 3.13.4 in /backend (#1632)
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/evroon/bracket/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
75f99877fe |
Bump gunicorn from 25.1.0 to 25.3.0 in /backend (#1631)
Bumps [gunicorn](https://github.com/benoitc/gunicorn) from 25.1.0 to 25.3.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/benoitc/gunicorn/releases">gunicorn's releases</a>.</em></p> <blockquote> <h2>Gunicorn 25.3.0</h2> <h2>Bug Fixes</h2> <ul> <li> <p><strong>HTTP/2 ASGI Body Duplication</strong>: Fix request body being received twice in HTTP/2 ASGI requests, causing JSON parsing errors with "Extra data" messages (<a href="https://redirect.github.com/benoitc/gunicorn/issues/3558">#3558</a>)</p> </li> <li> <p><strong>ASGI Chunked EOF Handling</strong>: Add <code>finish()</code> method to callback parser to handle chunked encoding edge case where connection closes before final CRLF after zero-chunk</p> </li> <li> <p><strong>HTTP/2 Documentation</strong>: Fix <code>http_protocols</code> examples to use comma-separated string instead of list syntax (<a href="https://redirect.github.com/benoitc/gunicorn/issues/3561">#3561</a>)</p> </li> <li> <p><strong>Chunked Encoding</strong>: Reject chunk extensions containing bare CR bytes per RFC 9112 (<a href="https://github.com/benoitc/gunicorn/discussions/3556">#3556</a>)</p> </li> <li> <p><strong>Request Line Limit</strong>: Fix <code>--limit-request-line 0</code> to mean unlimited as documented, instead of using default maximum. Works with both Python and fast C parser. (<a href="https://redirect.github.com/benoitc/gunicorn/issues/3563">#3563</a>)</p> </li> </ul> <h2>Security</h2> <ul> <li><strong>ASGI Parser Header Validation</strong>: Add security checks per RFC 9110/9112: <ul> <li>Reject duplicate Content-Length headers</li> <li>Reject requests with both Content-Length and Transfer-Encoding</li> <li>Reject chunked transfer encoding in HTTP/1.0</li> <li>Reject stacked chunked encoding</li> <li>Validate Transfer-Encoding values</li> <li>Strict chunk size validation</li> </ul> </li> </ul> <h2>Changes</h2> <ul> <li> <p><strong>Fast HTTP Parser</strong>: Update to gunicorn_h1c >= 0.6.3 for <code>asgi_headers</code> property and <code>InvalidChunkExtension</code> validation for bare CR rejection</p> </li> <li> <p><strong>ASGI PROXY Protocol</strong>: Add PROXY protocol v1/v2 support to callback parser</p> </li> <li> <p><strong>Docker Images</strong>: Update to Python 3.14</p> </li> </ul> <h2>Gunicorn 25.2.0</h2> <h3>New Features</h3> <ul> <li><strong>Fast HTTP Parser (gunicorn_h1c 0.4.1)</strong>: Integrate new exception types and limit parameters from gunicorn_h1c 0.4.1 for both WSGI and ASGI workers <ul> <li>Requires gunicorn_h1c >= 0.4.1 for <code>http_parser='fast'</code></li> <li>Falls back to Python parser in <code>auto</code> mode if version not met</li> <li>Proper HTTP status codes for limit errors (414, 431)</li> </ul> </li> </ul> <h3>Bug Fixes</h3> <ul> <li><strong>uWSGI Async Workers</strong>: Fix <code>InvalidUWSGIHeader: incomplete header</code> error when using gevent or gthread workers with uwsgi protocol behind nginx. (<a href="https://redirect.github.com/benoitc/gunicorn/issues/3552">#3552</a>, [PR <a href="https://redirect.github.com/benoitc/gunicorn/issues/3554">#3554</a>](<a href="https://redirect.github.com/benoitc/gunicorn/pull/3554">benoitc/gunicorn#3554</a>))</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
fcbfe5f593 |
Bump sentry-sdk from 2.55.0 to 2.56.0 in /backend (#1630)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 2.55.0 to 2.56.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-python/releases">sentry-sdk's releases</a>.</em></p> <blockquote> <h2>2.56.0</h2> <h3>New Features ✨</h3> <ul> <li>(asgi) Add option to disable suppressing chained exceptions by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5714">#5714</a></li> <li>(logging) Separate ignore lists for events/breadcrumbs and sentry logs by <a href="https://github.com/sl0thentr0py"><code>@sl0thentr0py</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5698">#5698</a></li> </ul> <h3>Bug Fixes 🐛</h3> <h4>Anthropic</h4> <ul> <li>Set exception info on streaming span when applicable by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5683">#5683</a></li> <li>Patch <code>AsyncStream.close()</code> and <code>AsyncMessageStream.close()</code> to finish spans by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5675">#5675</a></li> <li>Patch <code>Stream.close()</code> and <code>MessageStream.close()</code> to finish spans by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5674">#5674</a></li> </ul> <h4>Other</h4> <ul> <li>(starlette) Catch Jinja2Templates ImportError by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5741">#5741</a></li> </ul> <h3>Documentation 📚</h3> <ul> <li>Add note on AI PRs to CONTRIBUTING.md by <a href="https://github.com/sentrivana"><code>@sentrivana</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5696">#5696</a></li> </ul> <h3>Internal Changes 🔧</h3> <ul> <li>Pin GitHub Actions to full-length commit SHAs by <a href="https://github.com/joshuarli"><code>@joshuarli</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5781">#5781</a></li> <li>Add <code>-latest</code> alias for each integration test suite by <a href="https://github.com/sentrivana"><code>@sentrivana</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5706">#5706</a></li> <li>Use date-based branch names for toxgen PRs by <a href="https://github.com/sentrivana"><code>@sentrivana</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5704">#5704</a></li> <li>🤖 Update test matrix with new releases (03/19) by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5703">#5703</a></li> <li>Add client report tests for span streaming by <a href="https://github.com/sentrivana"><code>@sentrivana</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5677">#5677</a></li> </ul> <h3>Other</h3> <ul> <li>Update CHANGELOG.md by <a href="https://github.com/sentrivana"><code>@sentrivana</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5685">#5685</a></li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md">sentry-sdk's changelog</a>.</em></p> <blockquote> <h2>2.56.0</h2> <h3>New Features ✨</h3> <ul> <li>(asgi) Add option to disable suppressing chained exceptions by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5714">#5714</a></li> <li>(logging) Separate ignore lists for events/breadcrumbs and sentry logs by <a href="https://github.com/sl0thentr0py"><code>@sl0thentr0py</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5698">#5698</a></li> </ul> <h3>Bug Fixes 🐛</h3> <h4>Anthropic</h4> <ul> <li>Set exception info on streaming span when applicable by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5683">#5683</a></li> <li>Patch <code>AsyncStream.close()</code> and <code>AsyncMessageStream.close()</code> to finish spans by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5675">#5675</a></li> <li>Patch <code>Stream.close()</code> and <code>MessageStream.close()</code> to finish spans by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5674">#5674</a></li> </ul> <h4>Other</h4> <ul> <li>(starlette) Catch Jinja2Templates ImportError by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5741">#5741</a></li> </ul> <h3>Documentation 📚</h3> <ul> <li>Add note on AI PRs to CONTRIBUTING.md by <a href="https://github.com/sentrivana"><code>@sentrivana</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5696">#5696</a></li> </ul> <h3>Internal Changes 🔧</h3> <ul> <li>Pin GitHub Actions to full-length commit SHAs by <a href="https://github.com/joshuarli"><code>@joshuarli</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5781">#5781</a></li> <li>Add <code>-latest</code> alias for each integration test suite by <a href="https://github.com/sentrivana"><code>@sentrivana</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5706">#5706</a></li> <li>Use date-based branch names for toxgen PRs by <a href="https://github.com/sentrivana"><code>@sentrivana</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5704">#5704</a></li> <li>🤖 Update test matrix with new releases (03/19) by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5703">#5703</a></li> <li>Add client report tests for span streaming by <a href="https://github.com/sentrivana"><code>@sentrivana</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5677">#5677</a></li> </ul> <h3>Other</h3> <ul> <li>Update CHANGELOG.md by <a href="https://github.com/sentrivana"><code>@sentrivana</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5685">#5685</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
3bfa0dee71 |
Bump vulture from 2.15 to 2.16 in /backend (#1629)
Bumps [vulture](https://github.com/jendrikseipp/vulture) from 2.15 to 2.16. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/jendrikseipp/vulture/releases">vulture's releases</a>.</em></p> <blockquote> <h2>v2.16</h2> <p>2.16 (2026-03-25)</p> <ul> <li>Fix false positives for dead code after while loops (<a href="https://redirect.github.com/jendrikseipp/vulture/issues/412">#412</a>, <a href="https://redirect.github.com/jendrikseipp/vulture/issues/413">#413</a>, Jendrik Seipp).</li> <li>Use <code>ty</code> instead of <code>pytype</code> for testing type annotations (Jendrik Seipp).</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/jendrikseipp/vulture/blob/main/CHANGELOG.md">vulture's changelog</a>.</em></p> <blockquote> <h1>2.16 (2026-03-25)</h1> <ul> <li>Fix false positives for dead code after while loops (<a href="https://redirect.github.com/jendrikseipp/vulture/issues/412">#412</a>, <a href="https://redirect.github.com/jendrikseipp/vulture/issues/413">#413</a>, Jendrik Seipp).</li> <li>Use <code>ty</code> instead of <code>pytype</code> for testing type annotations (Jendrik Seipp).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
a0e9a02bed |
Bump pyrefly from 0.57.1 to 0.58.0 in /backend (#1628)
Bumps [pyrefly](https://github.com/facebook/pyrefly) from 0.57.1 to 0.58.0. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
a8761a1c16 |
Bump pygments from 2.19.2 to 2.20.0 in /backend (#1626)
Bumps [pygments](https://github.com/pygments/pygments) from 2.19.2 to 2.20.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pygments/pygments/releases">pygments's releases</a>.</em></p> <blockquote> <h2>2.20.0</h2> <ul> <li> <p>New lexers:</p> <ul> <li>Rell (<a href="https://redirect.github.com/pygments/pygments/issues/2914">#2914</a>)</li> </ul> </li> <li> <p>Updated lexers:</p> <ul> <li>archetype: Fix catastrophic backtracking in GUID and ID patterns (<a href="https://redirect.github.com/pygments/pygments/issues/3064">#3064</a>)</li> <li>ASN.1: Recognize minus sign and fix range operator (<a href="https://redirect.github.com/pygments/pygments/issues/3014">#3014</a>, <a href="https://redirect.github.com/pygments/pygments/issues/3060">#3060</a>)</li> <li>C++: Add C++26 keywords (<a href="https://redirect.github.com/pygments/pygments/issues/2955">#2955</a>), add integer literal suffixes (<a href="https://redirect.github.com/pygments/pygments/issues/2966">#2966</a>)</li> <li>ComponentPascal: Fix <code>analyse_text</code> (<a href="https://redirect.github.com/pygments/pygments/issues/3028">#3028</a>, <a href="https://redirect.github.com/pygments/pygments/issues/3032">#3032</a>)</li> <li>Coq renamed to Rocq (<a href="https://redirect.github.com/pygments/pygments/issues/2883">#2883</a>, <a href="https://redirect.github.com/pygments/pygments/issues/2908">#2908</a>)</li> <li>Cython: Various improvements (<a href="https://redirect.github.com/pygments/pygments/issues/2932">#2932</a>, <a href="https://redirect.github.com/pygments/pygments/issues/2933">#2933</a>)</li> <li>Debian control: Improve architecture parsing (<a href="https://redirect.github.com/pygments/pygments/issues/3052">#3052</a>)</li> <li>Devicetree: Add support for overlay/fragments (<a href="https://redirect.github.com/pygments/pygments/issues/3021">#3021</a>), add bytestring support (<a href="https://redirect.github.com/pygments/pygments/issues/3022">#3022</a>), fix catastrophic backtracking (<a href="https://redirect.github.com/pygments/pygments/issues/3057">#3057</a>)</li> <li>Fennel: Various improvements (<a href="https://redirect.github.com/pygments/pygments/issues/2911">#2911</a>)</li> <li>Haskell: Handle escape sequences in character literals (<a href="https://redirect.github.com/pygments/pygments/issues/3069">#3069</a>, <a href="https://redirect.github.com/pygments/pygments/issues/1795">#1795</a>)</li> <li>Java: Add module keywords (<a href="https://redirect.github.com/pygments/pygments/issues/2955">#2955</a>)</li> <li>Lean4: Add operators <code>]'</code>, <code>]?</code>, <code>]!</code> (<a href="https://redirect.github.com/pygments/pygments/issues/2946">#2946</a>)</li> <li>LESS: Support single-line comments (<a href="https://redirect.github.com/pygments/pygments/issues/3005">#3005</a>)</li> <li>LilyPond: Update to 2.25.29 (<a href="https://redirect.github.com/pygments/pygments/issues/2974">#2974</a>)</li> <li>LLVM: Support C-style comments (<a href="https://redirect.github.com/pygments/pygments/issues/3023">#3023</a>, <a href="https://redirect.github.com/pygments/pygments/issues/2978">#2978</a>)</li> <li>Lua(u): Fix catastrophic backtracking (<a href="https://redirect.github.com/pygments/pygments/issues/3047">#3047</a>)</li> <li>Macaulay2: Update to 1.25.05 (<a href="https://redirect.github.com/pygments/pygments/issues/2893">#2893</a>), 1.25.11 (<a href="https://redirect.github.com/pygments/pygments/issues/2988">#2988</a>)</li> <li>Mathematica: Various improvements (<a href="https://redirect.github.com/pygments/pygments/issues/2957">#2957</a>)</li> <li>meson: Add additional operators (<a href="https://redirect.github.com/pygments/pygments/issues/2919">#2919</a>)</li> <li>MySQL: Update keywords (<a href="https://redirect.github.com/pygments/pygments/issues/2970">#2970</a>)</li> <li>org-Mode: Support both schedule and deadline (<a href="https://redirect.github.com/pygments/pygments/issues/2899">#2899</a>)</li> <li>PHP: Add <code>__PROPERTY__</code> magic constant (<a href="https://redirect.github.com/pygments/pygments/issues/2924">#2924</a>), add reserved keywords (<a href="https://redirect.github.com/pygments/pygments/issues/3002">#3002</a>)</li> <li>PostgreSQL: Add more keywords (<a href="https://redirect.github.com/pygments/pygments/issues/2985">#2985</a>)</li> <li>protobuf: Fix namespace tokenization (<a href="https://redirect.github.com/pygments/pygments/issues/2929">#2929</a>)</li> <li>Python: Add <code>t</code>-string support (<a href="https://redirect.github.com/pygments/pygments/issues/2973">#2973</a>, <a href="https://redirect.github.com/pygments/pygments/issues/3009">#3009</a>, <a href="https://redirect.github.com/pygments/pygments/issues/3010">#3010</a>)</li> <li>Tablegen: Fix infinite loop (<a href="https://redirect.github.com/pygments/pygments/issues/2972">#2972</a>, <a href="https://redirect.github.com/pygments/pygments/issues/2940">#2940</a>)</li> <li>Tera Term macro: Add commands introduced in v5.3 through v5.6 (<a href="https://redirect.github.com/pygments/pygments/issues/2951">#2951</a>)</li> <li>TOML: Support TOML 1.1.0 (<a href="https://redirect.github.com/pygments/pygments/issues/3026">#3026</a>, <a href="https://redirect.github.com/pygments/pygments/issues/3027">#3027</a>)</li> <li>Turtle: Allow empty comment lines (<a href="https://redirect.github.com/pygments/pygments/issues/2980">#2980</a>)</li> <li>XML: Added <code>.xbrl</code> as file ending (<a href="https://redirect.github.com/pygments/pygments/issues/2890">#2890</a>, <a href="https://redirect.github.com/pygments/pygments/issues/2891">#2891</a>)</li> </ul> </li> <li> <p>Drop Python 3.8, and add Python 3.14 as a supported version (<a href="https://redirect.github.com/pygments/pygments/issues/2987">#2987</a>, <a href="https://redirect.github.com/pygments/pygments/issues/3012">#3012</a>)</p> </li> <li> <p>Various improvements to <code>autopygmentize</code> (<a href="https://redirect.github.com/pygments/pygments/issues/2894">#2894</a>)</p> </li> <li> <p>Update <code>onedark</code> style to support more token types (<a href="https://redirect.github.com/pygments/pygments/issues/2977">#2977</a>)</p> </li> <li> <p>Update <code>rtt</code> style to support more token types (<a href="https://redirect.github.com/pygments/pygments/issues/2895">#2895</a>)</p> </li> <li> <p>Cache entry points to improve performance (<a href="https://redirect.github.com/pygments/pygments/issues/2979">#2979</a>)</p> </li> <li> <p>Fix <code>xterm-256</code> color table (<a href="https://redirect.github.com/pygments/pygments/issues/3043">#3043</a>)</p> </li> <li> <p>Fix <code>kwargs</code> dictionary getting mutated on each call (<a href="https://redirect.github.com/pygments/pygments/issues/3044">#3044</a>)</p> </li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pygments/pygments/blob/master/CHANGES">pygments's changelog</a>.</em></p> <blockquote> <h2>Version 2.20.0</h2> <p>(released March 29th, 2026)</p> <ul> <li> <p>New lexers:</p> <ul> <li>Rell (<a href="https://redirect.github.com/pygments/pygments/issues/2914">#2914</a>)</li> </ul> </li> <li> <p>Updated lexers:</p> <ul> <li>archetype: Fix catastrophic backtracking in GUID and ID patterns (<a href="https://redirect.github.com/pygments/pygments/issues/3064">#3064</a>)</li> <li>ASN.1: Recognize minus sign and fix range operator (<a href="https://redirect.github.com/pygments/pygments/issues/3014">#3014</a>, <a href="https://redirect.github.com/pygments/pygments/issues/3060">#3060</a>)</li> <li>C++: Add C++26 keywords (<a href="https://redirect.github.com/pygments/pygments/issues/2955">#2955</a>), add integer literal suffixes (<a href="https://redirect.github.com/pygments/pygments/issues/2966">#2966</a>)</li> <li>ComponentPascal: Fix <code>analyse_text</code> (<a href="https://redirect.github.com/pygments/pygments/issues/3028">#3028</a>, <a href="https://redirect.github.com/pygments/pygments/issues/3032">#3032</a>)</li> <li>Coq renamed to Rocq (<a href="https://redirect.github.com/pygments/pygments/issues/2883">#2883</a>, <a href="https://redirect.github.com/pygments/pygments/issues/2908">#2908</a>)</li> <li>Cython: Various improvements (<a href="https://redirect.github.com/pygments/pygments/issues/2932">#2932</a>, <a href="https://redirect.github.com/pygments/pygments/issues/2933">#2933</a>)</li> <li>Debian control: Improve architecture parsing (<a href="https://redirect.github.com/pygments/pygments/issues/3052">#3052</a>)</li> <li>Devicetree: Add support for overlay/fragments (<a href="https://redirect.github.com/pygments/pygments/issues/3021">#3021</a>), add bytestring support (<a href="https://redirect.github.com/pygments/pygments/issues/3022">#3022</a>), fix catastrophic backtracking (<a href="https://redirect.github.com/pygments/pygments/issues/3057">#3057</a>)</li> <li>Fennel: Various improvements (<a href="https://redirect.github.com/pygments/pygments/issues/2911">#2911</a>)</li> <li>Haskell: Handle escape sequences in character literals (<a href="https://redirect.github.com/pygments/pygments/issues/3069">#3069</a>, <a href="https://redirect.github.com/pygments/pygments/issues/1795">#1795</a>)</li> <li>Java: Add module keywords (<a href="https://redirect.github.com/pygments/pygments/issues/2955">#2955</a>)</li> <li>Lean4: Add operators <code>]'</code>, <code>]?</code>, <code>]!</code> (<a href="https://redirect.github.com/pygments/pygments/issues/2946">#2946</a>)</li> <li>LESS: Support single-line comments (<a href="https://redirect.github.com/pygments/pygments/issues/3005">#3005</a>)</li> <li>LilyPond: Update to 2.25.29 (<a href="https://redirect.github.com/pygments/pygments/issues/2974">#2974</a>)</li> <li>LLVM: Support C-style comments (<a href="https://redirect.github.com/pygments/pygments/issues/3023">#3023</a>, <a href="https://redirect.github.com/pygments/pygments/issues/2978">#2978</a>)</li> <li>Lua(u): Fix catastrophic backtracking (<a href="https://redirect.github.com/pygments/pygments/issues/3047">#3047</a>)</li> <li>Macaulay2: Update to 1.25.05 (<a href="https://redirect.github.com/pygments/pygments/issues/2893">#2893</a>), 1.25.11 (<a href="https://redirect.github.com/pygments/pygments/issues/2988">#2988</a>)</li> <li>Mathematica: Various improvements (<a href="https://redirect.github.com/pygments/pygments/issues/2957">#2957</a>)</li> <li>meson: Add additional operators (<a href="https://redirect.github.com/pygments/pygments/issues/2919">#2919</a>)</li> <li>MySQL: Update keywords (<a href="https://redirect.github.com/pygments/pygments/issues/2970">#2970</a>)</li> <li>org-Mode: Support both schedule and deadline (<a href="https://redirect.github.com/pygments/pygments/issues/2899">#2899</a>)</li> <li>PHP: Add <code>__PROPERTY__</code> magic constant (<a href="https://redirect.github.com/pygments/pygments/issues/2924">#2924</a>), add reserved keywords (<a href="https://redirect.github.com/pygments/pygments/issues/3002">#3002</a>)</li> <li>PostgreSQL: Add more keywords (<a href="https://redirect.github.com/pygments/pygments/issues/2985">#2985</a>)</li> <li>protobuf: Fix namespace tokenization (<a href="https://redirect.github.com/pygments/pygments/issues/2929">#2929</a>)</li> <li>Python: Add <code>t</code>-string support (<a href="https://redirect.github.com/pygments/pygments/issues/2973">#2973</a>, <a href="https://redirect.github.com/pygments/pygments/issues/3009">#3009</a>, <a href="https://redirect.github.com/pygments/pygments/issues/3010">#3010</a>)</li> <li>Tablegen: Fix infinite loop (<a href="https://redirect.github.com/pygments/pygments/issues/2972">#2972</a>, <a href="https://redirect.github.com/pygments/pygments/issues/2940">#2940</a>)</li> <li>Tera Term macro: Add commands introduced in v5.3 through v5.6 (<a href="https://redirect.github.com/pygments/pygments/issues/2951">#2951</a>)</li> <li>TOML: Support TOML 1.1.0 (<a href="https://redirect.github.com/pygments/pygments/issues/3026">#3026</a>, <a href="https://redirect.github.com/pygments/pygments/issues/3027">#3027</a>)</li> <li>Turtle: Allow empty comment lines (<a href="https://redirect.github.com/pygments/pygments/issues/2980">#2980</a>)</li> <li>XML: Added <code>.xbrl</code> as file ending (<a href="https://redirect.github.com/pygments/pygments/issues/2890">#2890</a>, <a href="https://redirect.github.com/pygments/pygments/issues/2891">#2891</a>)</li> </ul> </li> <li> <p>Drop Python 3.8, and add Python 3.14 as a supported version (<a href="https://redirect.github.com/pygments/pygments/issues/2987">#2987</a>, <a href="https://redirect.github.com/pygments/pygments/issues/3012">#3012</a>)</p> </li> <li> <p>Various improvements to <code>autopygmentize</code> (<a href="https://redirect.github.com/pygments/pygments/issues/2894">#2894</a>)</p> </li> <li> <p>Update <code>onedark</code> style to support more token types (<a href="https://redirect.github.com/pygments/pygments/issues/2977">#2977</a>)</p> </li> <li> <p>Update <code>rtt</code> style to support more token types (<a href="https://redirect.github.com/pygments/pygments/issues/2895">#2895</a>)</p> </li> <li> <p>Cache entry points to improve performance (<a href="https://redirect.github.com/pygments/pygments/issues/2979">#2979</a>)</p> </li> <li> <p>Fix <code>xterm-256</code> color table (<a href="https://redirect.github.com/pygments/pygments/issues/3043">#3043</a>)</p> </li> <li> <p>Fix <code>kwargs</code> dictionary getting mutated on each call (<a href="https://redirect.github.com/pygments/pygments/issues/3044">#3044</a>)</p> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
ec4801a821 |
Bump pytest-cov from 7.0.0 to 7.1.0 in /backend (#1623)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [pytest-cov](https://github.com/pytest-dev/pytest-cov) from 7.0.0 to 7.1.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pytest-dev/pytest-cov/blob/master/CHANGELOG.rst">pytest-cov's changelog</a>.</em></p> <blockquote> <h2>7.1.0 (2026-03-21)</h2> <ul> <li> <p>Fixed total coverage computation to always be consistent, regardless of reporting settings. Previously some reports could produce different total counts, and consequently can make --cov-fail-under behave different depending on reporting options. See <code>[#641](https://github.com/pytest-dev/pytest-cov/issues/641) <https://github.com/pytest-dev/pytest-cov/issues/641></code>_.</p> </li> <li> <p>Improve handling of ResourceWarning from sqlite3.</p> <p>The plugin adds warning filter for sqlite3 <code>ResourceWarning</code> unclosed database (since 6.2.0). It checks if there is already existing plugin for this message by comparing filter regular expression. When filter is specified on command line the message is escaped and does not match an expected message. A check for an escaped regular expression is added to handle this case.</p> <p>With this fix one can suppress <code>ResourceWarning</code> from sqlite3 from command line::</p> <p>pytest -W "ignore:unclosed database in <sqlite3.Connection object at:ResourceWarning" ...</p> </li> <li> <p>Various improvements to documentation. Contributed by Art Pelling in <code>[#718](https://github.com/pytest-dev/pytest-cov/issues/718) <https://github.com/pytest-dev/pytest-cov/pull/718></code>_ and "vivodi" in <code>[#738](https://github.com/pytest-dev/pytest-cov/issues/738) <https://github.com/pytest-dev/pytest-cov/pull/738></code><em>. Also closed <code>[#736](https://github.com/pytest-dev/pytest-cov/issues/736) <https://github.com/pytest-dev/pytest-cov/issues/736></code></em>.</p> </li> <li> <p>Fixed some assertions in tests. Contributed by in Markéta Machová in <code>[#722](https://github.com/pytest-dev/pytest-cov/issues/722) <https://github.com/pytest-dev/pytest-cov/pull/722></code>_.</p> </li> <li> <p>Removed unnecessary coverage configuration copying (meant as a backup because reporting commands had configuration side-effects before coverage 5.0).</p> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
3be18abccd |
Bump pyrefly from 0.56.0 to 0.57.1 in /backend (#1622)
Bumps [pyrefly](https://github.com/facebook/pyrefly) from 0.56.0 to 0.57.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/facebook/pyrefly/releases">pyrefly's releases</a>.</em></p> <blockquote> <h2>Pyrefly v0.57.1</h2> <p>Fixed a bug that could cause Pyrefly to hang.</p> <h2>Pyrefly v0.57.0</h2> <p><strong>Status: Beta</strong><br /> <em>Release date: March 16, 2026</em></p> <p>Pyrefly 0.57.0 bundles <strong>116 commits</strong> from <strong>17 contributors</strong>.</p> <hr /> <h2>✨ New & Improved</h2> <table> <thead> <tr> <th align="left">Area</th> <th align="left">What’s new</th> </tr> </thead> <tbody> <tr> <td align="left"><strong>Type Checking</strong></td> <td align="left">- Improved type narrowing for <code>hasattr</code> inside loops <!-- raw HTML omitted --><!-- raw HTML omitted -->- <code>pyrefly suppress</code> no longer corrupts multiline f-strings/t-strings by inserting suppression comments inside the string; it now places comments above the string and also matches suppressions correctly for errors inside multiline f/t-strings <!-- raw HTML omitted --><!-- raw HTML omitted -->- Improved <code>namedtuple</code> support with <code>*</code> field unpacking <!-- raw HTML omitted --><!-- raw HTML omitted -->- Fewer false-positive “variable is not initialized” errors</td> </tr> <tr> <td align="left"><strong>Language Server</strong></td> <td align="left">- if a nested pyproject.toml contains <code>[tool.ruff]</code> / <code>[tool.mypy]</code> / <code>[tool.pyright]</code>, it’s treated as a strong “this is a Python project root” marker, preventing parent pyrefly.toml from incorrectly shadowing it (notably improving go-to-def accuracy on some repos)</td> </tr> <tr> <td align="left"><strong>Performance</strong></td> <td align="left">- Typechecking speed has improved, making it now ~20% faster to type check Pytorch on recent benchmarks</td> </tr> </tbody> </table> <hr /> <h2>🐛 bug fixes</h2> <p>We closed 24 bug issues this release 👏</p> <ul> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2696">#2696</a>: Fixed an issue where Pyrefly’s LSP incorrectly flagged <code>from typing import NewType</code> as unused, even when <code>NewType(...)</code> was referenced.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2743">#2743</a>: Fixed an issue where <code>TypedDict</code> fields named items/values prevented access to the corresponding <code>dict.items()</code> / <code>dict.values()</code> methods via attribute lookup.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2745">#2745</a>: Fixed an issue where chained/nested narrowing expressions (e.g. multi-clause and conditions) failed to narrow correctly when using negative subscript indices.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2737">#2737</a>: Fixed an issue where <code>functools.partial(...)</code> results couldn’t be assigned back to a Callable typed with a <code>ParamSpec</code>, causing a false-positive type error.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2650">#2650</a>: Fixed an issue where a <code>Protocol</code> parameterized by <code>ParamSpec[...]</code> wasn’t considered compatible with an equivalent “gradual” protocol using <code>*args: Any, **kwargs: Any</code>.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2334">#2334</a>: Fixed an issue where calling <code>__init__</code> on parametrized bound methods could trigger a false-positive type error due to incorrect attribute lookup behavior.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2731">#2731</a>: Fixed an issue where <code>super()</code> calls to abstract methods that do have a concrete runtime body were incorrectly reported as missing-attribute / abstract-call errors.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/828">#828</a>: Fixed an issue where reading a conditionally-initialized variable didn’t “commit” the initialization, leading to redundant follow-on “may be uninitialized” errors.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/835">#835</a>: Fixed an issue where type information for subclasses wasn’t handled correctly, leading to failures when type-checking subclass relationships.</li> <li>And more! <a href="https://redirect.github.com/facebook/pyrefly/issues/2522">#2522</a>, <a href="https://redirect.github.com/facebook/pyrefly/issues/1800">#1800</a>, <a href="https://redirect.github.com/facebook/pyrefly/issues/2736">#2736</a>, <a href="https://redirect.github.com/facebook/pyrefly/issues/2382">#2382</a>, <a href="https://redirect.github.com/facebook/pyrefly/issues/913">#913</a>, <a href="https://redirect.github.com/facebook/pyrefly/issues/1397">#1397</a>, <a href="https://redirect.github.com/facebook/pyrefly/issues/2261">#2261</a>, <a href="https://redirect.github.com/facebook/pyrefly/issues/2669">#2669</a>, <a href="https://redirect.github.com/facebook/pyrefly/issues/2744">#2744</a>, <a href="https://redirect.github.com/facebook/pyrefly/issues/2739">#2739</a>, <a href="https://redirect.github.com/facebook/pyrefly/issues/1575">#1575</a>, <a href="https://redirect.github.com/facebook/pyrefly/issues/903">#903</a>, <a href="https://redirect.github.com/facebook/pyrefly/issues/1043">#1043</a>, <a href="https://redirect.github.com/facebook/pyrefly/issues/1429">#1429</a>, <a href="https://redirect.github.com/facebook/pyrefly/issues/2607">#2607</a></li> </ul> <p>Thank-you to all our contributors who found these bugs and reported them! Did you know this is one of the most helpful contributions you can make to an open-source project? If you find any bugs in Pyrefly we want to know about them! Please open a bug report issue <a href="https://github.com/facebook/pyrefly/issues">here</a></p> <hr /> <h2>📦 Upgrade</h2> <pre lang="shell"><code>pip install --upgrade pyrefly==0.57.0 </code></pre> <h3>How to safely upgrade your codebase</h3> <p>Upgrading the version of Pyrefly you're using or a third-party library you depend on can reveal new type errors in your code. Fixing them all at once is often unrealistic. We've written scripts to help you temporarily silence them. After upgrading, follow these steps:</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
dc373962f3 |
Bump sentry-sdk from 2.54.0 to 2.55.0 in /backend (#1620)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 2.54.0 to 2.55.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-python/releases">sentry-sdk's releases</a>.</em></p> <blockquote> <h2>2.55.0</h2> <h3>New Features ✨</h3> <h4>Anthropic</h4> <ul> <li>Record finish reasons in AI monitoring spans by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5678">#5678</a></li> <li>Emit <code>gen_ai.chat</code> spans for asynchronous <code>messages.stream()</code> by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5572">#5572</a></li> <li>Emit AI Client Spans for synchronous <code>messages.stream()</code> by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5565">#5565</a></li> <li>Set gen_ai.response.id span attribute by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5662">#5662</a></li> <li>Add <code>gen_ai.system</code> attribute to spans by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5661">#5661</a></li> </ul> <h4>Pydantic Ai</h4> <ul> <li>Support ImageUrl content type in span instrumentation by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5629">#5629</a></li> <li>Add tool description to execute_tool spans by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5596">#5596</a></li> </ul> <h4>Other</h4> <ul> <li>(crons) Add owner field to MonitorConfig by <a href="https://github.com/julwhitney13"><code>@julwhitney13</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5610">#5610</a></li> <li>(otlp) Add collector_url option to OTLPIntegration by <a href="https://github.com/sl0thentr0py"><code>@sl0thentr0py</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5603">#5603</a></li> </ul> <h3>Bug Fixes 🐛</h3> <ul> <li>(ai) Truncate list-based message content in AI monitoring by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5631">#5631</a></li> <li>(anthropic) Close span on <code>GeneratorExit</code> by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5643">#5643</a></li> <li>(celery) Propagate user-set headers by <a href="https://github.com/sentrivana"><code>@sentrivana</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5581">#5581</a></li> <li>(langchain) Wrap finish_reason in array for gen_ai span attribute by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5666">#5666</a></li> <li>(logging) Fix deadlock in log batcher by <a href="https://github.com/sentrivana"><code>@sentrivana</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5684">#5684</a></li> <li>(profiler) Prevent buffer race condition during rapid start/stop cycles by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5622">#5622</a></li> <li>(utils) Avoid double serialization of strings in safe_serialize by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5587">#5587</a></li> <li>Enable unused import ruff check and fix unused imports by <a href="https://github.com/sentrivana"><code>@sentrivana</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5652">#5652</a></li> </ul> <h3>Documentation 📚</h3> <ul> <li>(openai-agents) Remove inapplicable comment by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5495">#5495</a></li> <li>Add AGENTS.md by <a href="https://github.com/sentrivana"><code>@sentrivana</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5579">#5579</a></li> <li>Add <code>set_attribute</code> example to changelog by <a href="https://github.com/sentrivana"><code>@sentrivana</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5578">#5578</a></li> </ul> <h3>Internal Changes 🔧</h3> <h4>Anthropic</h4> <ul> <li>Check system and response ID attributes on spans created by <code>stream()</code> by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5665">#5665</a></li> <li>Skip accumulation logic for unexpected types in streamed response by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5564">#5564</a></li> <li>Factor out streamed result handling by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5563">#5563</a></li> <li>Stream valid JSON by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5641">#5641</a></li> <li>Stop mocking response iterator by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5573">#5573</a></li> </ul> <h4>Openai Agents</h4> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md">sentry-sdk's changelog</a>.</em></p> <blockquote> <h2>2.55.0</h2> <h3>New Features ✨</h3> <h4>Anthropic</h4> <ul> <li>Record finish reasons in AI monitoring spans by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5678">#5678</a></li> <li>Emit <code>gen_ai.chat</code> spans for asynchronous <code>messages.stream()</code> by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5572">#5572</a></li> <li>Emit AI Client Spans for synchronous <code>messages.stream()</code> by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5565">#5565</a></li> <li>Set gen_ai.response.id span attribute by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5662">#5662</a></li> <li>Add <code>gen_ai.system</code> attribute to spans by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5661">#5661</a></li> </ul> <h4>Pydantic Ai</h4> <ul> <li>Support ImageUrl content type in span instrumentation by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5629">#5629</a></li> <li>Add tool description to execute_tool spans by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5596">#5596</a></li> </ul> <h4>Other</h4> <ul> <li>(crons) Add owner field to MonitorConfig by <a href="https://github.com/julwhitney13"><code>@julwhitney13</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5610">#5610</a></li> <li>(otlp) Add collector_url option to OTLPIntegration by <a href="https://github.com/sl0thentr0py"><code>@sl0thentr0py</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5603">#5603</a></li> </ul> <h3>Bug Fixes 🐛</h3> <ul> <li>(ai) Truncate list-based message content in AI monitoring by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5631">#5631</a></li> <li>(anthropic) Close span on <code>GeneratorExit</code> by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5643">#5643</a></li> <li>(celery) Propagate user-set headers by <a href="https://github.com/sentrivana"><code>@sentrivana</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5581">#5581</a></li> <li>(langchain) Wrap finish_reason in array for gen_ai span attribute by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5666">#5666</a></li> <li>(logging) Fix deadlock in log batcher by <a href="https://github.com/sentrivana"><code>@sentrivana</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5684">#5684</a></li> <li>(profiler) Prevent buffer race condition during rapid start/stop cycles by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5622">#5622</a></li> <li>(utils) Avoid double serialization of strings in safe_serialize by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5587">#5587</a></li> <li>Enable unused import ruff check and fix unused imports by <a href="https://github.com/sentrivana"><code>@sentrivana</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5652">#5652</a></li> </ul> <h3>Documentation 📚</h3> <ul> <li>(openai-agents) Remove inapplicable comment by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5495">#5495</a></li> <li>Add AGENTS.md by <a href="https://github.com/sentrivana"><code>@sentrivana</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5579">#5579</a></li> <li>Add <code>set_attribute</code> example to changelog by <a href="https://github.com/sentrivana"><code>@sentrivana</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5578">#5578</a></li> </ul> <h3>Internal Changes 🔧</h3> <h4>Anthropic</h4> <ul> <li>Check system and response ID attributes on spans created by <code>stream()</code> by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5665">#5665</a></li> <li>Skip accumulation logic for unexpected types in streamed response by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5564">#5564</a></li> <li>Factor out streamed result handling by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5563">#5563</a></li> <li>Stream valid JSON by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5641">#5641</a></li> <li>Stop mocking response iterator by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5573">#5573</a></li> </ul> <h4>Openai Agents</h4> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
a0a8e3a76c |
Bump uvicorn from 0.41.0 to 0.42.0 in /backend (#1611)
Bumps [uvicorn](https://github.com/Kludex/uvicorn) from 0.41.0 to 0.42.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/Kludex/uvicorn/releases">uvicorn's releases</a>.</em></p> <blockquote> <h2>Version 0.42.0</h2> <h2>Changed</h2> <ul> <li>Use <code>bytearray</code> for request body accumulation to avoid O(n^2) allocation on fragmented bodies (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2845">#2845</a>)</li> </ul> <h2>Fixed</h2> <ul> <li>Escape brackets and backslash in httptools <code>HEADER_RE</code> regex (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2824">#2824</a>)</li> <li>Fix multiple issues in websockets sans-io implementation (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2825">#2825</a>)</li> </ul> <hr /> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/bysiber"><code>@bysiber</code></a> made their first contribution in <a href="https://redirect.github.com/Kludex/uvicorn/pull/2825">Kludex/uvicorn#2825</a></li> </ul> <hr /> <p><strong>Full Changelog</strong>: <a href="https://github.com/Kludex/uvicorn/compare/0.41.0...0.42.0">https://github.com/Kludex/uvicorn/compare/0.41.0...0.42.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Kludex/uvicorn/blob/main/docs/release-notes.md">uvicorn's changelog</a>.</em></p> <blockquote> <h2>0.42.0 (March 16, 2026)</h2> <h3>Changed</h3> <ul> <li>Use <code>bytearray</code> for request body accumulation to avoid O(n^2) allocation on fragmented bodies (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2845">#2845</a>)</li> </ul> <h3>Fixed</h3> <ul> <li>Escape brackets and backslash in httptools <code>HEADER_RE</code> regex (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2824">#2824</a>)</li> <li>Fix multiple issues in websockets sans-io implementation (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2825">#2825</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
ebe35f7a5f |
Bump pyrefly from 0.55.0 to 0.56.0 in /backend (#1613)
Bumps [pyrefly](https://github.com/facebook/pyrefly) from 0.55.0 to 0.56.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/facebook/pyrefly/releases">pyrefly's releases</a>.</em></p> <blockquote> <h2>v0.56.0</h2> <h1>Pyrefly v0.56.0</h1> <p><strong>Status : Beta</strong><br /> <em>Release date: March 09, 2026</em><br /> Pyrefly v0.56.0 bundles <strong>248 commits</strong> from <strong>22 contributors</strong>.</p> <hr /> <h2>✨ New & Improved</h2> <table> <thead> <tr> <th align="left">Area</th> <th align="left">What’s new</th> </tr> </thead> <tbody> <tr> <td align="left"><strong>Type Checking</strong></td> <td align="left">- Limit the width of inferred return types to prevent large unions. <!-- raw HTML omitted --><!-- raw HTML omitted -->- Comparison checks involving <code>Any</code> now yields <code>Any</code> (not <code>bool</code>), matching gradual typing expectations and avoiding overly-confident boolean results</td> </tr> <tr> <td align="left"><strong>Language Server</strong></td> <td align="left">- IDE <code>diagnosticMode</code> now includes an experimental workspace mode. When set to <code>workspace</code>, Pyrefly publishes diagnostics for all files in a project once any file from that project is opened. <!-- raw HTML omitted --><!-- raw HTML omitted -->- Support added for the TSP <code>typeServer</code>/<code>getPythonSearchPaths</code> message. <!-- raw HTML omitted --><!-- raw HTML omitted --> - Relative imports now work for go-to-definition and completions (including site-packages), reducing “can’t resolve import” / missing navigation cases</td> </tr> <tr> <td align="left"><strong>Type Errors</strong></td> <td align="left">- Default severities have been tuned to reduce noise: <code>implicit-import</code> errors downgraded to warning; <code>unreachable</code> and <code>redundant-condition</code> errors default to warning (are configurable back to errors if desired) <!-- raw HTML omitted --><!-- raw HTML omitted -->- New error code `non-convergent-recursion`, <a href="http://non-convergent-recursion">read the docs</a></td> </tr> <tr> <td align="left"><strong>Performance Improvements</strong></td> <td align="left">- Added dedicated thread pool for LSP operations to prevent blocking main thread during rechecks</td> </tr> </tbody> </table> <hr /> <h2>🐛 bug fixes</h2> <p>We closed 33 bug issues this release 👏</p> <ul> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2612">#2612</a>: Fixed an issue where lambda expressions with default parameters were not recognized in missing-argument checks.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2605">#2605</a>: Fixed a false positive error in an untyped classmethod with *args.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2385">#2385</a>: Prevented builtins wildcard imports from shadowing existing definitions during static scope setup.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2618">#2618</a>: Fixed a <code>StrEnum</code> classmethod being treated as enum members.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2590">#2590</a>: Blocked subscripting generic functions/callables to prevent unsupported operations.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2514">#2514</a>: Fixed a <code>not-callable</code> false positive with enum methods.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2609">#2609</a>: Fixed a <code>bad-param-name-override</code> false positive for <code>Sequence.__contains__</code>.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2668">#2668</a>: Fixed dict.setdefault on an unpinned dict always making the dict nullable.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2527">#2527</a>: Fixed a <code>no-matching-overload</code> issue related to nested type aliases.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2543">#2543</a>: Fixed a problem when using <code>class</code> definition on top of a <code>ClassVar</code>.</li> <li>And more!</li> </ul> <p>Thank-you to all our contributors who found these bugs and reported them! Did you know this is one of the most helpful contributions you can make to an open-source project? If you find any bugs in Pyrefly we want to know about them! Please open a bug report issue <a href="https://github.com/facebook/pyrefly/issues">here</a></p> <hr /> <h2>📦 Upgrade</h2> <pre lang="shell"><code>pip install --upgrade pyrefly==0.56.0 </code></pre> <h3>How to safely upgrade your codebase</h3> <p>Upgrading the version of Pyrefly you're using or a third-party library you depend on can reveal new type errors in your code. Fixing them all at once is often unrealistic. We've written scripts to help you temporarily silence them. After upgrading, follow these steps:</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
9da1ce592b |
Bump pyjwt from 2.11.0 to 2.12.0 in /backend (#1607)
Bumps [pyjwt](https://github.com/jpadilla/pyjwt) from 2.11.0 to 2.12.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/jpadilla/pyjwt/releases">pyjwt's releases</a>.</em></p> <blockquote> <h2>2.12.0</h2> <h2>Security</h2> <ul> <li>Validate the crit (Critical) Header Parameter defined in RFC 7515 §4.1.11. by <a href="https://github.com/dmbs335"><code>@dmbs335</code></a> in <a href="https://github.com/jpadilla/pyjwt/security/advisories/GHSA-752w-5fwx-jx9f">GHSA-752w-5fwx-jx9f</a></li> </ul> <h2>What's Changed</h2> <ul> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a>[bot] in <a href="https://redirect.github.com/jpadilla/pyjwt/pull/1132">jpadilla/pyjwt#1132</a></li> <li>chore(docs): fix docs build by <a href="https://github.com/tamird"><code>@tamird</code></a> in <a href="https://redirect.github.com/jpadilla/pyjwt/pull/1137">jpadilla/pyjwt#1137</a></li> <li>Annotate PyJWKSet.keys for pyright by <a href="https://github.com/tamird"><code>@tamird</code></a> in <a href="https://redirect.github.com/jpadilla/pyjwt/pull/1134">jpadilla/pyjwt#1134</a></li> <li>fix: close HTTPError to prevent ResourceWarning on Python 3.14 by <a href="https://github.com/veeceey"><code>@veeceey</code></a> in <a href="https://redirect.github.com/jpadilla/pyjwt/pull/1133">jpadilla/pyjwt#1133</a></li> <li>chore: remove superfluous constants by <a href="https://github.com/tamird"><code>@tamird</code></a> in <a href="https://redirect.github.com/jpadilla/pyjwt/pull/1136">jpadilla/pyjwt#1136</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a>[bot] in <a href="https://redirect.github.com/jpadilla/pyjwt/pull/1135">jpadilla/pyjwt#1135</a></li> <li>chore(tests): enable mypy by <a href="https://github.com/tamird"><code>@tamird</code></a> in <a href="https://redirect.github.com/jpadilla/pyjwt/pull/1138">jpadilla/pyjwt#1138</a></li> <li>Bump actions/download-artifact from 7 to 8 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/jpadilla/pyjwt/pull/1142">jpadilla/pyjwt#1142</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a>[bot] in <a href="https://redirect.github.com/jpadilla/pyjwt/pull/1141">jpadilla/pyjwt#1141</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a>[bot] in <a href="https://redirect.github.com/jpadilla/pyjwt/pull/1145">jpadilla/pyjwt#1145</a></li> <li>fix: do not store reference to algorithms dict on PyJWK by <a href="https://github.com/akx"><code>@akx</code></a> in <a href="https://redirect.github.com/jpadilla/pyjwt/pull/1143">jpadilla/pyjwt#1143</a></li> <li>Use PyJWK algorithm when encoding without explicit algorithm by <a href="https://github.com/jpadilla"><code>@jpadilla</code></a> in <a href="https://redirect.github.com/jpadilla/pyjwt/pull/1148">jpadilla/pyjwt#1148</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/tamird"><code>@tamird</code></a> made their first contribution in <a href="https://redirect.github.com/jpadilla/pyjwt/pull/1137">jpadilla/pyjwt#1137</a></li> <li><a href="https://github.com/veeceey"><code>@veeceey</code></a> made their first contribution in <a href="https://redirect.github.com/jpadilla/pyjwt/pull/1133">jpadilla/pyjwt#1133</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/jpadilla/pyjwt/compare/2.11.0...2.12.0">https://github.com/jpadilla/pyjwt/compare/2.11.0...2.12.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst">pyjwt's changelog</a>.</em></p> <blockquote> <h2><code>v2.12.0 <https://github.com/jpadilla/pyjwt/compare/2.11.0...2.12.0></code>__</h2> <p>Fixed</p> <pre><code> - Annotate PyJWKSet.keys for pyright by @tamird in `[#1134](https://github.com/jpadilla/pyjwt/issues/1134) <https://github.com/jpadilla/pyjwt/pull/1134>`__ - Close ``HTTPError`` response to prevent ``ResourceWarning`` on Python 3.14 by @veeceey in `[#1133](https://github.com/jpadilla/pyjwt/issues/1133) <https://github.com/jpadilla/pyjwt/pull/1133>`__ - Do not keep ``algorithms`` dict in PyJWK instances by @akx in `[#1143](https://github.com/jpadilla/pyjwt/issues/1143) <https://github.com/jpadilla/pyjwt/pull/1143>`__ - Validate the crit (Critical) Header Parameter defined in RFC 7515 §4.1.11. by @dmbs335 in `GHSA-752w-5fwx-jx9f <https://github.com/jpadilla/pyjwt/security/advisories/GHSA-752w-5fwx-jx9f>`__ - Use PyJWK algorithm when encoding without explicit algorithm in `[#1148](https://github.com/jpadilla/pyjwt/issues/1148) <https://github.com/jpadilla/pyjwt/pull/1148>`__ <p>Added </code></pre></p> <ul> <li>Docs: Add <code>PyJWKClient</code> API reference and document the two-tier caching system (JWK Set cache and signing key LRU cache).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
ada800195f |
Bump vulture from 2.14 to 2.15 in /backend (#1604)
Bumps [vulture](https://github.com/jendrikseipp/vulture) from 2.14 to 2.15. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/jendrikseipp/vulture/releases">vulture's releases</a>.</em></p> <blockquote> <h2>v2.15</h2> <p>2.15 (2026-03-04)</p> <ul> <li>Handle <code>while True</code> loops without <code>break</code> statements (kreathon).</li> <li>Add whitelist for <code>ssl.SSLContext</code> (tunnelsociety, <a href="https://redirect.github.com/jendrikseipp/vulture/issues/392">#392</a>).</li> <li>Add more ruff rules (even-even).</li> <li>Drop support for Python 3.8 (Jendrik Seipp, <a href="https://redirect.github.com/jendrikseipp/vulture/issues/398">#398</a>).</li> <li>Add support for Python 3.14 (even-even).</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/jendrikseipp/vulture/blob/main/CHANGELOG.md">vulture's changelog</a>.</em></p> <blockquote> <h1>2.15 (2026-03-04)</h1> <ul> <li>Handle <code>while True</code> loops without <code>break</code> statements (kreathon).</li> <li>Add whitelist for <code>ssl.SSLContext</code> (tunnelsociety, <a href="https://redirect.github.com/jendrikseipp/vulture/issues/392">#392</a>).</li> <li>Add more ruff rules (even-even).</li> <li>Drop support for Python 3.8 (Jendrik Seipp, <a href="https://redirect.github.com/jendrikseipp/vulture/issues/398">#398</a>).</li> <li>Add support for Python 3.14 (even-even).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
f8075f94d1 |
Bump fastapi-sso from 0.20.0 to 0.21.0 in /backend (#1591)
Bumps [fastapi-sso](https://github.com/tomasvotava/fastapi-sso) from 0.20.0 to 0.21.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tomasvotava/fastapi-sso/releases">fastapi-sso's releases</a>.</em></p> <blockquote> <h2>0.21.0</h2> <h2>What's Changed</h2> <ul> <li>feat: remove python 3.9 support, add python 3.14 support by <a href="https://github.com/tomasvotava"><code>@tomasvotava</code></a> in <a href="https://redirect.github.com/tomasvotava/fastapi-sso/pull/274">tomasvotava/fastapi-sso#274</a></li> <li>chore(deps): bump the all group with 6 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tomasvotava/fastapi-sso/pull/275">tomasvotava/fastapi-sso#275</a></li> <li>chore(deps): bump the all group across 1 directory with 7 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tomasvotava/fastapi-sso/pull/277">tomasvotava/fastapi-sso#277</a></li> <li>Added tidal and apple providers by <a href="https://github.com/john-9474"><code>@john-9474</code></a> in <a href="https://redirect.github.com/tomasvotava/fastapi-sso/pull/278">tomasvotava/fastapi-sso#278</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/tomasvotava/fastapi-sso/compare/0.20.0...0.21.0">https://github.com/tomasvotava/fastapi-sso/compare/0.20.0...0.21.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
17db0a9e6e |
Bump pyrefly from 0.54.0 to 0.55.0 in /backend (#1590)
Bumps [pyrefly](https://github.com/facebook/pyrefly) from 0.54.0 to 0.55.0. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
f0a1c1fe99 |
Bump sentry-sdk from 2.53.0 to 2.54.0 in /backend (#1588)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 2.53.0 to 2.54.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-python/releases">sentry-sdk's releases</a>.</em></p> <blockquote> <h2>2.54.0</h2> <h3>New Features ✨</h3> <ul> <li>Add <code>set_attribute</code>, <code>remove_attribute</code> to global API by <a href="https://github.com/sentrivana"><code>@sentrivana</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5555">#5555</a></li> </ul> <h3>Bug Fixes 🐛</h3> <h4>Openai</h4> <ul> <li>Attach response model with streamed Completions API by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5557">#5557</a></li> <li>Attach response model with streamed Responses API by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5554">#5554</a></li> <li>Avoid consuming iterables passed to the Completions API by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5489">#5489</a></li> <li>Avoid consuming iterables passed to the Embeddings API by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5491">#5491</a></li> </ul> <h4>Other</h4> <ul> <li>(anthropic) Fix token accounting by <a href="https://github.com/shellmayr"><code>@shellmayr</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5490">#5490</a></li> <li>(google-genai) Remove agent spans for simple requests by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5443">#5443</a></li> <li>(grpc) Read method from handler_call_details for grpcio >= 1.76 compat by <a href="https://github.com/yeung108"><code>@yeung108</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5521">#5521</a></li> <li>(httpx) Correctly append baggage in async client by <a href="https://github.com/sentrivana"><code>@sentrivana</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5530">#5530</a></li> <li>(pydantic-ai) Adapt to missing <code>ToolManager._call_tool</code> by <a href="https://github.com/sentrivana"><code>@sentrivana</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5522">#5522</a></li> <li>(utils) Use HEROKU_BUILD_COMMIT env var for default release by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5499">#5499</a></li> <li>(wsgi) Do not wrap file responses when uWSGI offload-threads is enabled by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5556">#5556</a></li> </ul> <h3>Documentation 📚</h3> <ul> <li>Add troubleshooting note for editable installs with uWSGI by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5552">#5552</a></li> <li>Add debugging advice by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5517">#5517</a></li> <li>New integration guide by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5476">#5476</a></li> </ul> <h3>Internal Changes 🔧</h3> <h4>Agents</h4> <ul> <li>Add security-review skill to agent configuration by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5498">#5498</a></li> <li>Add sentry skills to be used by warden in CI reviews by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5485">#5485</a></li> </ul> <h4>Openai</h4> <ul> <li>Only handle streamed results when applicable by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5553">#5553</a></li> <li>Extract input in API-specific functions by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5546">#5546</a></li> <li>Separate output handling by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5543">#5543</a></li> </ul> <h4>Openai Agents</h4> <ul> <li>Remove <code>set_data_normalized</code> for primitive attributes by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5509">#5509</a></li> <li>Expect new tool fields by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5471">#5471</a></li> </ul> <h4>Other</h4> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md">sentry-sdk's changelog</a>.</em></p> <blockquote> <h2>2.54.0</h2> <h3>New Features ✨</h3> <ul> <li>Add <code>set_attribute</code>, <code>remove_attribute</code> to global API by <a href="https://github.com/sentrivana"><code>@sentrivana</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5555">#5555</a></li> </ul> <h3>Bug Fixes 🐛</h3> <h4>Openai</h4> <ul> <li>Attach response model with streamed Completions API by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5557">#5557</a></li> <li>Attach response model with streamed Responses API by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5554">#5554</a></li> <li>Avoid consuming iterables passed to the Completions API by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5489">#5489</a></li> <li>Avoid consuming iterables passed to the Embeddings API by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5491">#5491</a></li> </ul> <h4>Other</h4> <ul> <li>(anthropic) Fix token accounting by <a href="https://github.com/shellmayr"><code>@shellmayr</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5490">#5490</a></li> <li>(google-genai) Remove agent spans for simple requests by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5443">#5443</a></li> <li>(grpc) Read method from handler_call_details for grpcio >= 1.76 compat by <a href="https://github.com/yeung108"><code>@yeung108</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5521">#5521</a></li> <li>(httpx) Correctly append baggage in async client by <a href="https://github.com/sentrivana"><code>@sentrivana</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5530">#5530</a></li> <li>(pydantic-ai) Adapt to missing <code>ToolManager._call_tool</code> by <a href="https://github.com/sentrivana"><code>@sentrivana</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5522">#5522</a></li> <li>(utils) Use HEROKU_BUILD_COMMIT env var for default release by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5499">#5499</a></li> <li>(wsgi) Do not wrap file responses when uWSGI offload-threads is enabled by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5556">#5556</a></li> </ul> <h3>Documentation 📚</h3> <ul> <li>Add troubleshooting note for editable installs with uWSGI by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5552">#5552</a></li> <li>Add debugging advice by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5517">#5517</a></li> <li>New integration guide by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5476">#5476</a></li> </ul> <h3>Internal Changes 🔧</h3> <h4>Agents</h4> <ul> <li>Add security-review skill to agent configuration by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5498">#5498</a></li> <li>Add sentry skills to be used by warden in CI reviews by <a href="https://github.com/ericapisani"><code>@ericapisani</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5485">#5485</a></li> </ul> <h4>Openai</h4> <ul> <li>Only handle streamed results when applicable by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5553">#5553</a></li> <li>Extract input in API-specific functions by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5546">#5546</a></li> <li>Separate output handling by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5543">#5543</a></li> </ul> <h4>Openai Agents</h4> <ul> <li>Remove <code>set_data_normalized</code> for primitive attributes by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5509">#5509</a></li> <li>Expect new tool fields by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5471">#5471</a></li> </ul> <h4>Other</h4> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
b1b3ee98db |
Bump pyrefly from 0.52.0 to 0.54.0 in /backend (#1575)
Bumps [pyrefly](https://github.com/facebook/pyrefly) from 0.52.0 to 0.54.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/facebook/pyrefly/releases">pyrefly's releases</a>.</em></p> <blockquote> <h2>Pyrefly v0.53.0</h2> <h1>Pyrefly 0.53.0</h1> <p><strong>Status : BETA</strong><br /> <em>Release date: 17 February 2026</em></p> <p>pyrefly 0.53.0 bundles <strong>245 commits</strong> from <strong>27 contributors</strong>.</p> <hr /> <h1>✨ New & Improved</h1> <table> <thead> <tr> <th align="left">Area</th> <th align="left">What’s new</th> </tr> </thead> <tbody> <tr> <td align="left"><strong>Type Checking</strong></td> <td align="left">- Recursive type aliases now supported, so you can define type aliases that reference themselves, and Pyrefly will correctly resolve and type-check them <!-- raw HTML omitted --><!-- raw HTML omitted -->- Error is now raised when <code>Self</code> is used in certain invalid locations (outside a class, in a static method within a class, in a metaclass) <!-- raw HTML omitted --><!-- raw HTML omitted -->- Pyrefly now supports the idiom class <code>Foo(namedtuple("Bar", ...))</code>, matching CPython and Mypy behavior <!-- raw HTML omitted --><!-- raw HTML omitted -->- Pyrefly will now warn you if a protocol’s type variable is used in a way that doesn’t match its declared variance</td> </tr> <tr> <td align="left"><strong>Language Server</strong></td> <td align="left">- Completion suggestions are now ranked based on most recently used (MRU) items <!-- raw HTML omitted --><!-- raw HTML omitted -->- Auto-import completions and unknown-name quick fixes now honor common aliases (e.g. <code>import numpy as np</code>) <!-- raw HTML omitted --><!-- raw HTML omitted -->- Improved error messages for signature mismatches, including ASCII-style diffs and normalized function names for clarity</td> </tr> <tr> <td align="left"><strong>Config</strong></td> <td align="left">- JSON schemas added for <code>pyrefly.toml</code> and <code>pyproject.toml</code> to enable editor features like auto-completion and validation</td> </tr> <tr> <td align="left"><strong>Performance</strong></td> <td align="left">- Pyrefly uses ~26% less CPU when tested typechecking the whole Pytorch codebase on M1 Pro MacBook with 10 cores</td> </tr> </tbody> </table> <hr /> <h1>🐛 bug fixes</h1> <p>We closed 17 bug issues this release 👏</p> <ul> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/949">#949</a> - Lambdas with <code>yield</code> or <code>yield from</code> are now correctly inferred as generator-returning callables.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2407">#2407</a> - <code>Literal</code> imported via <code>try/except</code> is now recognized as a special form, preventing spurious unknown-name errors</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2375">#2375</a> - Methods overriding base class methods no longer trigger false positive errors for missing <code>@override</code> decorators.</li> <li><a href="https://redirect.github.com/facebook/pyrefly/issues/2327">#2327</a> - The first parameter of class methods is now correctly handled regardless of its name.</li> <li>And more - <a href="https://redirect.github.com/facebook/pyrefly/issues/1754">#1754</a>, <a href="https://redirect.github.com/facebook/pyrefly/issues/1383">#1383</a>, <a href="https://redirect.github.com/facebook/pyrefly/issues/1790">#1790</a>, <a href="https://redirect.github.com/facebook/pyrefly/issues/2350">#2350</a>, <a href="https://redirect.github.com/facebook/pyrefly/issues/2369">#2369</a>, <a href="https://redirect.github.com/facebook/pyrefly/issues/2371">#2371</a>, <a href="https://redirect.github.com/facebook/pyrefly/issues/2392">#2392</a>, <a href="https://redirect.github.com/facebook/pyrefly/issues/2335">#2335</a>, <a href="https://redirect.github.com/facebook/pyrefly/issues/259">#259</a>, <a href="https://redirect.github.com/facebook/pyrefly/issues/254">#254</a>, <a href="https://redirect.github.com/facebook/pyrefly/issues/1778">#1778</a>, <a href="https://redirect.github.com/facebook/pyrefly/issues/2116">#2116</a>, <a href="https://redirect.github.com/facebook/pyrefly/issues/2302">#2302</a></li> </ul> <p>Thank-you to all our contributors who found these bugs and reported them! Did you know this is one of the most helpful contributions you can make to an open-source project? If you find any bugs in Pyrefly we want to know about them! Please open a bug report issue <a href="https://github.com/facebook/pyrefly/issues">here</a></p> <hr /> <h1>📦 Upgrade</h1> <pre><code>pip install --upgrade pyrefly==0.53.0 </code></pre> <h2>How to safely upgrade your codebase</h2> <p>Upgrading the version of Pyrefly you're using or a third-party library you depend on can reveal new type errors in your code. Fixing them all at once is often unrealistic. We've written scripts to help you temporarily silence them. After upgrading, follow these steps:</p> <ol> <li><code>pyrefly check --suppress-errors</code></li> <li>run your code formatter of choice</li> <li><code>pyrefly check --remove-unused-ignores</code></li> <li>Repeat until you achieve a clean formatting run and a clean type check.</li> </ol> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
218b0471ab |
Bump uvicorn from 0.40.0 to 0.41.0 in /backend (#1567)
Bumps [uvicorn](https://github.com/Kludex/uvicorn) from 0.40.0 to 0.41.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/Kludex/uvicorn/releases">uvicorn's releases</a>.</em></p> <blockquote> <h2>Version 0.41.0</h2> <h2>Added</h2> <ul> <li>Add <code>--limit-max-requests-jitter</code> to stagger worker restarts (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2707">#2707</a>)</li> <li>Add socket path to <code>scope["server"]</code> (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2561">#2561</a>)</li> </ul> <h2>Changed</h2> <ul> <li>Rename <code>LifespanOn.error_occured</code> to <code>error_occurred</code> (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2776">#2776</a>)</li> </ul> <h2>Fixed</h2> <ul> <li>Ignore permission denied errors in watchfiles reloader (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2817">#2817</a>)</li> <li>Ensure lifespan shutdown runs when <code>should_exit</code> is set during startup (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2812">#2812</a>)</li> <li>Reduce the log level of 'request limit exceeded' messages (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2788">#2788</a>)</li> </ul> <hr /> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/t-kawasumi"><code>@t-kawasumi</code></a> made their first contribution in <a href="https://redirect.github.com/Kludex/uvicorn/pull/2776">Kludex/uvicorn#2776</a></li> <li><a href="https://github.com/fardyn"><code>@fardyn</code></a> made their first contribution in <a href="https://redirect.github.com/Kludex/uvicorn/pull/2800">Kludex/uvicorn#2800</a></li> <li><a href="https://github.com/ewie"><code>@ewie</code></a> made their first contribution in <a href="https://redirect.github.com/Kludex/uvicorn/pull/2807">Kludex/uvicorn#2807</a></li> <li><a href="https://github.com/shevron"><code>@shevron</code></a> made their first contribution in <a href="https://redirect.github.com/Kludex/uvicorn/pull/2788">Kludex/uvicorn#2788</a></li> <li><a href="https://github.com/jonashaag"><code>@jonashaag</code></a> made their first contribution in <a href="https://redirect.github.com/Kludex/uvicorn/pull/2707">Kludex/uvicorn#2707</a></li> </ul> <hr /> <p><strong>Full Changelog</strong>: <a href="https://github.com/Kludex/uvicorn/compare/0.40.0...0.41.0">https://github.com/Kludex/uvicorn/compare/0.40.0...0.41.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Kludex/uvicorn/blob/main/docs/release-notes.md">uvicorn's changelog</a>.</em></p> <blockquote> <h2>0.41.0 (February 16, 2026)</h2> <h3>Added</h3> <ul> <li>Add <code>--limit-max-requests-jitter</code> to stagger worker restarts (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2707">#2707</a>)</li> <li>Add socket path to <code>scope["server"]</code> (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2561">#2561</a>)</li> </ul> <h3>Changed</h3> <ul> <li>Rename <code>LifespanOn.error_occured</code> to <code>error_occurred</code> (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2776">#2776</a>)</li> </ul> <h3>Fixed</h3> <ul> <li>Ignore permission denied errors in watchfiles reloader (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2817">#2817</a>)</li> <li>Ensure lifespan shutdown runs when <code>should_exit</code> is set during startup (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2812">#2812</a>)</li> <li>Reduce the log level of 'request limit exceeded' messages (<a href="https://redirect.github.com/Kludex/uvicorn/issues/2788">#2788</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
cc6e5db260 |
Bump gunicorn from 25.0.1 to 25.1.0 in /backend (#1566)
Bumps [gunicorn](https://github.com/benoitc/gunicorn) from 25.0.1 to 25.1.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/benoitc/gunicorn/releases">gunicorn's releases</a>.</em></p> <blockquote> <h2>Gunicorn 25.1.0</h2> <h3>New Features</h3> <ul> <li> <p><strong>Control Interface (gunicornc)</strong>: Add interactive control interface for managing running Gunicorn instances, similar to birdc for BIRD routing daemon ([PR <a href="https://redirect.github.com/benoitc/gunicorn/issues/3505">#3505</a>](<a href="https://redirect.github.com/benoitc/gunicorn/pull/3505">benoitc/gunicorn#3505</a>))</p> <ul> <li>Unix socket-based communication with JSON protocol</li> <li>Interactive mode with readline support and command history</li> <li>Commands: <code>show all/workers/dirty/config/stats/listeners</code></li> <li>Worker management: <code>worker add/remove/kill</code>, <code>dirty add/remove</code></li> <li>Server control: <code>reload</code>, <code>reopen</code>, <code>shutdown</code></li> <li>New settings: <code>--control-socket</code>, <code>--control-socket-mode</code>, <code>--no-control-socket</code></li> <li>New CLI tool: <code>gunicornc</code> for connecting to control socket</li> <li>See <a href="https://gunicorn.org/guides/gunicornc/">Control Interface Guide</a> for details</li> </ul> </li> <li> <p><strong>Dirty Stash</strong>: Add global shared state between workers via <code>dirty.stash</code> ([PR <a href="https://redirect.github.com/benoitc/gunicorn/issues/3503">#3503</a>](<a href="https://redirect.github.com/benoitc/gunicorn/pull/3503">benoitc/gunicorn#3503</a>))</p> <ul> <li>In-memory key-value store accessible by all workers</li> <li>Supports get, set, delete, clear, keys, and has operations</li> <li>Useful for sharing state like feature flags, rate limits, or cached data</li> </ul> </li> <li> <p><strong>Dirty Binary Protocol</strong>: Implement efficient binary protocol for dirty arbiter IPC using TLV (Type-Length-Value) encoding ([PR <a href="https://redirect.github.com/benoitc/gunicorn/issues/3500">#3500</a>](<a href="https://redirect.github.com/benoitc/gunicorn/pull/3500">benoitc/gunicorn#3500</a>))</p> <ul> <li>More efficient than JSON for binary data</li> <li>Supports all Python types: str, bytes, int, float, bool, None, list, dict</li> <li>Better performance for large payloads</li> </ul> </li> <li> <p><strong>Dirty TTIN/TTOU Signals</strong>: Add dynamic worker scaling for dirty arbiters ([PR <a href="https://redirect.github.com/benoitc/gunicorn/issues/3504">#3504</a>](<a href="https://redirect.github.com/benoitc/gunicorn/pull/3504">benoitc/gunicorn#3504</a>))</p> <ul> <li>Send SIGTTIN to increase dirty workers</li> <li>Send SIGTTOU to decrease dirty workers</li> <li>Respects minimum worker constraints from app configurations</li> </ul> </li> </ul> <h3>Changes</h3> <ul> <li><strong>ASGI Worker</strong>: Promoted from beta to stable</li> <li><strong>Dirty Arbiters</strong>: Now marked as beta feature</li> </ul> <h3>Documentation</h3> <ul> <li>Fix Markdown formatting in /configure documentation</li> </ul> <h2>25.0.3</h2> <h2>What's Changed</h2> <h3>Bug Fixes</h3> <ul> <li>Fix RuntimeError when StopIteration raised in ASGI coroutine (<a href="https://redirect.github.com/benoitc/gunicorn/issues/3484">#3484</a>)</li> <li>Fix passing maxsplit in re.split() as positional argument (deprecated in Python 3.13)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
ae3e75764a |
Bump sentry-sdk from 2.52.0 to 2.53.0 in /backend (#1565)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 2.52.0 to 2.53.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-python/releases">sentry-sdk's releases</a>.</em></p> <blockquote> <h2>2.53.0</h2> <h3>Bug Fixes 🐛</h3> <h4>Openai Agents</h4> <ul> <li>Patch <code>execute_final_output()</code> functions following library refactor by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5453">#5453</a></li> <li>Patch <code>execute_handoffs()</code> functions following library refactor by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5452">#5452</a></li> <li>Patch <code>run_single_turn_streamed()</code> functions following library refactor by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5451">#5451</a></li> <li>Patch <code>run_single_turn()</code> functions following library refactor by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5450">#5450</a></li> <li>Patch models functions following library refactor by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5449">#5449</a></li> <li>Patch tool functions following library refactor by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5445">#5445</a></li> </ul> <h4>Other</h4> <ul> <li>Close the connection we're reading driver_type from by <a href="https://github.com/sentrivana"><code>@sentrivana</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5427">#5427</a></li> </ul> <h3>Documentation 📚</h3> <ul> <li>Document <code>openai-agents</code> control-flow by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5447">#5447</a></li> </ul> <h3>Internal Changes 🔧</h3> <h4>Openai Agents</h4> <ul> <li>New tool field and library error log by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5454">#5454</a></li> <li>Avoid calling SDK-internal functions by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5437">#5437</a></li> </ul> <h4>Other</h4> <ul> <li>Improve Craft config with title stripping and artifact filtering by <a href="https://github.com/BYK"><code>@BYK</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5444">#5444</a></li> <li>Use fixed clickhouse action, remove aws-sam-cli dependency by <a href="https://github.com/sentrivana"><code>@sentrivana</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5457">#5457</a></li> <li>Remove references to unsupported attribute types by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5425">#5425</a></li> <li>Pin setuptools for linting and chalice tests by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5438">#5438</a></li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md">sentry-sdk's changelog</a>.</em></p> <blockquote> <h2>2.53.0</h2> <h3>Bug Fixes 🐛</h3> <h4>Openai Agents</h4> <ul> <li>Patch <code>execute_final_output()</code> functions following library refactor by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5453">#5453</a></li> <li>Patch <code>execute_handoffs()</code> functions following library refactor by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5452">#5452</a></li> <li>Patch <code>run_single_turn_streamed()</code> functions following library refactor by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5451">#5451</a></li> <li>Patch <code>run_single_turn()</code> functions following library refactor by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5450">#5450</a></li> <li>Patch models functions following library refactor by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5449">#5449</a></li> <li>Patch tool functions following library refactor by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5445">#5445</a></li> </ul> <h4>Other</h4> <ul> <li>Close the connection we're reading driver_type from by <a href="https://github.com/sentrivana"><code>@sentrivana</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5427">#5427</a></li> </ul> <h3>Documentation 📚</h3> <ul> <li>Document <code>openai-agents</code> control-flow by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5447">#5447</a></li> </ul> <h3>Internal Changes 🔧</h3> <h4>Openai Agents</h4> <ul> <li>New tool field and library error log by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5454">#5454</a></li> <li>Avoid calling SDK-internal functions by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5437">#5437</a></li> </ul> <h4>Other</h4> <ul> <li>Improve Craft config with title stripping and artifact filtering by <a href="https://github.com/BYK"><code>@BYK</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5444">#5444</a></li> <li>Use fixed clickhouse action, remove aws-sam-cli dependency by <a href="https://github.com/sentrivana"><code>@sentrivana</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5457">#5457</a></li> <li>Remove references to unsupported attribute types by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5425">#5425</a></li> <li>Pin setuptools for linting and chalice tests by <a href="https://github.com/alexander-alderman-webb"><code>@alexander-alderman-webb</code></a> in <a href="https://redirect.github.com/getsentry/sentry-python/pull/5438">#5438</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
8747e1727e |
Bump pydantic-settings from 2.12.0 to 2.13.0 in /backend (#1564)
Bumps [pydantic-settings](https://github.com/pydantic/pydantic-settings) from 2.12.0 to 2.13.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pydantic/pydantic-settings/releases">pydantic-settings's releases</a>.</em></p> <blockquote> <h2>v2.13.0</h2> <h2>What's Changed</h2> <ul> <li>fix: Deterministic alias selection when using validate_by_name by <a href="https://github.com/chbndrhnns"><code>@chbndrhnns</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/707">pydantic/pydantic-settings#707</a></li> <li>add deep merge functionality to config file sources by <a href="https://github.com/pmeier"><code>@pmeier</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/698">pydantic/pydantic-settings#698</a></li> <li>Add support for AWS Secrets Manager VersionId parameter by <a href="https://github.com/jcyamacho"><code>@jcyamacho</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/708">pydantic/pydantic-settings#708</a></li> <li>bugfix: Return <code>None</code> for inaccessible GCP Secret Manager secrets by <a href="https://github.com/zaphod72"><code>@zaphod72</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/712">pydantic/pydantic-settings#712</a></li> <li>Bugfix for cli_kebab_case="all" and CliImplicitFlag[bool] by <a href="https://github.com/Digity101"><code>@Digity101</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/702">pydantic/pydantic-settings#702</a></li> <li>Unpack type alisases when looking for <code>NoDecode</code> by <a href="https://github.com/tselepakis"><code>@tselepakis</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/695">pydantic/pydantic-settings#695</a></li> <li>CliToggleFlag and CliDualFlag by <a href="https://github.com/kschwab"><code>@kschwab</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/717">pydantic/pydantic-settings#717</a></li> <li>Fix for CLI duplicate enum field values. by <a href="https://github.com/kschwab"><code>@kschwab</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/722">pydantic/pydantic-settings#722</a></li> <li>fixed load nested config from env by <a href="https://github.com/Sube-py"><code>@Sube-py</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/723">pydantic/pydantic-settings#723</a></li> <li>Add non-Path files support (for example Traversable) and open files using Path.open method by <a href="https://github.com/mahenzon"><code>@mahenzon</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/724">pydantic/pydantic-settings#724</a></li> <li>add one more traversable test by <a href="https://github.com/mahenzon"><code>@mahenzon</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/725">pydantic/pydantic-settings#725</a></li> <li>CLI fix fox external list args. by <a href="https://github.com/kschwab"><code>@kschwab</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/727">pydantic/pydantic-settings#727</a></li> <li>fix: handle case-insensitive retrieval in GoogleSecretManagerSettingsSource by <a href="https://github.com/ezwiefel"><code>@ezwiefel</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/730">pydantic/pydantic-settings#730</a></li> <li>CLI test fixes for help text formatting. by <a href="https://github.com/kschwab"><code>@kschwab</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/735">pydantic/pydantic-settings#735</a></li> <li>Avoid conflicts with the <code>NAME</code> environment variable in WSL by <a href="https://github.com/kzrnm"><code>@kzrnm</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/747">pydantic/pydantic-settings#747</a></li> <li>fix: When restoring init kwargs, use deterministic order by <a href="https://github.com/chbndrhnns"><code>@chbndrhnns</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/746">pydantic/pydantic-settings#746</a></li> <li>Add env_prefix_target by <a href="https://github.com/kzrnm"><code>@kzrnm</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/749">pydantic/pydantic-settings#749</a></li> <li>Remove <code>(default: …)</code> in the help message for <code>CliToggleFlag</code> by <a href="https://github.com/kzrnm"><code>@kzrnm</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/740">pydantic/pydantic-settings#740</a></li> <li>Add support for CLI serialize styles. by <a href="https://github.com/kschwab"><code>@kschwab</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/755">pydantic/pydantic-settings#755</a></li> <li>Add support for overriding default help on CLI internal parser. by <a href="https://github.com/kschwab"><code>@kschwab</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/758">pydantic/pydantic-settings#758</a></li> <li>CLI format_help method support by <a href="https://github.com/kschwab"><code>@kschwab</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/759">pydantic/pydantic-settings#759</a></li> <li>feat(gcp): support SecretVersion annotation for per-field secret versioning by <a href="https://github.com/ezwiefel"><code>@ezwiefel</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/763">pydantic/pydantic-settings#763</a></li> <li>Allow <code>snake_case_conversion</code> with <code>env_prefix</code> for Azure Key Vault source by <a href="https://github.com/cstarkers"><code>@cstarkers</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/762">pydantic/pydantic-settings#762</a></li> <li>fix: Only override preferred_key when no value was found by <a href="https://github.com/chbndrhnns"><code>@chbndrhnns</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/767">pydantic/pydantic-settings#767</a></li> <li>Update deps by <a href="https://github.com/hramezani"><code>@hramezani</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/768">pydantic/pydantic-settings#768</a></li> <li>CLI coerce numeric types. by <a href="https://github.com/kschwab"><code>@kschwab</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/769">pydantic/pydantic-settings#769</a></li> <li>CLI Union Discriminator Choices in Help by <a href="https://github.com/kschwab"><code>@kschwab</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/764">pydantic/pydantic-settings#764</a></li> <li>Add nested path support for yaml_config_section (fixes <a href="https://redirect.github.com/pydantic/pydantic-settings/issues/772">#772</a>) by <a href="https://github.com/hugo-romero-mm"><code>@hugo-romero-mm</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/773">pydantic/pydantic-settings#773</a></li> <li>Prepare release 2.13.0 by <a href="https://github.com/hramezani"><code>@hramezani</code></a> in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/777">pydantic/pydantic-settings#777</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/pmeier"><code>@pmeier</code></a> made their first contribution in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/698">pydantic/pydantic-settings#698</a></li> <li><a href="https://github.com/jcyamacho"><code>@jcyamacho</code></a> made their first contribution in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/708">pydantic/pydantic-settings#708</a></li> <li><a href="https://github.com/zaphod72"><code>@zaphod72</code></a> made their first contribution in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/712">pydantic/pydantic-settings#712</a></li> <li><a href="https://github.com/Digity101"><code>@Digity101</code></a> made their first contribution in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/702">pydantic/pydantic-settings#702</a></li> <li><a href="https://github.com/Sube-py"><code>@Sube-py</code></a> made their first contribution in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/723">pydantic/pydantic-settings#723</a></li> <li><a href="https://github.com/mahenzon"><code>@mahenzon</code></a> made their first contribution in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/724">pydantic/pydantic-settings#724</a></li> <li><a href="https://github.com/kzrnm"><code>@kzrnm</code></a> made their first contribution in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/747">pydantic/pydantic-settings#747</a></li> <li><a href="https://github.com/cstarkers"><code>@cstarkers</code></a> made their first contribution in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/762">pydantic/pydantic-settings#762</a></li> <li><a href="https://github.com/hugo-romero-mm"><code>@hugo-romero-mm</code></a> made their first contribution in <a href="https://redirect.github.com/pydantic/pydantic-settings/pull/773">pydantic/pydantic-settings#773</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/pydantic/pydantic-settings/compare/v2.12.0...v2.13.0">https://github.com/pydantic/pydantic-settings/compare/v2.12.0...v2.13.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |