mirror/bracket
1
0
Fork 0
mirror of https://github.com/evroon/bracket.git synced 2026-04-20 07:16:59 -04:00
Code Issues Packages Projects Releases Wiki Activity
1,279 Commits 8 Branches 41 Tags
ec4801a821db2aa4d969ac169a79bd85c19c3367
Commit Graph

329 Commits

Author SHA1 Message Date
dependabot[bot]
ec4801a821 Bump pytest-cov from 7.0.0 to 7.1.0 in /backend (#1623) 
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps [pytest-cov](https://github.com/pytest-dev/pytest-cov) from 7.0.0
to 7.1.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pytest-dev/pytest-cov/blob/master/CHANGELOG.rst">pytest-cov's
changelog</a>.</em></p>
<blockquote>
<h2>7.1.0 (2026-03-21)</h2>
<ul>
<li>
<p>Fixed total coverage computation to always be consistent, regardless
of reporting settings.
Previously some reports could produce different total counts, and
consequently can make --cov-fail-under behave different depending on
reporting options.
See <code>[#641](https://github.com/pytest-dev/pytest-cov/issues/641)
&lt;https://github.com/pytest-dev/pytest-cov/issues/641&gt;</code>_.</p>
</li>
<li>
<p>Improve handling of ResourceWarning from sqlite3.</p>
<p>The plugin adds warning filter for sqlite3
<code>ResourceWarning</code> unclosed database (since 6.2.0).
It checks if there is already existing plugin for this message by
comparing filter regular expression.
When filter is specified on command line the message is escaped and does
not match an expected message.
A check for an escaped regular expression is added to handle this
case.</p>
<p>With this fix one can suppress <code>ResourceWarning</code> from
sqlite3 from command line::</p>
<p>pytest -W &quot;ignore:unclosed database in &lt;sqlite3.Connection
object at:ResourceWarning&quot; ...</p>
</li>
<li>
<p>Various improvements to documentation.
Contributed by Art Pelling in
<code>[#718](https://github.com/pytest-dev/pytest-cov/issues/718)
&lt;https://github.com/pytest-dev/pytest-cov/pull/718&gt;</code>_ and
&quot;vivodi&quot; in
<code>[#738](https://github.com/pytest-dev/pytest-cov/issues/738)
&lt;https://github.com/pytest-dev/pytest-cov/pull/738&gt;</code><em>.
Also closed
<code>[#736](https://github.com/pytest-dev/pytest-cov/issues/736)
&lt;https://github.com/pytest-dev/pytest-cov/issues/736&gt;</code></em>.</p>
</li>
<li>
<p>Fixed some assertions in tests.
Contributed by in Markéta Machová in
<code>[#722](https://github.com/pytest-dev/pytest-cov/issues/722)
&lt;https://github.com/pytest-dev/pytest-cov/pull/722&gt;</code>_.</p>
</li>
<li>
<p>Removed unnecessary coverage configuration copying (meant as a backup
because reporting commands had configuration side-effects before
coverage 5.0).</p>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="66c8a526b1"><code>66c8a52</code></a>
Bump version: 7.0.0 → 7.1.0</li>
<li><a
href="f707662478"><code>f707662</code></a>
Make the examples use pypy 3.11.</li>
<li><a
href="6049a78478"><code>6049a78</code></a>
Make context test use the old ctracer (seems the new sysmon tracer
behaves di...</li>
<li><a
href="8ebf20bbbc"><code>8ebf20b</code></a>
Update changelog.</li>
<li><a
href="861d30e60d"><code>861d30e</code></a>
Remove the backup context manager - shouldn't be needed since coverage
5.0, ...</li>
<li><a
href="fd4c956014"><code>fd4c956</code></a>
Pass the precision on the nulled total (seems that there's some caching
goion...</li>
<li><a
href="78c9c4ecb0"><code>78c9c4e</code></a>
Only run the 3.9 on older deps.</li>
<li><a
href="4849a922e8"><code>4849a92</code></a>
Punctuation.</li>
<li><a
href="197c35e2f3"><code>197c35e</code></a>
Update changelog and hopefully I don't forget to publish release again
:))</li>
<li><a
href="14dc1c92d4"><code>14dc1c9</code></a>
Update examples to use 3.11 and make the adhoc layout example look a bit
more...</li>
<li>Additional commits viewable in <a
href="https://github.com/pytest-dev/pytest-cov/compare/v7.0.0...v7.1.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pytest-cov&package-manager=uv&previous-version=7.0.0&new-version=7.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-24 04:11:15 +00:00
dependabot[bot]
3be18abccd Bump pyrefly from 0.56.0 to 0.57.1 in /backend (#1622) 
Bumps [pyrefly](https://github.com/facebook/pyrefly) from 0.56.0 to
0.57.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/facebook/pyrefly/releases">pyrefly's
releases</a>.</em></p>
<blockquote>
<h2>Pyrefly v0.57.1</h2>
<p>Fixed a bug that could cause Pyrefly to hang.</p>
<h2>Pyrefly v0.57.0</h2>
<p><strong>Status: Beta</strong><br />
<em>Release date: March 16, 2026</em></p>
<p>Pyrefly 0.57.0 bundles <strong>116 commits</strong> from <strong>17
contributors</strong>.</p>
<hr />
<h2> New &amp; Improved</h2>
<table>
<thead>
<tr>
<th align="left">Area</th>
<th align="left">What’s new</th>
</tr>
</thead>
<tbody>
<tr>
<td align="left"><strong>Type Checking</strong></td>
<td align="left">- Improved type narrowing for <code>hasattr</code>
inside loops <!-- raw HTML omitted --><!-- raw HTML omitted -->-
<code>pyrefly suppress</code> no longer corrupts multiline
f-strings/t-strings by inserting suppression comments inside the string;
it now places comments above the string and also matches suppressions
correctly for errors inside multiline f/t-strings <!-- raw HTML omitted
--><!-- raw HTML omitted -->- Improved <code>namedtuple</code> support
with <code>*</code> field unpacking <!-- raw HTML omitted --><!-- raw
HTML omitted -->- Fewer false-positive “variable is not initialized”
errors</td>
</tr>
<tr>
<td align="left"><strong>Language Server</strong></td>
<td align="left">- if a nested pyproject.toml contains
<code>[tool.ruff]</code> / <code>[tool.mypy]</code> /
<code>[tool.pyright]</code>, it’s treated as a strong “this is a Python
project root” marker, preventing parent pyrefly.toml from incorrectly
shadowing it (notably improving go-to-def accuracy on some repos)</td>
</tr>
<tr>
<td align="left"><strong>Performance</strong></td>
<td align="left">- Typechecking speed has improved, making it now ~20%
faster to type check Pytorch on recent benchmarks</td>
</tr>
</tbody>
</table>
<hr />
<h2>🐛 bug fixes</h2>
<p>We closed 24 bug issues this release 👏</p>
<ul>
<li><a
href="https://redirect.github.com/facebook/pyrefly/issues/2696">#2696</a>:
Fixed an issue where Pyrefly’s LSP incorrectly flagged <code>from typing
import NewType</code> as unused, even when <code>NewType(...)</code> was
referenced.</li>
<li><a
href="https://redirect.github.com/facebook/pyrefly/issues/2743">#2743</a>:
Fixed an issue where <code>TypedDict</code> fields named items/values
prevented access to the corresponding <code>dict.items()</code> /
<code>dict.values()</code> methods via attribute lookup.</li>
<li><a
href="https://redirect.github.com/facebook/pyrefly/issues/2745">#2745</a>:
Fixed an issue where chained/nested narrowing expressions (e.g.
multi-clause and conditions) failed to narrow correctly when using
negative subscript indices.</li>
<li><a
href="https://redirect.github.com/facebook/pyrefly/issues/2737">#2737</a>:
Fixed an issue where <code>functools.partial(...)</code> results
couldn’t be assigned back to a Callable typed with a
<code>ParamSpec</code>, causing a false-positive type error.</li>
<li><a
href="https://redirect.github.com/facebook/pyrefly/issues/2650">#2650</a>:
Fixed an issue where a <code>Protocol</code> parameterized by
<code>ParamSpec[...]</code> wasn’t considered compatible with an
equivalent “gradual” protocol using <code>*args: Any, **kwargs:
Any</code>.</li>
<li><a
href="https://redirect.github.com/facebook/pyrefly/issues/2334">#2334</a>:
Fixed an issue where calling <code>__init__</code> on parametrized bound
methods could trigger a false-positive type error due to incorrect
attribute lookup behavior.</li>
<li><a
href="https://redirect.github.com/facebook/pyrefly/issues/2731">#2731</a>:
Fixed an issue where <code>super()</code> calls to abstract methods that
do have a concrete runtime body were incorrectly reported as
missing-attribute / abstract-call errors.</li>
<li><a
href="https://redirect.github.com/facebook/pyrefly/issues/828">#828</a>:
Fixed an issue where reading a conditionally-initialized variable didn’t
“commit” the initialization, leading to redundant follow-on “may be
uninitialized” errors.</li>
<li><a
href="https://redirect.github.com/facebook/pyrefly/issues/835">#835</a>:
Fixed an issue where type information for subclasses wasn’t handled
correctly, leading to failures when type-checking subclass
relationships.</li>
<li>And more! <a
href="https://redirect.github.com/facebook/pyrefly/issues/2522">#2522</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/1800">#1800</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/2736">#2736</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/2382">#2382</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/913">#913</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/1397">#1397</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/2261">#2261</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/2669">#2669</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/2744">#2744</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/2739">#2739</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/1575">#1575</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/903">#903</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/1043">#1043</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/1429">#1429</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/2607">#2607</a></li>
</ul>
<p>Thank-you to all our contributors who found these bugs and reported
them! Did you know this is one of the most helpful contributions you can
make to an open-source project? If you find any bugs in Pyrefly we want
to know about them! Please open a bug report issue <a
href="https://github.com/facebook/pyrefly/issues">here</a></p>
<hr />
<h2>📦 Upgrade</h2>
<pre lang="shell"><code>pip install --upgrade pyrefly==0.57.0
</code></pre>
<h3>How to safely upgrade your codebase</h3>
<p>Upgrading the version of Pyrefly you're using or a third-party
library you depend on can reveal new type errors in your code. Fixing
them all at once is often unrealistic. We've written scripts to help you
temporarily silence them. After upgrading, follow these steps:</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="9d24c65115"><code>9d24c65</code></a>
v0.57.1</li>
<li><a
href="0c8881eee7"><code>0c8881e</code></a>
Fix infinite loop in variance inference for self-referential generic
classes</li>
<li><a
href="12e59d0b05"><code>12e59d0</code></a>
Reviewed By: rchen152</li>
<li><a
href="e02d9948c8"><code>e02d994</code></a>
Wire up Glean external references for incoming call hierarchy</li>
<li><a
href="3c5feafbce"><code>3c5feaf</code></a>
Add convert_external_references_to_incoming_calls</li>
<li><a
href="8524405b36"><code>8524405</code></a>
add &quot;why you should use pyrefly&quot; FAQ</li>
<li><a
href="753c5a369a"><code>753c5a3</code></a>
Add PysaModuleIndex to replace cross-module ModuleContext::create
calls</li>
<li><a
href="651f4984b0"><code>651f498</code></a>
Optimise comment parsing</li>
<li><a
href="372fe49ab0"><code>372fe49</code></a>
Remove unused code in the pyrefly_util crate</li>
<li><a
href="1998c105e6"><code>1998c10</code></a>
Remove unused code in the pyrefly_bundled crate</li>
<li>Additional commits viewable in <a
href="https://github.com/facebook/pyrefly/compare/0.56.0...0.57.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pyrefly&package-manager=uv&previous-version=0.56.0&new-version=0.57.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-24 04:11:02 +00:00
dependabot[bot]
dc373962f3 Bump sentry-sdk from 2.54.0 to 2.55.0 in /backend (#1620) 
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from
2.54.0 to 2.55.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-python/releases">sentry-sdk's
releases</a>.</em></p>
<blockquote>
<h2>2.55.0</h2>
<h3>New Features </h3>
<h4>Anthropic</h4>
<ul>
<li>Record finish reasons in AI monitoring spans by <a
href="https://github.com/ericapisani"><code>@​ericapisani</code></a> in
<a
href="https://redirect.github.com/getsentry/sentry-python/pull/5678">#5678</a></li>
<li>Emit <code>gen_ai.chat</code> spans for asynchronous
<code>messages.stream()</code> by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5572">#5572</a></li>
<li>Emit AI Client Spans for synchronous <code>messages.stream()</code>
by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5565">#5565</a></li>
<li>Set gen_ai.response.id span attribute by <a
href="https://github.com/ericapisani"><code>@​ericapisani</code></a> in
<a
href="https://redirect.github.com/getsentry/sentry-python/pull/5662">#5662</a></li>
<li>Add <code>gen_ai.system</code> attribute to spans by <a
href="https://github.com/ericapisani"><code>@​ericapisani</code></a> in
<a
href="https://redirect.github.com/getsentry/sentry-python/pull/5661">#5661</a></li>
</ul>
<h4>Pydantic Ai</h4>
<ul>
<li>Support ImageUrl content type in span instrumentation by <a
href="https://github.com/ericapisani"><code>@​ericapisani</code></a> in
<a
href="https://redirect.github.com/getsentry/sentry-python/pull/5629">#5629</a></li>
<li>Add tool description to execute_tool spans by <a
href="https://github.com/ericapisani"><code>@​ericapisani</code></a> in
<a
href="https://redirect.github.com/getsentry/sentry-python/pull/5596">#5596</a></li>
</ul>
<h4>Other</h4>
<ul>
<li>(crons) Add owner field to MonitorConfig by <a
href="https://github.com/julwhitney13"><code>@​julwhitney13</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5610">#5610</a></li>
<li>(otlp) Add collector_url option to OTLPIntegration by <a
href="https://github.com/sl0thentr0py"><code>@​sl0thentr0py</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5603">#5603</a></li>
</ul>
<h3>Bug Fixes 🐛</h3>
<ul>
<li>(ai) Truncate list-based message content in AI monitoring by <a
href="https://github.com/ericapisani"><code>@​ericapisani</code></a> in
<a
href="https://redirect.github.com/getsentry/sentry-python/pull/5631">#5631</a></li>
<li>(anthropic) Close span on <code>GeneratorExit</code> by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5643">#5643</a></li>
<li>(celery) Propagate user-set headers by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5581">#5581</a></li>
<li>(langchain) Wrap finish_reason in array for gen_ai span attribute by
<a href="https://github.com/ericapisani"><code>@​ericapisani</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5666">#5666</a></li>
<li>(logging) Fix deadlock in log batcher by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5684">#5684</a></li>
<li>(profiler) Prevent buffer race condition during rapid start/stop
cycles by <a
href="https://github.com/ericapisani"><code>@​ericapisani</code></a> in
<a
href="https://redirect.github.com/getsentry/sentry-python/pull/5622">#5622</a></li>
<li>(utils) Avoid double serialization of strings in safe_serialize by
<a href="https://github.com/ericapisani"><code>@​ericapisani</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5587">#5587</a></li>
<li>Enable unused import ruff check and fix unused imports by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5652">#5652</a></li>
</ul>
<h3>Documentation 📚</h3>
<ul>
<li>(openai-agents) Remove inapplicable comment by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5495">#5495</a></li>
<li>Add AGENTS.md by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5579">#5579</a></li>
<li>Add <code>set_attribute</code> example to changelog by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5578">#5578</a></li>
</ul>
<h3>Internal Changes 🔧</h3>
<h4>Anthropic</h4>
<ul>
<li>Check system and response ID attributes on spans created by
<code>stream()</code> by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5665">#5665</a></li>
<li>Skip accumulation logic for unexpected types in streamed response by
<a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5564">#5564</a></li>
<li>Factor out streamed result handling by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5563">#5563</a></li>
<li>Stream valid JSON by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5641">#5641</a></li>
<li>Stop mocking response iterator by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5573">#5573</a></li>
</ul>
<h4>Openai Agents</h4>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md">sentry-sdk's
changelog</a>.</em></p>
<blockquote>
<h2>2.55.0</h2>
<h3>New Features </h3>
<h4>Anthropic</h4>
<ul>
<li>Record finish reasons in AI monitoring spans by <a
href="https://github.com/ericapisani"><code>@​ericapisani</code></a> in
<a
href="https://redirect.github.com/getsentry/sentry-python/pull/5678">#5678</a></li>
<li>Emit <code>gen_ai.chat</code> spans for asynchronous
<code>messages.stream()</code> by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5572">#5572</a></li>
<li>Emit AI Client Spans for synchronous <code>messages.stream()</code>
by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5565">#5565</a></li>
<li>Set gen_ai.response.id span attribute by <a
href="https://github.com/ericapisani"><code>@​ericapisani</code></a> in
<a
href="https://redirect.github.com/getsentry/sentry-python/pull/5662">#5662</a></li>
<li>Add <code>gen_ai.system</code> attribute to spans by <a
href="https://github.com/ericapisani"><code>@​ericapisani</code></a> in
<a
href="https://redirect.github.com/getsentry/sentry-python/pull/5661">#5661</a></li>
</ul>
<h4>Pydantic Ai</h4>
<ul>
<li>Support ImageUrl content type in span instrumentation by <a
href="https://github.com/ericapisani"><code>@​ericapisani</code></a> in
<a
href="https://redirect.github.com/getsentry/sentry-python/pull/5629">#5629</a></li>
<li>Add tool description to execute_tool spans by <a
href="https://github.com/ericapisani"><code>@​ericapisani</code></a> in
<a
href="https://redirect.github.com/getsentry/sentry-python/pull/5596">#5596</a></li>
</ul>
<h4>Other</h4>
<ul>
<li>(crons) Add owner field to MonitorConfig by <a
href="https://github.com/julwhitney13"><code>@​julwhitney13</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5610">#5610</a></li>
<li>(otlp) Add collector_url option to OTLPIntegration by <a
href="https://github.com/sl0thentr0py"><code>@​sl0thentr0py</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5603">#5603</a></li>
</ul>
<h3>Bug Fixes 🐛</h3>
<ul>
<li>(ai) Truncate list-based message content in AI monitoring by <a
href="https://github.com/ericapisani"><code>@​ericapisani</code></a> in
<a
href="https://redirect.github.com/getsentry/sentry-python/pull/5631">#5631</a></li>
<li>(anthropic) Close span on <code>GeneratorExit</code> by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5643">#5643</a></li>
<li>(celery) Propagate user-set headers by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5581">#5581</a></li>
<li>(langchain) Wrap finish_reason in array for gen_ai span attribute by
<a href="https://github.com/ericapisani"><code>@​ericapisani</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5666">#5666</a></li>
<li>(logging) Fix deadlock in log batcher by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5684">#5684</a></li>
<li>(profiler) Prevent buffer race condition during rapid start/stop
cycles by <a
href="https://github.com/ericapisani"><code>@​ericapisani</code></a> in
<a
href="https://redirect.github.com/getsentry/sentry-python/pull/5622">#5622</a></li>
<li>(utils) Avoid double serialization of strings in safe_serialize by
<a href="https://github.com/ericapisani"><code>@​ericapisani</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5587">#5587</a></li>
<li>Enable unused import ruff check and fix unused imports by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5652">#5652</a></li>
</ul>
<h3>Documentation 📚</h3>
<ul>
<li>(openai-agents) Remove inapplicable comment by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5495">#5495</a></li>
<li>Add AGENTS.md by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5579">#5579</a></li>
<li>Add <code>set_attribute</code> example to changelog by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5578">#5578</a></li>
</ul>
<h3>Internal Changes 🔧</h3>
<h4>Anthropic</h4>
<ul>
<li>Check system and response ID attributes on spans created by
<code>stream()</code> by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5665">#5665</a></li>
<li>Skip accumulation logic for unexpected types in streamed response by
<a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5564">#5564</a></li>
<li>Factor out streamed result handling by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5563">#5563</a></li>
<li>Stream valid JSON by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5641">#5641</a></li>
<li>Stop mocking response iterator by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5573">#5573</a></li>
</ul>
<h4>Openai Agents</h4>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="038a429023"><code>038a429</code></a>
release: 2.55.0</li>
<li><a
href="b29c4bb5ed"><code>b29c4bb</code></a>
fix(logging): Fix deadlock in log batcher (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5684">#5684</a>)</li>
<li><a
href="b905cd3297"><code>b905cd3</code></a>
feat(anthropic): Record finish reasons in AI monitoring spans (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5678">#5678</a>)</li>
<li><a
href="6ea663f71d"><code>6ea663f</code></a>
fix(langchain): Wrap finish_reason in array for gen_ai span attribute
(<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5666">#5666</a>)</li>
<li><a
href="6345af9598"><code>6345af9</code></a>
fix(ai): Truncate list-based message content in AI monitoring (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5631">#5631</a>)</li>
<li><a
href="01346a9f2d"><code>01346a9</code></a>
build(deps): bump actions/create-github-app-token from 2.2.1 to 3.0.0
(<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5667">#5667</a>)</li>
<li><a
href="0b94624606"><code>0b94624</code></a>
build(deps): bump getsentry/testing-ai-sdk-integrations from
285c012e522f2415...</li>
<li><a
href="39cf94d458"><code>39cf94d</code></a>
build(deps): bump getsentry/craft from 2.23.1 to 2.24.1 (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5668">#5668</a>)</li>
<li><a
href="ada153bcdc"><code>ada153b</code></a>
ref: Add cont profiling support to span first (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5672">#5672</a>)</li>
<li><a
href="0b5f4f85b7"><code>0b5f4f8</code></a>
ci: 🤖 Update test matrix with new releases (03/16) (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5671">#5671</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/getsentry/sentry-python/compare/2.54.0...2.55.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry-sdk&package-manager=uv&previous-version=2.54.0&new-version=2.55.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-24 04:10:52 +00:00
dependabot[bot]
a0a8e3a76c Bump uvicorn from 0.41.0 to 0.42.0 in /backend (#1611) 
Bumps [uvicorn](https://github.com/Kludex/uvicorn) from 0.41.0 to
0.42.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/Kludex/uvicorn/releases">uvicorn's
releases</a>.</em></p>
<blockquote>
<h2>Version 0.42.0</h2>
<h2>Changed</h2>
<ul>
<li>Use <code>bytearray</code> for request body accumulation to avoid
O(n^2) allocation on fragmented bodies (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2845">#2845</a>)</li>
</ul>
<h2>Fixed</h2>
<ul>
<li>Escape brackets and backslash in httptools <code>HEADER_RE</code>
regex (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2824">#2824</a>)</li>
<li>Fix multiple issues in websockets sans-io implementation (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2825">#2825</a>)</li>
</ul>
<hr />
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/bysiber"><code>@​bysiber</code></a> made
their first contribution in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2825">Kludex/uvicorn#2825</a></li>
</ul>
<hr />
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Kludex/uvicorn/compare/0.41.0...0.42.0">https://github.com/Kludex/uvicorn/compare/0.41.0...0.42.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/Kludex/uvicorn/blob/main/docs/release-notes.md">uvicorn's
changelog</a>.</em></p>
<blockquote>
<h2>0.42.0 (March 16, 2026)</h2>
<h3>Changed</h3>
<ul>
<li>Use <code>bytearray</code> for request body accumulation to avoid
O(n^2) allocation on fragmented bodies (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2845">#2845</a>)</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Escape brackets and backslash in httptools <code>HEADER_RE</code>
regex (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2824">#2824</a>)</li>
<li>Fix multiple issues in websockets sans-io implementation (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2825">#2825</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="02bed6f8c3"><code>02bed6f</code></a>
Version 0.42.0 (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2852">#2852</a>)</li>
<li><a
href="d8f2501316"><code>d8f2501</code></a>
chore: pre-create Config objects in benchmarks to measure protocol hot
paths ...</li>
<li><a
href="9dbb7836bb"><code>9dbb783</code></a>
Add WebSocket protocol benchmarks for wsproto and websockets-sansio (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2849">#2849</a>)</li>
<li><a
href="b3c69da8c1"><code>b3c69da</code></a>
Use bytearray for request body accumulation (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2845">#2845</a>)</li>
<li><a
href="3f3ebee20f"><code>3f3ebee</code></a>
Disable <code>pytest-xdist</code> for CodSpeed benchmark runs (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2847">#2847</a>)</li>
<li><a
href="d072de754f"><code>d072de7</code></a>
Add fragmented body benchmark for chunked body accumulation (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2846">#2846</a>)</li>
<li><a
href="e300c2c75d"><code>e300c2c</code></a>
Add CodSpeed benchmark suite for HTTP protocol hot paths (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2844">#2844</a>)</li>
<li><a
href="1fa697651b"><code>1fa6976</code></a>
Escape brackets and backslash in httptools HEADER_RE regex (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2824">#2824</a>)</li>
<li><a
href="59ec1de7a4"><code>59ec1de</code></a>
Fix multiple issues in websockets sansio implementation (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2825">#2825</a>)</li>
<li><a
href="2fc0efcdd9"><code>2fc0efc</code></a>
Clarify Windows asyncio event loop selection in docs (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2843">#2843</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/Kludex/uvicorn/compare/0.41.0...0.42.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=uvicorn&package-manager=uv&previous-version=0.41.0&new-version=0.42.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-17 04:10:20 +00:00
dependabot[bot]
ebe35f7a5f Bump pyrefly from 0.55.0 to 0.56.0 in /backend (#1613) 
Bumps [pyrefly](https://github.com/facebook/pyrefly) from 0.55.0 to
0.56.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/facebook/pyrefly/releases">pyrefly's
releases</a>.</em></p>
<blockquote>
<h2>v0.56.0</h2>
<h1>Pyrefly v0.56.0</h1>
<p><strong>Status : Beta</strong><br />
<em>Release date: March 09, 2026</em><br />
Pyrefly v0.56.0 bundles <strong>248 commits</strong> from <strong>22
contributors</strong>.</p>
<hr />
<h2> New &amp; Improved</h2>
<table>
<thead>
<tr>
<th align="left">Area</th>
<th align="left">What’s new</th>
</tr>
</thead>
<tbody>
<tr>
<td align="left"><strong>Type Checking</strong></td>
<td align="left">- Limit the width of inferred return types to prevent
large unions. <!-- raw HTML omitted --><!-- raw HTML omitted -->-
Comparison checks involving <code>Any</code> now yields <code>Any</code>
(not <code>bool</code>), matching gradual typing expectations and
avoiding overly-confident boolean results</td>
</tr>
<tr>
<td align="left"><strong>Language Server</strong></td>
<td align="left">- IDE <code>diagnosticMode</code> now includes an
experimental workspace mode. When set to <code>workspace</code>, Pyrefly
publishes diagnostics for all files in a project once any file from that
project is opened. <!-- raw HTML omitted --><!-- raw HTML omitted -->-
Support added for the TSP
<code>typeServer</code>/<code>getPythonSearchPaths</code> message. <!--
raw HTML omitted --><!-- raw HTML omitted --> - Relative imports now
work for go-to-definition and completions (including site-packages),
reducing “can’t resolve import” / missing navigation cases</td>
</tr>
<tr>
<td align="left"><strong>Type Errors</strong></td>
<td align="left">- Default severities have been tuned to reduce noise:
<code>implicit-import</code> errors downgraded to warning;
<code>unreachable</code> and <code>redundant-condition</code> errors
default to warning (are configurable back to errors if desired) <!-- raw
HTML omitted --><!-- raw HTML omitted -->- New error code
`non-convergent-recursion`, <a
href="http://non-convergent-recursion">read the docs</a></td>
</tr>
<tr>
<td align="left"><strong>Performance Improvements</strong></td>
<td align="left">- Added dedicated thread pool for LSP operations to
prevent blocking main thread during rechecks</td>
</tr>
</tbody>
</table>
<hr />
<h2>🐛 bug fixes</h2>
<p>We closed 33 bug issues this release 👏</p>
<ul>
<li><a
href="https://redirect.github.com/facebook/pyrefly/issues/2612">#2612</a>:
Fixed an issue where lambda expressions with default parameters were not
recognized in missing-argument checks.</li>
<li><a
href="https://redirect.github.com/facebook/pyrefly/issues/2605">#2605</a>:
Fixed a false positive error in an untyped classmethod with *args.</li>
<li><a
href="https://redirect.github.com/facebook/pyrefly/issues/2385">#2385</a>:
Prevented builtins wildcard imports from shadowing existing definitions
during static scope setup.</li>
<li><a
href="https://redirect.github.com/facebook/pyrefly/issues/2618">#2618</a>:
Fixed a <code>StrEnum</code> classmethod being treated as enum
members.</li>
<li><a
href="https://redirect.github.com/facebook/pyrefly/issues/2590">#2590</a>:
Blocked subscripting generic functions/callables to prevent unsupported
operations.</li>
<li><a
href="https://redirect.github.com/facebook/pyrefly/issues/2514">#2514</a>:
Fixed a <code>not-callable</code> false positive with enum methods.</li>
<li><a
href="https://redirect.github.com/facebook/pyrefly/issues/2609">#2609</a>:
Fixed a <code>bad-param-name-override</code> false positive for
<code>Sequence.__contains__</code>.</li>
<li><a
href="https://redirect.github.com/facebook/pyrefly/issues/2668">#2668</a>:
Fixed dict.setdefault on an unpinned dict always making the dict
nullable.</li>
<li><a
href="https://redirect.github.com/facebook/pyrefly/issues/2527">#2527</a>:
Fixed a <code>no-matching-overload</code> issue related to nested type
aliases.</li>
<li><a
href="https://redirect.github.com/facebook/pyrefly/issues/2543">#2543</a>:
Fixed a problem when using <code>class</code> definition on top of a
<code>ClassVar</code>.</li>
<li>And more!</li>
</ul>
<p>Thank-you to all our contributors who found these bugs and reported
them! Did you know this is one of the most helpful contributions you can
make to an open-source project? If you find any bugs in Pyrefly we want
to know about them! Please open a bug report issue <a
href="https://github.com/facebook/pyrefly/issues">here</a></p>
<hr />
<h2>📦 Upgrade</h2>
<pre lang="shell"><code>pip install --upgrade pyrefly==0.56.0
</code></pre>
<h3>How to safely upgrade your codebase</h3>
<p>Upgrading the version of Pyrefly you're using or a third-party
library you depend on can reveal new type errors in your code. Fixing
them all at once is often unrealistic. We've written scripts to help you
temporarily silence them. After upgrading, follow these steps:</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="7bf1ed3ed0"><code>7bf1ed3</code></a>
Support extracting narrow checks for all (literal) facet chains</li>
<li><a
href="029b612806"><code>029b612</code></a>
fix Support Enum with custom <code>__new__</code> <a
href="https://redirect.github.com/facebook/pyrefly/issues/2747">#2747</a>
(<a
href="https://redirect.github.com/facebook/pyrefly/issues/2763">#2763</a>)</li>
<li><a
href="f6a21170ad"><code>f6a2117</code></a>
Fix double-counting cls with <strong>class_getitem</strong> and <a
href="https://github.com/classmethod"><code>@​classmethod</code></a> (<a
href="https://redirect.github.com/facebook/pyrefly/issues/2772">#2772</a>)</li>
<li><a
href="7ec2f404da"><code>7ec2f40</code></a>
Fix variance inference fixpoint to correctly propagate inherited
contravariance</li>
<li><a
href="65741ef298"><code>65741ef</code></a>
Add failing variance inference testcase</li>
<li><a
href="ff72f08589"><code>ff72f08</code></a>
fix PANIC Sorry, Pyrefly crashed, this is always a bug in Pyrefly itself
<a
href="https://redirect.github.com/facebook/pyrefly/issues/272">#272</a>...</li>
<li><a
href="86d8a0a746"><code>86d8a0a</code></a>
Extend facet narrowing cross-check to attr chains</li>
<li><a
href="ada95d5309"><code>ada95d5</code></a>
Add file stats to SubTaskTelemetry</li>
<li><a
href="ad6cd62acb"><code>ad6cd62</code></a>
fix Unary operator for int not applicable for Literal of bool <a
href="https://redirect.github.com/facebook/pyrefly/issues/2750">#2750</a>
(<a
href="https://redirect.github.com/facebook/pyrefly/issues/2762">#2762</a>)</li>
<li><a
href="65bb170b5e"><code>65bb170</code></a>
Add telemetry for newly added code actions</li>
<li>Additional commits viewable in <a
href="https://github.com/facebook/pyrefly/compare/0.55.0...0.56.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pyrefly&package-manager=uv&previous-version=0.55.0&new-version=0.56.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-17 04:10:10 +00:00
dependabot[bot]
9da1ce592b Bump pyjwt from 2.11.0 to 2.12.0 in /backend (#1607) 
Bumps [pyjwt](https://github.com/jpadilla/pyjwt) from 2.11.0 to 2.12.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/jpadilla/pyjwt/releases">pyjwt's
releases</a>.</em></p>
<blockquote>
<h2>2.12.0</h2>
<h2>Security</h2>
<ul>
<li>Validate the crit (Critical) Header Parameter defined in RFC 7515
§4.1.11. by <a
href="https://github.com/dmbs335"><code>@​dmbs335</code></a> in <a
href="https://github.com/jpadilla/pyjwt/security/advisories/GHSA-752w-5fwx-jx9f">GHSA-752w-5fwx-jx9f</a></li>
</ul>
<h2>What's Changed</h2>
<ul>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>[bot]
in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1132">jpadilla/pyjwt#1132</a></li>
<li>chore(docs): fix docs build by <a
href="https://github.com/tamird"><code>@​tamird</code></a> in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1137">jpadilla/pyjwt#1137</a></li>
<li>Annotate PyJWKSet.keys for pyright by <a
href="https://github.com/tamird"><code>@​tamird</code></a> in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1134">jpadilla/pyjwt#1134</a></li>
<li>fix: close HTTPError to prevent ResourceWarning on Python 3.14 by <a
href="https://github.com/veeceey"><code>@​veeceey</code></a> in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1133">jpadilla/pyjwt#1133</a></li>
<li>chore: remove superfluous constants by <a
href="https://github.com/tamird"><code>@​tamird</code></a> in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1136">jpadilla/pyjwt#1136</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>[bot]
in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1135">jpadilla/pyjwt#1135</a></li>
<li>chore(tests): enable mypy by <a
href="https://github.com/tamird"><code>@​tamird</code></a> in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1138">jpadilla/pyjwt#1138</a></li>
<li>Bump actions/download-artifact from 7 to 8 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1142">jpadilla/pyjwt#1142</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>[bot]
in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1141">jpadilla/pyjwt#1141</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>[bot]
in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1145">jpadilla/pyjwt#1145</a></li>
<li>fix: do not store reference to algorithms dict on PyJWK by <a
href="https://github.com/akx"><code>@​akx</code></a> in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1143">jpadilla/pyjwt#1143</a></li>
<li>Use PyJWK algorithm when encoding without explicit algorithm by <a
href="https://github.com/jpadilla"><code>@​jpadilla</code></a> in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1148">jpadilla/pyjwt#1148</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/tamird"><code>@​tamird</code></a> made
their first contribution in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1137">jpadilla/pyjwt#1137</a></li>
<li><a href="https://github.com/veeceey"><code>@​veeceey</code></a> made
their first contribution in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1133">jpadilla/pyjwt#1133</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/jpadilla/pyjwt/compare/2.11.0...2.12.0">https://github.com/jpadilla/pyjwt/compare/2.11.0...2.12.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst">pyjwt's
changelog</a>.</em></p>
<blockquote>
<h2><code>v2.12.0
&lt;https://github.com/jpadilla/pyjwt/compare/2.11.0...2.12.0&gt;</code>__</h2>
<p>Fixed</p>
<pre><code>
- Annotate PyJWKSet.keys for pyright by @tamird in
`[#1134](https://github.com/jpadilla/pyjwt/issues/1134)
&lt;https://github.com/jpadilla/pyjwt/pull/1134&gt;`__
- Close ``HTTPError`` response to prevent ``ResourceWarning`` on Python
3.14 by @veeceey in
`[#1133](https://github.com/jpadilla/pyjwt/issues/1133)
&lt;https://github.com/jpadilla/pyjwt/pull/1133&gt;`__
- Do not keep ``algorithms`` dict in PyJWK instances by @akx in
`[#1143](https://github.com/jpadilla/pyjwt/issues/1143)
&lt;https://github.com/jpadilla/pyjwt/pull/1143&gt;`__
- Validate the crit (Critical) Header Parameter defined in RFC 7515
§4.1.11. by @dmbs335 in `GHSA-752w-5fwx-jx9f
&lt;https://github.com/jpadilla/pyjwt/security/advisories/GHSA-752w-5fwx-jx9f&gt;`__
- Use PyJWK algorithm when encoding without explicit algorithm in
`[#1148](https://github.com/jpadilla/pyjwt/issues/1148)
&lt;https://github.com/jpadilla/pyjwt/pull/1148&gt;`__
<p>Added
</code></pre></p>
<ul>
<li>Docs: Add <code>PyJWKClient</code> API reference and document the
two-tier caching system (JWK Set cache and signing key LRU cache).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="bd9700cca7"><code>bd9700c</code></a>
Use PyJWK algorithm when encoding without explicit algorithm (<a
href="https://redirect.github.com/jpadilla/pyjwt/issues/1148">#1148</a>)</li>
<li><a
href="051ea341b5"><code>051ea34</code></a>
Merge commit from fork</li>
<li><a
href="1451d70eca"><code>1451d70</code></a>
fix: do not store reference to algorithms dict on PyJWK (<a
href="https://redirect.github.com/jpadilla/pyjwt/issues/1143">#1143</a>)</li>
<li><a
href="f3ba74c106"><code>f3ba74c</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/jpadilla/pyjwt/issues/1145">#1145</a>)</li>
<li><a
href="0318ffa7b1"><code>0318ffa</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/jpadilla/pyjwt/issues/1141">#1141</a>)</li>
<li><a
href="a52753db3c"><code>a52753d</code></a>
Bump actions/download-artifact from 7 to 8 (<a
href="https://redirect.github.com/jpadilla/pyjwt/issues/1142">#1142</a>)</li>
<li><a
href="b85050f1d4"><code>b85050f</code></a>
chore(tests): enable mypy (<a
href="https://redirect.github.com/jpadilla/pyjwt/issues/1138">#1138</a>)</li>
<li><a
href="1272b26477"><code>1272b26</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/jpadilla/pyjwt/issues/1135">#1135</a>)</li>
<li><a
href="99a87287c2"><code>99a8728</code></a>
chore: remove superfluous constants (<a
href="https://redirect.github.com/jpadilla/pyjwt/issues/1136">#1136</a>)</li>
<li><a
href="412cb67a93"><code>412cb67</code></a>
fix: close HTTPError to prevent ResourceWarning on Python 3.14 (<a
href="https://redirect.github.com/jpadilla/pyjwt/issues/1133">#1133</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/jpadilla/pyjwt/compare/2.11.0...2.12.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pyjwt&package-manager=uv&previous-version=2.11.0&new-version=2.12.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/evroon/bracket/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-14 02:12:47 +00:00
dependabot[bot]
ada800195f Bump vulture from 2.14 to 2.15 in /backend (#1604) 
Bumps [vulture](https://github.com/jendrikseipp/vulture) from 2.14 to
2.15.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/jendrikseipp/vulture/releases">vulture's
releases</a>.</em></p>
<blockquote>
<h2>v2.15</h2>
<p>2.15 (2026-03-04)</p>
<ul>
<li>Handle <code>while True</code> loops without <code>break</code>
statements (kreathon).</li>
<li>Add whitelist for <code>ssl.SSLContext</code> (tunnelsociety, <a
href="https://redirect.github.com/jendrikseipp/vulture/issues/392">#392</a>).</li>
<li>Add more ruff rules (even-even).</li>
<li>Drop support for Python 3.8 (Jendrik Seipp, <a
href="https://redirect.github.com/jendrikseipp/vulture/issues/398">#398</a>).</li>
<li>Add support for Python 3.14 (even-even).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/jendrikseipp/vulture/blob/main/CHANGELOG.md">vulture's
changelog</a>.</em></p>
<blockquote>
<h1>2.15 (2026-03-04)</h1>
<ul>
<li>Handle <code>while True</code> loops without <code>break</code>
statements (kreathon).</li>
<li>Add whitelist for <code>ssl.SSLContext</code> (tunnelsociety, <a
href="https://redirect.github.com/jendrikseipp/vulture/issues/392">#392</a>).</li>
<li>Add more ruff rules (even-even).</li>
<li>Drop support for Python 3.8 (Jendrik Seipp, <a
href="https://redirect.github.com/jendrikseipp/vulture/issues/398">#398</a>).</li>
<li>Add support for Python 3.14 (even-even).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="6a4001fd69"><code>6a4001f</code></a>
Update version number to 2.15 for release.</li>
<li><a
href="ef9e6de626"><code>ef9e6de</code></a>
Fix release script.</li>
<li><a
href="06490290ea"><code>0649029</code></a>
Add release date.</li>
<li><a
href="01b9ff53d2"><code>01b9ff5</code></a>
Add more ruff rules and fix warnings (<a
href="https://redirect.github.com/jendrikseipp/vulture/issues/406">#406</a>)</li>
<li><a
href="3d9906156e"><code>3d99061</code></a>
Add tests for Python 3.14 (<a
href="https://redirect.github.com/jendrikseipp/vulture/issues/404">#404</a>)</li>
<li><a
href="b11b7d4f6c"><code>b11b7d4</code></a>
Drop support for Python 3.8 (<a
href="https://redirect.github.com/jendrikseipp/vulture/issues/399">#399</a>)</li>
<li><a
href="b9bcb586d5"><code>b9bcb58</code></a>
Switch from setup.py to pyproject.toml and use GitHub Actions for PyPI
releases.</li>
<li><a
href="3c2bef412d"><code>3c2bef4</code></a>
Add whitelist for ssl.SSLContext (<a
href="https://redirect.github.com/jendrikseipp/vulture/issues/392">#392</a>)</li>
<li><a
href="1e210d9205"><code>1e210d9</code></a>
Add link to VS Code extension.</li>
<li><a
href="4ecc14923a"><code>4ecc149</code></a>
Update changelog and revise comment.</li>
<li>Additional commits viewable in <a
href="https://github.com/jendrikseipp/vulture/compare/v2.14...v2.15">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=vulture&package-manager=uv&previous-version=2.14&new-version=2.15)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-10 04:12:33 +00:00
dependabot[bot]
f8075f94d1 Bump fastapi-sso from 0.20.0 to 0.21.0 in /backend (#1591) 
Bumps [fastapi-sso](https://github.com/tomasvotava/fastapi-sso) from
0.20.0 to 0.21.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tomasvotava/fastapi-sso/releases">fastapi-sso's
releases</a>.</em></p>
<blockquote>
<h2>0.21.0</h2>
<h2>What's Changed</h2>
<ul>
<li>feat: remove python 3.9 support, add python 3.14 support by <a
href="https://github.com/tomasvotava"><code>@​tomasvotava</code></a> in
<a
href="https://redirect.github.com/tomasvotava/fastapi-sso/pull/274">tomasvotava/fastapi-sso#274</a></li>
<li>chore(deps): bump the all group with 6 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tomasvotava/fastapi-sso/pull/275">tomasvotava/fastapi-sso#275</a></li>
<li>chore(deps): bump the all group across 1 directory with 7 updates by
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tomasvotava/fastapi-sso/pull/277">tomasvotava/fastapi-sso#277</a></li>
<li>Added tidal and apple providers by <a
href="https://github.com/john-9474"><code>@​john-9474</code></a> in <a
href="https://redirect.github.com/tomasvotava/fastapi-sso/pull/278">tomasvotava/fastapi-sso#278</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/tomasvotava/fastapi-sso/compare/0.20.0...0.21.0">https://github.com/tomasvotava/fastapi-sso/compare/0.20.0...0.21.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="3029f9c086"><code>3029f9c</code></a>
docs: update docs, increment version</li>
<li><a
href="92ac28b07b"><code>92ac28b</code></a>
Added tidal and apple providers (<a
href="https://redirect.github.com/tomasvotava/fastapi-sso/issues/278">#278</a>)</li>
<li><a
href="82b3aeb466"><code>82b3aeb</code></a>
chore(deps): bump the all group across 1 directory with 7 updates (<a
href="https://redirect.github.com/tomasvotava/fastapi-sso/issues/277">#277</a>)</li>
<li><a
href="a03604f139"><code>a03604f</code></a>
chore(deps): bump the all group with 6 updates (<a
href="https://redirect.github.com/tomasvotava/fastapi-sso/issues/275">#275</a>)</li>
<li><a
href="bb50d314fc"><code>bb50d31</code></a>
feat: remove python 3.9 support, add python 3.14 support (<a
href="https://redirect.github.com/tomasvotava/fastapi-sso/issues/274">#274</a>)</li>
<li>See full diff in <a
href="https://github.com/tomasvotava/fastapi-sso/compare/0.20.0...0.21.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=fastapi-sso&package-manager=uv&previous-version=0.20.0&new-version=0.21.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-03 04:13:01 +00:00
dependabot[bot]
17db0a9e6e Bump pyrefly from 0.54.0 to 0.55.0 in /backend (#1590) 
Bumps [pyrefly](https://github.com/facebook/pyrefly) from 0.54.0 to
0.55.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="2634f2290a"><code>2634f22</code></a>
Update pyrefly version]</li>
<li><a
href="da13a2e7b5"><code>da13a2e</code></a>
Cache Err results in subset_cache as optimization</li>
<li><a
href="0527e8cff5"><code>0527e8c</code></a>
Replace recursive_assumptions with persistent subset_cache (<a
href="https://redirect.github.com/facebook/pyrefly/issues/2599">#2599</a>)</li>
<li><a
href="0a0951afca"><code>0a0951a</code></a>
Fixed notebook quick-fix position (<a
href="https://redirect.github.com/facebook/pyrefly/issues/2596">#2596</a>)</li>
<li><a
href="05c5f7fd7a"><code>05c5f7f</code></a>
Fix TOCTOU race in lookup_answer</li>
<li><a
href="a21eb977d8"><code>a21eb97</code></a>
Fix jemalloc &quot;Unsupported system page size&quot; on macOS
ARM64</li>
<li><a
href="064cd1ed22"><code>064cd1e</code></a>
Add GK for all operating systems.</li>
<li><a
href="6951b91310"><code>6951b91</code></a>
WYSIWYG display of generic type arguments with defaults (<a
href="https://redirect.github.com/facebook/pyrefly/issues/2488">#2488</a>)</li>
<li><a
href="a791138d08"><code>a791138</code></a>
Add non-interactive mode to pyrefly init</li>
<li><a
href="ad33773d31"><code>ad33773</code></a>
Remove suprressed error from pyrefly config file</li>
<li>Additional commits viewable in <a
href="https://github.com/facebook/pyrefly/compare/0.54.0...0.55.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pyrefly&package-manager=uv&previous-version=0.54.0&new-version=0.55.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-03 04:12:49 +00:00
dependabot[bot]
f0a1c1fe99 Bump sentry-sdk from 2.53.0 to 2.54.0 in /backend (#1588) 
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from
2.53.0 to 2.54.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-python/releases">sentry-sdk's
releases</a>.</em></p>
<blockquote>
<h2>2.54.0</h2>
<h3>New Features </h3>
<ul>
<li>Add <code>set_attribute</code>, <code>remove_attribute</code> to
global API by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5555">#5555</a></li>
</ul>
<h3>Bug Fixes 🐛</h3>
<h4>Openai</h4>
<ul>
<li>Attach response model with streamed Completions API by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5557">#5557</a></li>
<li>Attach response model with streamed Responses API by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5554">#5554</a></li>
<li>Avoid consuming iterables passed to the Completions API by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5489">#5489</a></li>
<li>Avoid consuming iterables passed to the Embeddings API by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5491">#5491</a></li>
</ul>
<h4>Other</h4>
<ul>
<li>(anthropic) Fix token accounting by <a
href="https://github.com/shellmayr"><code>@​shellmayr</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5490">#5490</a></li>
<li>(google-genai) Remove agent spans for simple requests by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5443">#5443</a></li>
<li>(grpc) Read method from handler_call_details for grpcio &gt;= 1.76
compat by <a
href="https://github.com/yeung108"><code>@​yeung108</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5521">#5521</a></li>
<li>(httpx) Correctly append baggage in async client by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5530">#5530</a></li>
<li>(pydantic-ai) Adapt to missing <code>ToolManager._call_tool</code>
by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5522">#5522</a></li>
<li>(utils) Use HEROKU_BUILD_COMMIT env var for default release by <a
href="https://github.com/ericapisani"><code>@​ericapisani</code></a> in
<a
href="https://redirect.github.com/getsentry/sentry-python/pull/5499">#5499</a></li>
<li>(wsgi) Do not wrap file responses when uWSGI offload-threads is
enabled by <a
href="https://github.com/ericapisani"><code>@​ericapisani</code></a> in
<a
href="https://redirect.github.com/getsentry/sentry-python/pull/5556">#5556</a></li>
</ul>
<h3>Documentation 📚</h3>
<ul>
<li>Add troubleshooting note for editable installs with uWSGI by <a
href="https://github.com/ericapisani"><code>@​ericapisani</code></a> in
<a
href="https://redirect.github.com/getsentry/sentry-python/pull/5552">#5552</a></li>
<li>Add debugging advice by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5517">#5517</a></li>
<li>New integration guide by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5476">#5476</a></li>
</ul>
<h3>Internal Changes 🔧</h3>
<h4>Agents</h4>
<ul>
<li>Add security-review skill to agent configuration by <a
href="https://github.com/ericapisani"><code>@​ericapisani</code></a> in
<a
href="https://redirect.github.com/getsentry/sentry-python/pull/5498">#5498</a></li>
<li>Add sentry skills to be used by warden in CI reviews by <a
href="https://github.com/ericapisani"><code>@​ericapisani</code></a> in
<a
href="https://redirect.github.com/getsentry/sentry-python/pull/5485">#5485</a></li>
</ul>
<h4>Openai</h4>
<ul>
<li>Only handle streamed results when applicable by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5553">#5553</a></li>
<li>Extract input in API-specific functions by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5546">#5546</a></li>
<li>Separate output handling by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5543">#5543</a></li>
</ul>
<h4>Openai Agents</h4>
<ul>
<li>Remove <code>set_data_normalized</code> for primitive attributes by
<a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5509">#5509</a></li>
<li>Expect new tool fields by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5471">#5471</a></li>
</ul>
<h4>Other</h4>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md">sentry-sdk's
changelog</a>.</em></p>
<blockquote>
<h2>2.54.0</h2>
<h3>New Features </h3>
<ul>
<li>Add <code>set_attribute</code>, <code>remove_attribute</code> to
global API by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5555">#5555</a></li>
</ul>
<h3>Bug Fixes 🐛</h3>
<h4>Openai</h4>
<ul>
<li>Attach response model with streamed Completions API by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5557">#5557</a></li>
<li>Attach response model with streamed Responses API by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5554">#5554</a></li>
<li>Avoid consuming iterables passed to the Completions API by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5489">#5489</a></li>
<li>Avoid consuming iterables passed to the Embeddings API by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5491">#5491</a></li>
</ul>
<h4>Other</h4>
<ul>
<li>(anthropic) Fix token accounting by <a
href="https://github.com/shellmayr"><code>@​shellmayr</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5490">#5490</a></li>
<li>(google-genai) Remove agent spans for simple requests by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5443">#5443</a></li>
<li>(grpc) Read method from handler_call_details for grpcio &gt;= 1.76
compat by <a
href="https://github.com/yeung108"><code>@​yeung108</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5521">#5521</a></li>
<li>(httpx) Correctly append baggage in async client by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5530">#5530</a></li>
<li>(pydantic-ai) Adapt to missing <code>ToolManager._call_tool</code>
by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5522">#5522</a></li>
<li>(utils) Use HEROKU_BUILD_COMMIT env var for default release by <a
href="https://github.com/ericapisani"><code>@​ericapisani</code></a> in
<a
href="https://redirect.github.com/getsentry/sentry-python/pull/5499">#5499</a></li>
<li>(wsgi) Do not wrap file responses when uWSGI offload-threads is
enabled by <a
href="https://github.com/ericapisani"><code>@​ericapisani</code></a> in
<a
href="https://redirect.github.com/getsentry/sentry-python/pull/5556">#5556</a></li>
</ul>
<h3>Documentation 📚</h3>
<ul>
<li>Add troubleshooting note for editable installs with uWSGI by <a
href="https://github.com/ericapisani"><code>@​ericapisani</code></a> in
<a
href="https://redirect.github.com/getsentry/sentry-python/pull/5552">#5552</a></li>
<li>Add debugging advice by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5517">#5517</a></li>
<li>New integration guide by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5476">#5476</a></li>
</ul>
<h3>Internal Changes 🔧</h3>
<h4>Agents</h4>
<ul>
<li>Add security-review skill to agent configuration by <a
href="https://github.com/ericapisani"><code>@​ericapisani</code></a> in
<a
href="https://redirect.github.com/getsentry/sentry-python/pull/5498">#5498</a></li>
<li>Add sentry skills to be used by warden in CI reviews by <a
href="https://github.com/ericapisani"><code>@​ericapisani</code></a> in
<a
href="https://redirect.github.com/getsentry/sentry-python/pull/5485">#5485</a></li>
</ul>
<h4>Openai</h4>
<ul>
<li>Only handle streamed results when applicable by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5553">#5553</a></li>
<li>Extract input in API-specific functions by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5546">#5546</a></li>
<li>Separate output handling by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5543">#5543</a></li>
</ul>
<h4>Openai Agents</h4>
<ul>
<li>Remove <code>set_data_normalized</code> for primitive attributes by
<a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5509">#5509</a></li>
<li>Expect new tool fields by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5471">#5471</a></li>
</ul>
<h4>Other</h4>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0b31018c46"><code>0b31018</code></a>
release: 2.54.0</li>
<li><a
href="7a02bde853"><code>7a02bde</code></a>
fix(openai): Attach response model with streamed Completions API (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5557">#5557</a>)</li>
<li><a
href="09675e36a3"><code>09675e3</code></a>
fix(openai): Attach response model with streamed Responses API (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5554">#5554</a>)</li>
<li><a
href="678e9a7e04"><code>678e9a7</code></a>
ref(openai): Only handle streamed results when applicable (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5553">#5553</a>)</li>
<li><a
href="087ec4d585"><code>087ec4d</code></a>
ref(openai): Extract input in API-specific functions (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5546">#5546</a>)</li>
<li><a
href="68376625c8"><code>6837662</code></a>
ref(openai): Separate output handling (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5543">#5543</a>)</li>
<li><a
href="c11d1f2f23"><code>c11d1f2</code></a>
ci: updated codecov.yml (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5571">#5571</a>)</li>
<li><a
href="c56f1f71f7"><code>c56f1f7</code></a>
fix(wsgi): Do not wrap file responses when uWSGI offload-threads is
enabled (...</li>
<li><a
href="8628732e27"><code>8628732</code></a>
feat: Add <code>set_attribute</code>, <code>remove_attribute</code> to
global API (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5555">#5555</a>)</li>
<li><a
href="a4e4c57f88"><code>a4e4c57</code></a>
docs: Add troubleshooting note for editable installs with uWSGI (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5552">#5552</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/getsentry/sentry-python/compare/2.53.0...2.54.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry-sdk&package-manager=uv&previous-version=2.53.0&new-version=2.54.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-03 04:12:39 +00:00
dependabot[bot]
b1b3ee98db Bump pyrefly from 0.52.0 to 0.54.0 in /backend (#1575) 
Bumps [pyrefly](https://github.com/facebook/pyrefly) from 0.52.0 to
0.54.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/facebook/pyrefly/releases">pyrefly's
releases</a>.</em></p>
<blockquote>
<h2>Pyrefly v0.53.0</h2>
<h1>Pyrefly 0.53.0</h1>
<p><strong>Status : BETA</strong><br />
<em>Release date: 17 February 2026</em></p>
<p>pyrefly 0.53.0 bundles <strong>245 commits</strong> from <strong>27
contributors</strong>.</p>
<hr />
<h1> New &amp; Improved</h1>
<table>
<thead>
<tr>
<th align="left">Area</th>
<th align="left">What’s new</th>
</tr>
</thead>
<tbody>
<tr>
<td align="left"><strong>Type Checking</strong></td>
<td align="left">- Recursive type aliases now supported, so you can
define type aliases that reference themselves, and Pyrefly will
correctly resolve and type-check them <!-- raw HTML omitted --><!-- raw
HTML omitted -->- Error is now raised when <code>Self</code> is used in
certain invalid locations (outside a class, in a static method within a
class, in a metaclass) <!-- raw HTML omitted --><!-- raw HTML omitted
-->- Pyrefly now supports the idiom class
<code>Foo(namedtuple(&quot;Bar&quot;, ...))</code>, matching CPython and
Mypy behavior <!-- raw HTML omitted --><!-- raw HTML omitted -->-
Pyrefly will now warn you if a protocol’s type variable is used in a way
that doesn’t match its declared variance</td>
</tr>
<tr>
<td align="left"><strong>Language Server</strong></td>
<td align="left">- Completion suggestions are now ranked based on most
recently used (MRU) items <!-- raw HTML omitted --><!-- raw HTML omitted
-->- Auto-import completions and unknown-name quick fixes now honor
common aliases (e.g. <code>import numpy as np</code>) <!-- raw HTML
omitted --><!-- raw HTML omitted -->- Improved error messages for
signature mismatches, including ASCII-style diffs and normalized
function names for clarity</td>
</tr>
<tr>
<td align="left"><strong>Config</strong></td>
<td align="left">- JSON schemas added for <code>pyrefly.toml</code> and
<code>pyproject.toml</code> to enable editor features like
auto-completion and validation</td>
</tr>
<tr>
<td align="left"><strong>Performance</strong></td>
<td align="left">- Pyrefly uses ~26% less CPU when tested typechecking
the whole Pytorch codebase on M1 Pro MacBook with 10 cores</td>
</tr>
</tbody>
</table>
<hr />
<h1>🐛 bug fixes</h1>
<p>We closed 17 bug issues this release 👏</p>
<ul>
<li><a
href="https://redirect.github.com/facebook/pyrefly/issues/949">#949</a>
- Lambdas with <code>yield</code> or <code>yield from</code> are now
correctly inferred as generator-returning callables.</li>
<li><a
href="https://redirect.github.com/facebook/pyrefly/issues/2407">#2407</a>
- <code>Literal</code> imported via <code>try/except</code> is now
recognized as a special form, preventing spurious unknown-name
errors</li>
<li><a
href="https://redirect.github.com/facebook/pyrefly/issues/2375">#2375</a>
- Methods overriding base class methods no longer trigger false positive
errors for missing <code>@override</code> decorators.</li>
<li><a
href="https://redirect.github.com/facebook/pyrefly/issues/2327">#2327</a>
- The first parameter of class methods is now correctly handled
regardless of its name.</li>
<li>And more - <a
href="https://redirect.github.com/facebook/pyrefly/issues/1754">#1754</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/1383">#1383</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/1790">#1790</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/2350">#2350</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/2369">#2369</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/2371">#2371</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/2392">#2392</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/2335">#2335</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/259">#259</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/254">#254</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/1778">#1778</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/2116">#2116</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/2302">#2302</a></li>
</ul>
<p>Thank-you to all our contributors who found these bugs and reported
them! Did you know this is one of the most helpful contributions you can
make to an open-source project? If you find any bugs in Pyrefly we want
to know about them! Please open a bug report issue <a
href="https://github.com/facebook/pyrefly/issues">here</a></p>
<hr />
<h1>📦 Upgrade</h1>
<pre><code>pip install --upgrade pyrefly==0.53.0
</code></pre>
<h2>How to safely upgrade your codebase</h2>
<p>Upgrading the version of Pyrefly you're using or a third-party
library you depend on can reveal new type errors in your code. Fixing
them all at once is often unrealistic. We've written scripts to help you
temporarily silence them. After upgrading, follow these steps:</p>
<ol>
<li><code>pyrefly check --suppress-errors</code></li>
<li>run your code formatter of choice</li>
<li><code>pyrefly check --remove-unused-ignores</code></li>
<li>Repeat until you achieve a clean formatting run and a clean type
check.</li>
</ol>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4b97d416b6"><code>4b97d41</code></a>
Update pyrefly version]</li>
<li><a
href="b6dd8b0878"><code>b6dd8b0</code></a>
Update darling from 0.20.11 to 0.21.3</li>
<li><a
href="91d3ce9fb0"><code>91d3ce9</code></a>
Revert D93807796: add opt-in telemetry to ad_hoc_solve</li>
<li><a
href="98c1de9532"><code>98c1de9</code></a>
add opt-in telemetry to ad_hoc_solve</li>
<li><a
href="0672f4462b"><code>0672f44</code></a>
Replace UpgradeLock with lock-free atomics for module state</li>
<li><a
href="baadc208bc"><code>baadc20</code></a>
Pack Dirty flags into a single u8 with bitwise operations</li>
<li><a
href="5bb3e3fd05"><code>5bb3e3f</code></a>
Remove internal Arc from Exports, use explicit Arc&lt;Exports&gt;</li>
<li><a
href="7ca003c3b7"><code>7ca003c</code></a>
impl Completions: Import suggestions for explicit re-exports. <a
href="https://redirect.github.com/facebook/pyrefly/issues/2207">#2207</a>
(<a
href="https://redirect.github.com/facebook/pyrefly/issues/2416">#2416</a>)</li>
<li><a
href="84b6203337"><code>84b6203</code></a>
Add override threshold for override subsets in the call graph</li>
<li><a
href="c42af6850a"><code>c42af68</code></a>
Support <code>type(\&lt;expr&gt;)</code> as a base class expression</li>
<li>Additional commits viewable in <a
href="https://github.com/facebook/pyrefly/compare/0.52.0...0.54.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pyrefly&package-manager=uv&previous-version=0.52.0&new-version=0.54.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-24 04:11:48 +00:00
dependabot[bot]
218b0471ab Bump uvicorn from 0.40.0 to 0.41.0 in /backend (#1567) 
Bumps [uvicorn](https://github.com/Kludex/uvicorn) from 0.40.0 to
0.41.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/Kludex/uvicorn/releases">uvicorn's
releases</a>.</em></p>
<blockquote>
<h2>Version 0.41.0</h2>
<h2>Added</h2>
<ul>
<li>Add <code>--limit-max-requests-jitter</code> to stagger worker
restarts (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2707">#2707</a>)</li>
<li>Add socket path to <code>scope[&quot;server&quot;]</code> (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2561">#2561</a>)</li>
</ul>
<h2>Changed</h2>
<ul>
<li>Rename <code>LifespanOn.error_occured</code> to
<code>error_occurred</code> (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2776">#2776</a>)</li>
</ul>
<h2>Fixed</h2>
<ul>
<li>Ignore permission denied errors in watchfiles reloader (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2817">#2817</a>)</li>
<li>Ensure lifespan shutdown runs when <code>should_exit</code> is set
during startup (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2812">#2812</a>)</li>
<li>Reduce the log level of 'request limit exceeded' messages (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2788">#2788</a>)</li>
</ul>
<hr />
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/t-kawasumi"><code>@​t-kawasumi</code></a> made
their first contribution in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2776">Kludex/uvicorn#2776</a></li>
<li><a href="https://github.com/fardyn"><code>@​fardyn</code></a> made
their first contribution in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2800">Kludex/uvicorn#2800</a></li>
<li><a href="https://github.com/ewie"><code>@​ewie</code></a> made their
first contribution in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2807">Kludex/uvicorn#2807</a></li>
<li><a href="https://github.com/shevron"><code>@​shevron</code></a> made
their first contribution in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2788">Kludex/uvicorn#2788</a></li>
<li><a href="https://github.com/jonashaag"><code>@​jonashaag</code></a>
made their first contribution in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2707">Kludex/uvicorn#2707</a></li>
</ul>
<hr />
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Kludex/uvicorn/compare/0.40.0...0.41.0">https://github.com/Kludex/uvicorn/compare/0.40.0...0.41.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/Kludex/uvicorn/blob/main/docs/release-notes.md">uvicorn's
changelog</a>.</em></p>
<blockquote>
<h2>0.41.0 (February 16, 2026)</h2>
<h3>Added</h3>
<ul>
<li>Add <code>--limit-max-requests-jitter</code> to stagger worker
restarts (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2707">#2707</a>)</li>
<li>Add socket path to <code>scope[&quot;server&quot;]</code> (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2561">#2561</a>)</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Rename <code>LifespanOn.error_occured</code> to
<code>error_occurred</code> (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2776">#2776</a>)</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Ignore permission denied errors in watchfiles reloader (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2817">#2817</a>)</li>
<li>Ensure lifespan shutdown runs when <code>should_exit</code> is set
during startup (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2812">#2812</a>)</li>
<li>Reduce the log level of 'request limit exceeded' messages (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2788">#2788</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="9283c0f15c"><code>9283c0f</code></a>
Version 0.41.0 (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2821">#2821</a>)</li>
<li><a
href="a01a33eb8f"><code>a01a33e</code></a>
Add <code>--limit-max-requests-jitter</code> to stagger worker restarts
(<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2707">#2707</a>)</li>
<li><a
href="2ce65bde15"><code>2ce65bd</code></a>
Ignore permission denied errors in watchfiles reloader (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2817">#2817</a>)</li>
<li><a
href="654f2ed7d7"><code>654f2ed</code></a>
Ensure lifespan shutdown runs when <code>should_exit</code> is set
during startup (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2812">#2812</a>)</li>
<li><a
href="a03d9f6f0e"><code>a03d9f6</code></a>
Reduce the log level of 'request limit exceeded' messages (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2788">#2788</a>)</li>
<li><a
href="e377de40d0"><code>e377de4</code></a>
Add socket path to scope[&quot;server&quot;] (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2561">#2561</a>)</li>
<li><a
href="0779f7f8a4"><code>0779f7f</code></a>
Poll for readiness in <code>test_multiprocess_health_check</code> and
<code>run_server</code> (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2816">#2816</a>)</li>
<li><a
href="7e9ce2c974"><code>7e9ce2c</code></a>
Poll for PID changes in <code>test_multiprocess_sighup</code> instead of
fixed sleep (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2">#2</a>...</li>
<li><a
href="99f0d8734d"><code>99f0d87</code></a>
Fix grep warning in scripts/sync-version (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2807">#2807</a>)</li>
<li><a
href="7ae2e6375a"><code>7ae2e63</code></a>
chore(deps): bump the python-packages group with 18 updates (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2801">#2801</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/Kludex/uvicorn/compare/0.40.0...0.41.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=uvicorn&package-manager=uv&previous-version=0.40.0&new-version=0.41.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-17 04:12:50 +00:00
dependabot[bot]
cc6e5db260 Bump gunicorn from 25.0.1 to 25.1.0 in /backend (#1566) 
Bumps [gunicorn](https://github.com/benoitc/gunicorn) from 25.0.1 to
25.1.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/benoitc/gunicorn/releases">gunicorn's
releases</a>.</em></p>
<blockquote>
<h2>Gunicorn 25.1.0</h2>
<h3>New Features</h3>
<ul>
<li>
<p><strong>Control Interface (gunicornc)</strong>: Add interactive
control interface for managing
running Gunicorn instances, similar to birdc for BIRD routing daemon
([PR <a
href="https://redirect.github.com/benoitc/gunicorn/issues/3505">#3505</a>](<a
href="https://redirect.github.com/benoitc/gunicorn/pull/3505">benoitc/gunicorn#3505</a>))</p>
<ul>
<li>Unix socket-based communication with JSON protocol</li>
<li>Interactive mode with readline support and command history</li>
<li>Commands: <code>show
all/workers/dirty/config/stats/listeners</code></li>
<li>Worker management: <code>worker add/remove/kill</code>, <code>dirty
add/remove</code></li>
<li>Server control: <code>reload</code>, <code>reopen</code>,
<code>shutdown</code></li>
<li>New settings: <code>--control-socket</code>,
<code>--control-socket-mode</code>,
<code>--no-control-socket</code></li>
<li>New CLI tool: <code>gunicornc</code> for connecting to control
socket</li>
<li>See <a href="https://gunicorn.org/guides/gunicornc/">Control
Interface Guide</a> for details</li>
</ul>
</li>
<li>
<p><strong>Dirty Stash</strong>: Add global shared state between workers
via <code>dirty.stash</code>
([PR <a
href="https://redirect.github.com/benoitc/gunicorn/issues/3503">#3503</a>](<a
href="https://redirect.github.com/benoitc/gunicorn/pull/3503">benoitc/gunicorn#3503</a>))</p>
<ul>
<li>In-memory key-value store accessible by all workers</li>
<li>Supports get, set, delete, clear, keys, and has operations</li>
<li>Useful for sharing state like feature flags, rate limits, or cached
data</li>
</ul>
</li>
<li>
<p><strong>Dirty Binary Protocol</strong>: Implement efficient binary
protocol for dirty arbiter IPC
using TLV (Type-Length-Value) encoding
([PR <a
href="https://redirect.github.com/benoitc/gunicorn/issues/3500">#3500</a>](<a
href="https://redirect.github.com/benoitc/gunicorn/pull/3500">benoitc/gunicorn#3500</a>))</p>
<ul>
<li>More efficient than JSON for binary data</li>
<li>Supports all Python types: str, bytes, int, float, bool, None, list,
dict</li>
<li>Better performance for large payloads</li>
</ul>
</li>
<li>
<p><strong>Dirty TTIN/TTOU Signals</strong>: Add dynamic worker scaling
for dirty arbiters
([PR <a
href="https://redirect.github.com/benoitc/gunicorn/issues/3504">#3504</a>](<a
href="https://redirect.github.com/benoitc/gunicorn/pull/3504">benoitc/gunicorn#3504</a>))</p>
<ul>
<li>Send SIGTTIN to increase dirty workers</li>
<li>Send SIGTTOU to decrease dirty workers</li>
<li>Respects minimum worker constraints from app configurations</li>
</ul>
</li>
</ul>
<h3>Changes</h3>
<ul>
<li><strong>ASGI Worker</strong>: Promoted from beta to stable</li>
<li><strong>Dirty Arbiters</strong>: Now marked as beta feature</li>
</ul>
<h3>Documentation</h3>
<ul>
<li>Fix Markdown formatting in /configure documentation</li>
</ul>
<h2>25.0.3</h2>
<h2>What's Changed</h2>
<h3>Bug Fixes</h3>
<ul>
<li>Fix RuntimeError when StopIteration raised in ASGI coroutine (<a
href="https://redirect.github.com/benoitc/gunicorn/issues/3484">#3484</a>)</li>
<li>Fix passing maxsplit in re.split() as positional argument
(deprecated in Python 3.13)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="2d4310116d"><code>2d43101</code></a>
docs: merge gunicornc into 25.1.0 release</li>
<li><a
href="bf4ad8d610"><code>bf4ad8d</code></a>
docs: update 25.1.0 release date to 2026-02-13</li>
<li><a
href="730350eb9f"><code>730350e</code></a>
Merge pull request <a
href="https://redirect.github.com/benoitc/gunicorn/issues/3505">#3505</a>
from benoitc/feature/gunicornc-control-interface</li>
<li><a
href="63df19bd5c"><code>63df19b</code></a>
fix(tests): use process groups for reliable signal handling in PyPy</li>
<li><a
href="cd77bcc941"><code>cd77bcc</code></a>
fix(tests): increase wait time for all server tests</li>
<li><a
href="02ea9855c1"><code>02ea985</code></a>
fix(tests): improve server test reliability on FreeBSD</li>
<li><a
href="6d81c9ebcd"><code>6d81c9e</code></a>
fix: resolve pylint warnings</li>
<li><a
href="7486baa0ad"><code>7486baa</code></a>
fix: remove unused imports</li>
<li><a
href="3e60d2942d"><code>3e60d29</code></a>
docs: add gunicornc control interface guide</li>
<li><a
href="e05e40d19b"><code>e05e40d</code></a>
feat(ctl): add message-based dirty worker management</li>
<li>Additional commits viewable in <a
href="https://github.com/benoitc/gunicorn/compare/25.0.1...25.1.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gunicorn&package-manager=uv&previous-version=25.0.1&new-version=25.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-17 04:12:37 +00:00
dependabot[bot]
ae3e75764a Bump sentry-sdk from 2.52.0 to 2.53.0 in /backend (#1565) 
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from
2.52.0 to 2.53.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-python/releases">sentry-sdk's
releases</a>.</em></p>
<blockquote>
<h2>2.53.0</h2>
<h3>Bug Fixes 🐛</h3>
<h4>Openai Agents</h4>
<ul>
<li>Patch <code>execute_final_output()</code> functions following
library refactor by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5453">#5453</a></li>
<li>Patch <code>execute_handoffs()</code> functions following library
refactor by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5452">#5452</a></li>
<li>Patch <code>run_single_turn_streamed()</code> functions following
library refactor by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5451">#5451</a></li>
<li>Patch <code>run_single_turn()</code> functions following library
refactor by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5450">#5450</a></li>
<li>Patch models functions following library refactor by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5449">#5449</a></li>
<li>Patch tool functions following library refactor by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5445">#5445</a></li>
</ul>
<h4>Other</h4>
<ul>
<li>Close the connection we're reading driver_type from by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5427">#5427</a></li>
</ul>
<h3>Documentation 📚</h3>
<ul>
<li>Document <code>openai-agents</code> control-flow by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5447">#5447</a></li>
</ul>
<h3>Internal Changes 🔧</h3>
<h4>Openai Agents</h4>
<ul>
<li>New tool field and library error log by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5454">#5454</a></li>
<li>Avoid calling SDK-internal functions by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5437">#5437</a></li>
</ul>
<h4>Other</h4>
<ul>
<li>Improve Craft config with title stripping and artifact filtering by
<a href="https://github.com/BYK"><code>@​BYK</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5444">#5444</a></li>
<li>Use fixed clickhouse action, remove aws-sam-cli dependency by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5457">#5457</a></li>
<li>Remove references to unsupported attribute types by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5425">#5425</a></li>
<li>Pin setuptools for linting and chalice tests by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5438">#5438</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md">sentry-sdk's
changelog</a>.</em></p>
<blockquote>
<h2>2.53.0</h2>
<h3>Bug Fixes 🐛</h3>
<h4>Openai Agents</h4>
<ul>
<li>Patch <code>execute_final_output()</code> functions following
library refactor by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5453">#5453</a></li>
<li>Patch <code>execute_handoffs()</code> functions following library
refactor by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5452">#5452</a></li>
<li>Patch <code>run_single_turn_streamed()</code> functions following
library refactor by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5451">#5451</a></li>
<li>Patch <code>run_single_turn()</code> functions following library
refactor by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5450">#5450</a></li>
<li>Patch models functions following library refactor by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5449">#5449</a></li>
<li>Patch tool functions following library refactor by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5445">#5445</a></li>
</ul>
<h4>Other</h4>
<ul>
<li>Close the connection we're reading driver_type from by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5427">#5427</a></li>
</ul>
<h3>Documentation 📚</h3>
<ul>
<li>Document <code>openai-agents</code> control-flow by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5447">#5447</a></li>
</ul>
<h3>Internal Changes 🔧</h3>
<h4>Openai Agents</h4>
<ul>
<li>New tool field and library error log by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5454">#5454</a></li>
<li>Avoid calling SDK-internal functions by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5437">#5437</a></li>
</ul>
<h4>Other</h4>
<ul>
<li>Improve Craft config with title stripping and artifact filtering by
<a href="https://github.com/BYK"><code>@​BYK</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5444">#5444</a></li>
<li>Use fixed clickhouse action, remove aws-sam-cli dependency by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5457">#5457</a></li>
<li>Remove references to unsupported attribute types by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5425">#5425</a></li>
<li>Pin setuptools for linting and chalice tests by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5438">#5438</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f75a9ac105"><code>f75a9ac</code></a>
Update CHANGELOG.md</li>
<li><a
href="b700fa85d8"><code>b700fa8</code></a>
Update CHANGELOG.md</li>
<li><a
href="45379e206c"><code>45379e2</code></a>
release: 2.53.0</li>
<li><a
href="4d8faf347b"><code>4d8faf3</code></a>
test(openai-agents): New tool field and library error log (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5454">#5454</a>)</li>
<li><a
href="d3e2c88a9f"><code>d3e2c88</code></a>
fix(openai-agents): Patch <code>execute_final_output()</code> functions
following librar...</li>
<li><a
href="f71a60450a"><code>f71a604</code></a>
fix(openai-agents): Patch <code>execute_handoffs()</code> functions
following library re...</li>
<li><a
href="bea608c3aa"><code>bea608c</code></a>
fix(openai-agents): Patch <code>run_single_turn_streamed()</code>
functions following li...</li>
<li><a
href="14e3e0a0a0"><code>14e3e0a</code></a>
fix(openai-agents): Patch <code>run_single_turn()</code> functions
following library ref...</li>
<li><a
href="a5c2906a48"><code>a5c2906</code></a>
fix(openai-agents): Patch models functions following library refactor
(<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5449">#5449</a>)</li>
<li><a
href="f78df7c017"><code>f78df7c</code></a>
ci: Use fixed clickhouse action, remove aws-sam-cli dependency (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5457">#5457</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/getsentry/sentry-python/compare/2.52.0...2.53.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry-sdk&package-manager=uv&previous-version=2.52.0&new-version=2.53.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-17 04:12:23 +00:00
dependabot[bot]
8747e1727e Bump pydantic-settings from 2.12.0 to 2.13.0 in /backend (#1564) 
Bumps [pydantic-settings](https://github.com/pydantic/pydantic-settings)
from 2.12.0 to 2.13.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pydantic/pydantic-settings/releases">pydantic-settings's
releases</a>.</em></p>
<blockquote>
<h2>v2.13.0</h2>
<h2>What's Changed</h2>
<ul>
<li>fix: Deterministic alias selection when using validate_by_name by <a
href="https://github.com/chbndrhnns"><code>@​chbndrhnns</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/707">pydantic/pydantic-settings#707</a></li>
<li>add deep merge functionality to config file sources by <a
href="https://github.com/pmeier"><code>@​pmeier</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/698">pydantic/pydantic-settings#698</a></li>
<li>Add support for AWS Secrets Manager VersionId parameter by <a
href="https://github.com/jcyamacho"><code>@​jcyamacho</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/708">pydantic/pydantic-settings#708</a></li>
<li>bugfix: Return <code>None</code> for inaccessible GCP Secret Manager
secrets by <a
href="https://github.com/zaphod72"><code>@​zaphod72</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/712">pydantic/pydantic-settings#712</a></li>
<li>Bugfix for cli_kebab_case=&quot;all&quot; and CliImplicitFlag[bool]
by <a href="https://github.com/Digity101"><code>@​Digity101</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/702">pydantic/pydantic-settings#702</a></li>
<li>Unpack type alisases when looking for <code>NoDecode</code> by <a
href="https://github.com/tselepakis"><code>@​tselepakis</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/695">pydantic/pydantic-settings#695</a></li>
<li>CliToggleFlag and CliDualFlag by <a
href="https://github.com/kschwab"><code>@​kschwab</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/717">pydantic/pydantic-settings#717</a></li>
<li>Fix for CLI duplicate enum field values. by <a
href="https://github.com/kschwab"><code>@​kschwab</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/722">pydantic/pydantic-settings#722</a></li>
<li>fixed load nested config from env by <a
href="https://github.com/Sube-py"><code>@​Sube-py</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/723">pydantic/pydantic-settings#723</a></li>
<li>Add non-Path files support (for example Traversable) and open files
using Path.open method by <a
href="https://github.com/mahenzon"><code>@​mahenzon</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/724">pydantic/pydantic-settings#724</a></li>
<li>add one more traversable test by <a
href="https://github.com/mahenzon"><code>@​mahenzon</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/725">pydantic/pydantic-settings#725</a></li>
<li>CLI fix fox external list args. by <a
href="https://github.com/kschwab"><code>@​kschwab</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/727">pydantic/pydantic-settings#727</a></li>
<li>fix: handle case-insensitive retrieval in
GoogleSecretManagerSettingsSource by <a
href="https://github.com/ezwiefel"><code>@​ezwiefel</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/730">pydantic/pydantic-settings#730</a></li>
<li>CLI test fixes for help text formatting. by <a
href="https://github.com/kschwab"><code>@​kschwab</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/735">pydantic/pydantic-settings#735</a></li>
<li>Avoid conflicts with the <code>NAME</code> environment variable in
WSL by <a href="https://github.com/kzrnm"><code>@​kzrnm</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/747">pydantic/pydantic-settings#747</a></li>
<li>fix: When restoring init kwargs, use deterministic order by <a
href="https://github.com/chbndrhnns"><code>@​chbndrhnns</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/746">pydantic/pydantic-settings#746</a></li>
<li>Add env_prefix_target by <a
href="https://github.com/kzrnm"><code>@​kzrnm</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/749">pydantic/pydantic-settings#749</a></li>
<li>Remove <code>(default: …)</code> in the help message for
<code>CliToggleFlag</code> by <a
href="https://github.com/kzrnm"><code>@​kzrnm</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/740">pydantic/pydantic-settings#740</a></li>
<li>Add support for CLI serialize styles. by <a
href="https://github.com/kschwab"><code>@​kschwab</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/755">pydantic/pydantic-settings#755</a></li>
<li>Add support for overriding default help on CLI internal parser. by
<a href="https://github.com/kschwab"><code>@​kschwab</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/758">pydantic/pydantic-settings#758</a></li>
<li>CLI format_help method support by <a
href="https://github.com/kschwab"><code>@​kschwab</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/759">pydantic/pydantic-settings#759</a></li>
<li>feat(gcp): support SecretVersion annotation for per-field secret
versioning by <a
href="https://github.com/ezwiefel"><code>@​ezwiefel</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/763">pydantic/pydantic-settings#763</a></li>
<li>Allow <code>snake_case_conversion</code> with
<code>env_prefix</code> for Azure Key Vault source by <a
href="https://github.com/cstarkers"><code>@​cstarkers</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/762">pydantic/pydantic-settings#762</a></li>
<li>fix: Only override preferred_key when no value was found by <a
href="https://github.com/chbndrhnns"><code>@​chbndrhnns</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/767">pydantic/pydantic-settings#767</a></li>
<li>Update deps by <a
href="https://github.com/hramezani"><code>@​hramezani</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/768">pydantic/pydantic-settings#768</a></li>
<li>CLI coerce numeric types. by <a
href="https://github.com/kschwab"><code>@​kschwab</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/769">pydantic/pydantic-settings#769</a></li>
<li>CLI Union Discriminator Choices in Help by <a
href="https://github.com/kschwab"><code>@​kschwab</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/764">pydantic/pydantic-settings#764</a></li>
<li>Add nested path support for yaml_config_section (fixes <a
href="https://redirect.github.com/pydantic/pydantic-settings/issues/772">#772</a>)
by <a
href="https://github.com/hugo-romero-mm"><code>@​hugo-romero-mm</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/773">pydantic/pydantic-settings#773</a></li>
<li>Prepare release 2.13.0 by <a
href="https://github.com/hramezani"><code>@​hramezani</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/777">pydantic/pydantic-settings#777</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/pmeier"><code>@​pmeier</code></a> made
their first contribution in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/698">pydantic/pydantic-settings#698</a></li>
<li><a href="https://github.com/jcyamacho"><code>@​jcyamacho</code></a>
made their first contribution in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/708">pydantic/pydantic-settings#708</a></li>
<li><a href="https://github.com/zaphod72"><code>@​zaphod72</code></a>
made their first contribution in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/712">pydantic/pydantic-settings#712</a></li>
<li><a href="https://github.com/Digity101"><code>@​Digity101</code></a>
made their first contribution in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/702">pydantic/pydantic-settings#702</a></li>
<li><a href="https://github.com/Sube-py"><code>@​Sube-py</code></a> made
their first contribution in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/723">pydantic/pydantic-settings#723</a></li>
<li><a href="https://github.com/mahenzon"><code>@​mahenzon</code></a>
made their first contribution in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/724">pydantic/pydantic-settings#724</a></li>
<li><a href="https://github.com/kzrnm"><code>@​kzrnm</code></a> made
their first contribution in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/747">pydantic/pydantic-settings#747</a></li>
<li><a href="https://github.com/cstarkers"><code>@​cstarkers</code></a>
made their first contribution in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/762">pydantic/pydantic-settings#762</a></li>
<li><a
href="https://github.com/hugo-romero-mm"><code>@​hugo-romero-mm</code></a>
made their first contribution in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/773">pydantic/pydantic-settings#773</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/pydantic/pydantic-settings/compare/v2.12.0...v2.13.0">https://github.com/pydantic/pydantic-settings/compare/v2.12.0...v2.13.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="198e71cf0c"><code>198e71c</code></a>
Prepare release 2.13.0 (<a
href="https://redirect.github.com/pydantic/pydantic-settings/issues/777">#777</a>)</li>
<li><a
href="de71e84057"><code>de71e84</code></a>
Add nested path support for yaml_config_section (fixes <a
href="https://redirect.github.com/pydantic/pydantic-settings/issues/772">#772</a>)
(<a
href="https://redirect.github.com/pydantic/pydantic-settings/issues/773">#773</a>)</li>
<li><a
href="0f8f951b89"><code>0f8f951</code></a>
CLI Union Discriminator Choices in Help (<a
href="https://redirect.github.com/pydantic/pydantic-settings/issues/764">#764</a>)</li>
<li><a
href="ce9804c462"><code>ce9804c</code></a>
CLI coerce numeric types. (<a
href="https://redirect.github.com/pydantic/pydantic-settings/issues/769">#769</a>)</li>
<li><a
href="e460f0b4d8"><code>e460f0b</code></a>
Update deps (<a
href="https://redirect.github.com/pydantic/pydantic-settings/issues/768">#768</a>)</li>
<li><a
href="a04b03450e"><code>a04b034</code></a>
fix: Only override preferred_key when no value was found (<a
href="https://redirect.github.com/pydantic/pydantic-settings/issues/767">#767</a>)</li>
<li><a
href="f6ddaee324"><code>f6ddaee</code></a>
Allow <code>snake_case_conversion</code> with <code>env_prefix</code>
for Azure Key Vault source (#...</li>
<li><a
href="6ce78bcfb7"><code>6ce78bc</code></a>
feat(gcp): support SecretVersion annotation for per-field secret
versioning (...</li>
<li><a
href="21c7093837"><code>21c7093</code></a>
CLI format_help method support (<a
href="https://redirect.github.com/pydantic/pydantic-settings/issues/759">#759</a>)</li>
<li><a
href="0e96e9c27e"><code>0e96e9c</code></a>
Add support for overriding default help on CLI internal parser. (<a
href="https://redirect.github.com/pydantic/pydantic-settings/issues/758">#758</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/pydantic/pydantic-settings/compare/v2.12.0...v2.13.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pydantic-settings&package-manager=uv&previous-version=2.12.0&new-version=2.13.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-17 04:12:12 +00:00
dependabot[bot]
b533d87634 Bump pyrefly from 0.51.0 to 0.52.0 in /backend (#1559) 
Bumps [pyrefly](https://github.com/facebook/pyrefly) from 0.51.0 to
0.52.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="fb7a49086f"><code>fb7a490</code></a>
Update pyrefly version]</li>
<li><a
href="eda9e11b1a"><code>eda9e11</code></a>
fix stale config during indexing</li>
<li><a
href="ee77b4b497"><code>ee77b4b</code></a>
Avoid HashMap in bindings</li>
<li><a
href="6de02a9280"><code>6de02a9</code></a>
Rearrange code (no actual edits)</li>
<li><a
href="2b4f85ceff"><code>2b4f85c</code></a>
Express HasPlaceholder in the Scc state checks</li>
<li><a
href="4725cce2f2"><code>4725cce</code></a>
Bump proc-macro2 1.0.105 -&gt; 1.0.106</li>
<li><a
href="af7396b333"><code>af7396b</code></a>
Use UTF-8 encoding when exporting locations from Pyrefly</li>
<li><a
href="ab9e4d26b2"><code>ab9e4d2</code></a>
Add location test for special symbols in string literals</li>
<li><a
href="b1fe95d2c4"><code>b1fe95d</code></a>
cap concrete tuple size (<a
href="https://redirect.github.com/facebook/pyrefly/issues/2348">#2348</a>)</li>
<li><a
href="622f03b0d8"><code>622f03b</code></a>
cap literal string size (<a
href="https://redirect.github.com/facebook/pyrefly/issues/2347">#2347</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/facebook/pyrefly/compare/0.51.0...0.52.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pyrefly&package-manager=uv&previous-version=0.51.0&new-version=0.52.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-10 04:13:03 +00:00
dependabot[bot]
8a99aef6e7 Bump ruff from 0.14.4 to 0.15.0 in /backend (#1557) 
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.14.4 to 0.15.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/astral-sh/ruff/releases">ruff's
releases</a>.</em></p>
<blockquote>
<h2>0.15.0</h2>
<h2>Release Notes</h2>
<p>Released on 2026-02-03.</p>
<p>Check out the <a href="https://astral.sh/blog/ruff-v0.15.0">blog
post</a> for a migration guide and overview of the changes!</p>
<h3>Breaking changes</h3>
<ul>
<li>
<p>Ruff now formats your code according to the 2026 style guide. See the
formatter section below or in the blog post for a detailed list of
changes.</p>
</li>
<li>
<p>The linter now supports block suppression comments. For example, to
suppress <code>N803</code> for all parameters in this function:</p>
<pre lang="python"><code># ruff: disable[N803]
def foo(
    legacyArg1,
    legacyArg2,
    legacyArg3,
    legacyArg4,
): ...
# ruff: enable[N803]
</code></pre>
<p>See the <a
href="https://docs.astral.sh/ruff/linter/#block-level">documentation</a>
for more details.</p>
</li>
<li>
<p>The <code>ruff:alpine</code> Docker image is now based on Alpine 3.23
(up from 3.21).</p>
</li>
<li>
<p>The <code>ruff:debian</code> and <code>ruff:debian-slim</code> Docker
images are now based on Debian 13 &quot;Trixie&quot; instead of Debian
12 &quot;Bookworm.&quot;</p>
</li>
<li>
<p>Binaries for the <code>ppc64</code> (64-bit big-endian PowerPC)
architecture are no longer included in our releases. It should still be
possible to build Ruff manually for this platform, if needed.</p>
</li>
<li>
<p>Ruff now resolves all <code>extend</code>ed configuration files
before falling back on a default Python version.</p>
</li>
</ul>
<h3>Stabilization</h3>
<p>The following rules have been stabilized and are no longer in
preview:</p>
<ul>
<li><a
href="https://docs.astral.sh/ruff/rules/blocking-http-call-httpx-in-async-function"><code>blocking-http-call-httpx-in-async-function</code></a>
(<code>ASYNC212</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/blocking-path-method-in-async-function"><code>blocking-path-method-in-async-function</code></a>
(<code>ASYNC240</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/blocking-input-in-async-function"><code>blocking-input-in-async-function</code></a>
(<code>ASYNC250</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/map-without-explicit-strict"><code>map-without-explicit-strict</code></a>
(<code>B912</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/if-exp-instead-of-or-operator"><code>if-exp-instead-of-or-operator</code></a>
(<code>FURB110</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/single-item-membership-test"><code>single-item-membership-test</code></a>
(<code>FURB171</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/missing-maxsplit-arg"><code>missing-maxsplit-arg</code></a>
(<code>PLC0207</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/unnecessary-lambda"><code>unnecessary-lambda</code></a>
(<code>PLW0108</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/unnecessary-empty-iterable-within-deque-call"><code>unnecessary-empty-iterable-within-deque-call</code></a>
(<code>RUF037</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/in-empty-collection"><code>in-empty-collection</code></a>
(<code>RUF060</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/legacy-form-pytest-raises"><code>legacy-form-pytest-raises</code></a>
(<code>RUF061</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/non-octal-permissions"><code>non-octal-permissions</code></a>
(<code>RUF064</code>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md">ruff's
changelog</a>.</em></p>
<blockquote>
<h2>0.15.0</h2>
<p>Released on 2026-02-03.</p>
<p>Check out the <a href="https://astral.sh/blog/ruff-v0.15.0">blog
post</a> for a migration
guide and overview of the changes!</p>
<h3>Breaking changes</h3>
<ul>
<li>
<p>Ruff now formats your code according to the 2026 style guide. See the
formatter section below or in the blog post for a detailed list of
changes.</p>
</li>
<li>
<p>The linter now supports block suppression comments. For example, to
suppress <code>N803</code> for all parameters in this function:</p>
<pre lang="python"><code># ruff: disable[N803]
def foo(
    legacyArg1,
    legacyArg2,
    legacyArg3,
    legacyArg4,
): ...
# ruff: enable[N803]
</code></pre>
<p>See the <a
href="https://docs.astral.sh/ruff/linter/#block-level">documentation</a>
for more details.</p>
</li>
<li>
<p>The <code>ruff:alpine</code> Docker image is now based on Alpine 3.23
(up from 3.21).</p>
</li>
<li>
<p>The <code>ruff:debian</code> and <code>ruff:debian-slim</code> Docker
images are now based on Debian 13 &quot;Trixie&quot; instead of Debian
12 &quot;Bookworm.&quot;</p>
</li>
<li>
<p>Binaries for the <code>ppc64</code> (64-bit big-endian PowerPC)
architecture are no longer included in our releases. It should still be
possible to build Ruff manually for this platform, if needed.</p>
</li>
<li>
<p>Ruff now resolves all <code>extend</code>ed configuration files
before falling back on a default Python version.</p>
</li>
</ul>
<h3>Stabilization</h3>
<p>The following rules have been stabilized and are no longer in
preview:</p>
<ul>
<li><a
href="https://docs.astral.sh/ruff/rules/blocking-http-call-httpx-in-async-function"><code>blocking-http-call-httpx-in-async-function</code></a>
(<code>ASYNC212</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/blocking-path-method-in-async-function"><code>blocking-path-method-in-async-function</code></a>
(<code>ASYNC240</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/blocking-input-in-async-function"><code>blocking-input-in-async-function</code></a>
(<code>ASYNC250</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/map-without-explicit-strict"><code>map-without-explicit-strict</code></a>
(<code>B912</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/if-exp-instead-of-or-operator"><code>if-exp-instead-of-or-operator</code></a>
(<code>FURB110</code>)</li>
<li><a
href="https://docs.astral.sh/ruff/rules/single-item-membership-test"><code>single-item-membership-test</code></a>
(<code>FURB171</code>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ce5f7b6127"><code>ce5f7b6</code></a>
Bump 0.15.0 (<a
href="https://redirect.github.com/astral-sh/ruff/issues/23055">#23055</a>)</li>
<li><a
href="b4e40f539c"><code>b4e40f5</code></a>
[ty] Fix <code>__contains__</code> to respect descriptors (<a
href="https://redirect.github.com/astral-sh/ruff/issues/23056">#23056</a>)</li>
<li><a
href="848cb72dc1"><code>848cb72</code></a>
[ty] Fix narrowing of nonlocal variables with conditional assignments
(<a
href="https://redirect.github.com/astral-sh/ruff/issues/22966">#22966</a>)</li>
<li><a
href="da7f33af22"><code>da7f33a</code></a>
[ty] Add a diagnostic for <code>Final</code> without assignment (<a
href="https://redirect.github.com/astral-sh/ruff/issues/23001">#23001</a>)</li>
<li><a
href="e65f9a6b03"><code>e65f9a6</code></a>
Document markdown formatting feature (<a
href="https://redirect.github.com/astral-sh/ruff/issues/22990">#22990</a>)</li>
<li><a
href="c0c1b985c9"><code>c0c1b98</code></a>
Format markdown code blocks with line-by-line regex parse (<a
href="https://redirect.github.com/astral-sh/ruff/issues/22996">#22996</a>)</li>
<li><a
href="9f8f3e196b"><code>9f8f3e1</code></a>
Allow positional-only params with defaults in method overrides (<a
href="https://redirect.github.com/astral-sh/ruff/issues/23037">#23037</a>)</li>
<li><a
href="ef83810e11"><code>ef83810</code></a>
[ty] ecosystem-analyzer: Support bare git repositories (<a
href="https://redirect.github.com/astral-sh/ruff/issues/23054">#23054</a>)</li>
<li><a
href="54dfee4cb8"><code>54dfee4</code></a>
Customize where the <code>fix_title</code> sub-diagnostic appears (<a
href="https://redirect.github.com/astral-sh/ruff/issues/23044">#23044</a>)</li>
<li><a
href="b53460799b"><code>b534607</code></a>
2026 Ruff Formatter Style (<a
href="https://redirect.github.com/astral-sh/ruff/issues/22735">#22735</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/astral-sh/ruff/compare/0.14.4...0.15.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ruff&package-manager=uv&previous-version=0.14.4&new-version=0.15.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-10 04:12:50 +00:00
dependabot[bot]
47089d7ffa Bump fastapi-sso from 0.19.0 to 0.20.0 in /backend (#1558) 
Bumps [fastapi-sso](https://github.com/tomasvotava/fastapi-sso) from
0.19.0 to 0.20.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tomasvotava/fastapi-sso/releases">fastapi-sso's
releases</a>.</em></p>
<blockquote>
<h2>0.20.0</h2>
<h2>What's Changed</h2>
<ul>
<li>chore(deps): bump the all group across 1 directory with 3 updates by
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tomasvotava/fastapi-sso/pull/270">tomasvotava/fastapi-sso#270</a></li>
<li>chore(deps): bump the all group across 1 directory with 5 updates by
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tomasvotava/fastapi-sso/pull/273">tomasvotava/fastapi-sso#273</a></li>
<li>feat: Add soundcloud provider by <a
href="https://github.com/john-9474"><code>@​john-9474</code></a> in <a
href="https://redirect.github.com/tomasvotava/fastapi-sso/pull/272">tomasvotava/fastapi-sso#272</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/john-9474"><code>@​john-9474</code></a>
made their first contribution in <a
href="https://redirect.github.com/tomasvotava/fastapi-sso/pull/272">tomasvotava/fastapi-sso#272</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/tomasvotava/fastapi-sso/compare/0.19.0...0.20.0">https://github.com/tomasvotava/fastapi-sso/compare/0.19.0...0.20.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="60380bba7f"><code>60380bb</code></a>
bump: =&gt; v0.20.0</li>
<li><a
href="33d64d0024"><code>33d64d0</code></a>
feat: Add soundcloud provider (<a
href="https://redirect.github.com/tomasvotava/fastapi-sso/issues/272">#272</a>)</li>
<li><a
href="89a1d9a641"><code>89a1d9a</code></a>
chore(deps): bump the all group across 1 directory with 5 updates (<a
href="https://redirect.github.com/tomasvotava/fastapi-sso/issues/273">#273</a>)</li>
<li><a
href="079dc22aa7"><code>079dc22</code></a>
chore(deps): bump the all group across 1 directory with 3 updates (<a
href="https://redirect.github.com/tomasvotava/fastapi-sso/issues/270">#270</a>)</li>
<li><a
href="0b6a2433e7"><code>0b6a243</code></a>
docs: fix security notice order</li>
<li>See full diff in <a
href="https://github.com/tomasvotava/fastapi-sso/compare/0.19.0...0.20.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=fastapi-sso&package-manager=uv&previous-version=0.19.0&new-version=0.20.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-10 04:12:32 +00:00
dependabot[bot]
2b45c6cb40 Bump sentry-sdk from 2.51.0 to 2.52.0 in /backend (#1556) 
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from
2.51.0 to 2.52.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-python/releases">sentry-sdk's
releases</a>.</em></p>
<blockquote>
<h2>2.52.0</h2>
<h3>New Features </h3>
<h4>Other</h4>
<ul>
<li>feat(integration): add <code>gen_ai.conversation.id</code> if
available by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5307">#5307</a></li>
</ul>
<h3>Bug Fixes 🐛</h3>
<h4>Google Genai</h4>
<ul>
<li>fix(google-genai): Token reporting by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5404">#5404</a></li>
<li>fix(google-genai): deactivate google genai when langchain is used by
<a href="https://github.com/shellmayr"><code>@​shellmayr</code></a> in
<a
href="https://redirect.github.com/getsentry/sentry-python/pull/5389">#5389</a></li>
</ul>
<h4>Mcp</h4>
<ul>
<li>fix(mcp): Nest MCP spans under HTTP transactions by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5292">#5292</a></li>
<li>fix(mcp): Handle all awaitable return types by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5415">#5415</a></li>
</ul>
<h4>Other</h4>
<ul>
<li>fix(anthropic): Token reporting by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5403">#5403</a></li>
<li>fix(arq): handle settings_cls passed as keyword argument by <a
href="https://github.com/nc9"><code>@​nc9</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5393">#5393</a></li>
<li>fix(dramatiq): cleanup isolated scope and transaction when message
is skipped by <a
href="https://github.com/frankie567"><code>@​frankie567</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5346">#5346</a></li>
<li>fix(openai): Token reporting by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5406">#5406</a></li>
<li>fix(openai-agents): Inject propagation headers for
<code>HostedMCPTool</code> when streaming by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5405">#5405</a></li>
<li>fix: Fix list attribute type by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5417">#5417</a></li>
<li>fix: Adapt to new packaging in toxgen by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5382">#5382</a></li>
</ul>
<h3>Internal Changes 🔧</h3>
<h4>Fastmcp</h4>
<ul>
<li>test(fastmcp): Wrap prompt in <code>Message</code> by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5411">#5411</a></li>
<li>test(fastmcp): Remove
<code>test_fastmcp_without_request_context()</code> by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5412">#5412</a></li>
<li>test(fastmcp): Use <code>AsyncClient</code> for SSE by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5400">#5400</a></li>
<li>test(fastmcp): Use <code>TestClient</code> for Streamable HTTP by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5384">#5384</a></li>
<li>test(fastmcp): Simulate stdio transport with memory streams by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5333">#5333</a></li>
</ul>
<h4>Mcp</h4>
<ul>
<li>test(mcp): Use <code>AsyncClient</code> for SSE by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5396">#5396</a></li>
<li>test(mcp): Use <code>TestClient</code> for Streamable HTTP by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5383">#5383</a></li>
<li>test(mcp): Remove unused stdio helpers by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5409">#5409</a></li>
<li>test(mcp): Simulate stdio transport with memory streams by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5329">#5329</a></li>
</ul>
<h4>Other</h4>
<ul>
<li>ci: Fix lint step by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5418">#5418</a></li>
<li>ci: 🤖 Update test matrix with new releases (02/02) by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5413">#5413</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md">sentry-sdk's
changelog</a>.</em></p>
<blockquote>
<h2>2.52.0</h2>
<h3>New Features </h3>
<h4>Other</h4>
<ul>
<li>feat(integration): add <code>gen_ai.conversation.id</code> if
available by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5307">#5307</a></li>
</ul>
<h3>Bug Fixes 🐛</h3>
<h4>Google Genai</h4>
<ul>
<li>fix(google-genai): Token reporting by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5404">#5404</a></li>
<li>fix(google-genai): deactivate google genai when langchain is used by
<a href="https://github.com/shellmayr"><code>@​shellmayr</code></a> in
<a
href="https://redirect.github.com/getsentry/sentry-python/pull/5389">#5389</a></li>
</ul>
<h4>Mcp</h4>
<ul>
<li>fix(mcp): Nest MCP spans under HTTP transactions by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5292">#5292</a></li>
<li>fix(mcp): Handle all awaitable return types by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5415">#5415</a></li>
</ul>
<h4>Other</h4>
<ul>
<li>fix(anthropic): Token reporting by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5403">#5403</a></li>
<li>fix(arq): handle settings_cls passed as keyword argument by <a
href="https://github.com/nc9"><code>@​nc9</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5393">#5393</a></li>
<li>fix(dramatiq): cleanup isolated scope and transaction when message
is skipped by <a
href="https://github.com/frankie567"><code>@​frankie567</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5346">#5346</a></li>
<li>fix(openai): Token reporting by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5406">#5406</a></li>
<li>fix(openai-agents): Inject propagation headers for
<code>HostedMCPTool</code> when streaming by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5405">#5405</a></li>
<li>fix: Fix list attribute type by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5417">#5417</a></li>
<li>fix: Adapt to new packaging in toxgen by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5382">#5382</a></li>
</ul>
<h3>Internal Changes 🔧</h3>
<h4>Fastmcp</h4>
<ul>
<li>test(fastmcp): Wrap prompt in <code>Message</code> by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5411">#5411</a></li>
<li>test(fastmcp): Remove
<code>test_fastmcp_without_request_context()</code> by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5412">#5412</a></li>
<li>test(fastmcp): Use <code>AsyncClient</code> for SSE by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5400">#5400</a></li>
<li>test(fastmcp): Use <code>TestClient</code> for Streamable HTTP by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5384">#5384</a></li>
<li>test(fastmcp): Simulate stdio transport with memory streams by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5333">#5333</a></li>
</ul>
<h4>Mcp</h4>
<ul>
<li>test(mcp): Use <code>AsyncClient</code> for SSE by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5396">#5396</a></li>
<li>test(mcp): Use <code>TestClient</code> for Streamable HTTP by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5383">#5383</a></li>
<li>test(mcp): Remove unused stdio helpers by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5409">#5409</a></li>
<li>test(mcp): Simulate stdio transport with memory streams by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5329">#5329</a></li>
</ul>
<h4>Other</h4>
<ul>
<li>ci: Fix lint step by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5418">#5418</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="bcec57806f"><code>bcec578</code></a>
Update CHANGELOG.md</li>
<li><a
href="3d2154ce57"><code>3d2154c</code></a>
release: 2.52.0</li>
<li><a
href="3bb163a77a"><code>3bb163a</code></a>
fix(mcp): Nest MCP spans under HTTP transactions (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5292">#5292</a>)</li>
<li><a
href="bf0a683137"><code>bf0a683</code></a>
fix(mcp): Handle all awaitable return types (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5415">#5415</a>)</li>
<li><a
href="656a5c26b8"><code>656a5c2</code></a>
Revert &quot;feat(ai): Add original input length meta attribute (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5375">#5375</a>)&quot;
(<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5419">#5419</a>)</li>
<li><a
href="78eca96e1d"><code>78eca96</code></a>
fix: Fix list attribute type (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5417">#5417</a>)</li>
<li><a
href="2ffa865672"><code>2ffa865</code></a>
ci: Fix lint step (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5418">#5418</a>)</li>
<li><a
href="d2b7d5eadf"><code>d2b7d5e</code></a>
feat(integration): add <code>gen_ai.conversation.id</code> if available
(<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5307">#5307</a>)</li>
<li><a
href="11d68ee48c"><code>11d68ee</code></a>
fix(google-genai): Token reporting (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5404">#5404</a>)</li>
<li><a
href="78c6011c76"><code>78c6011</code></a>
fix(anthropic): Token reporting (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5403">#5403</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/getsentry/sentry-python/compare/2.51.0...2.52.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry-sdk&package-manager=uv&previous-version=2.51.0&new-version=2.52.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-10 04:12:19 +00:00
dependabot[bot]
d217cb4e77 Bump pyrefly from 0.50.0 to 0.51.0 in /backend (#1549) 
Bumps [pyrefly](https://github.com/facebook/pyrefly) from 0.50.0 to
0.51.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="1877edc645"><code>1877edc</code></a>
Update pyrefly version]</li>
<li><a
href="cb5f5d7ba5"><code>cb5f5d7</code></a>
Make Unions take less space</li>
<li><a
href="8b5434f1c5"><code>8b5434f</code></a>
Add <code>openlibrary</code> back to the blocklist</li>
<li><a
href="87f0990a71"><code>87f0990</code></a>
Fix pyrefly buck/cargo config</li>
<li><a
href="ddd20cc2e9"><code>ddd20cc</code></a>
Remove old get() method from LookupExport trait</li>
<li><a
href="e2aed196e7"><code>e2aed19</code></a>
Convert alt/class/django.rs to use new LookupExport API</li>
<li><a
href="0dcfcaef77"><code>0dcfcae</code></a>
Convert alt/attr.rs to use new LookupExport API</li>
<li><a
href="bcf03acf00"><code>bcf03ac</code></a>
Convert binding/scope.rs to use new LookupExport API</li>
<li><a
href="7092671918"><code>7092671</code></a>
Convert binding/bindings.rs to use new LookupExport API</li>
<li><a
href="971a115480"><code>971a115</code></a>
Convert binding/stmt.rs to use new LookupExport API</li>
<li>Additional commits viewable in <a
href="https://github.com/facebook/pyrefly/compare/0.50.0...0.51.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pyrefly&package-manager=uv&previous-version=0.50.0&new-version=0.51.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-03 06:41:14 +00:00
dependabot[bot]
49a82f349d Bump sentry-sdk from 2.50.0 to 2.51.0 in /backend (#1550) 
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from
2.50.0 to 2.51.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-python/releases">sentry-sdk's
releases</a>.</em></p>
<blockquote>
<h2>2.51.0</h2>
<h3>New Features </h3>
<h4>Openai</h4>
<ul>
<li>feat(openai): Set system instruction attribute for Responses API by
<a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5376">#5376</a></li>
<li>feat(openai): Set system instruction attribute for Completions API
by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5358">#5358</a></li>
<li>feat(integrations): OpenAI/OpenAI Agents detect and report the time
to first token metric (TTFT) as
<code>gen_ai.response.time_to_first_token</code> by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5348">#5348</a></li>
</ul>
<h4>Openai Agents</h4>
<ul>
<li>feat(openai-agents): Set system instruction attribute on
<code>gen_ai.chat</code> spans by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5370">#5370</a></li>
<li>feat(openai-agents): Set system instruction attribute by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5355">#5355</a></li>
<li>feat(integrations): openai-agents streaming support by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5291">#5291</a></li>
</ul>
<h4>Other</h4>
<ul>
<li>feat(ai): Add original input length meta attribute by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5375">#5375</a></li>
<li>feat(anthropic): Set system instruction attribute by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5353">#5353</a></li>
<li>feat(asyncio): Allow to turn task spans off by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5367">#5367</a></li>
<li>feat(gen_ai): add function <code>set_conversation_id</code> and
managing functions on the Scope and apply it on the Span on
<code>.finish()</code> by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5362">#5362</a></li>
<li>feat(google-genai): Set system instruction attribute by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5354">#5354</a></li>
<li>feat(langchain): Set system instruction attribute by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5357">#5357</a></li>
<li>feat(pydantic-ai): Set system instruction attribute by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5356">#5356</a></li>
<li>feat(transport): Report 413 responses for oversized envelopes by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5380">#5380</a></li>
</ul>
<h3>Bug Fixes 🐛</h3>
<ul>
<li>fix(ai): Keep single content input message by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5345">#5345</a></li>
</ul>
<h3>Internal Changes 🔧</h3>
<ul>
<li>ci(release): Fix changelog-preview permissions by <a
href="https://github.com/BYK"><code>@​BYK</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5368">#5368</a></li>
<li>ref: Replace <code>set_data_normalized()</code> with
<code>Span.set_data()</code> for system instructions by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5374">#5374</a></li>
<li>ci: Fix path in AI integration tests by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5347">#5347</a></li>
</ul>
<h2>2.51.0a1</h2>
<h3>New Features </h3>
<h4>Integrations</h4>
<ul>
<li>feat(integrations): OpenAI/OpenAI Agents detect and report the time
to first token metric (TTFT) as
<code>gen_ai.response.time_to_first_token</code> by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5348">#5348</a></li>
<li>feat(integrations): openai-agents streaming support by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5291">#5291</a></li>
</ul>
<h4>Other</h4>
<ul>
<li>feat(anthropic): Set system instruction attribute by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5353">#5353</a></li>
<li>feat(asyncio): Allow to turn task spans off by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5367">#5367</a></li>
<li>feat(gen_ai): add function <code>set_conversation_id</code> and
managing functions on the Scope and apply it on the Span on
<code>.finish()</code> by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5362">#5362</a></li>
<li>feat(google-genai): Set system instruction attribute by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5354">#5354</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md">sentry-sdk's
changelog</a>.</em></p>
<blockquote>
<h2>2.51.0</h2>
<h3>New Features </h3>
<h4>Openai</h4>
<ul>
<li>feat(openai): Set system instruction attribute for Responses API by
<a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5376">#5376</a></li>
<li>feat(openai): Set system instruction attribute for Completions API
by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5358">#5358</a></li>
<li>feat(integrations): OpenAI/OpenAI Agents detect and report the time
to first token metric (TTFT) as
<code>gen_ai.response.time_to_first_token</code> by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5348">#5348</a></li>
</ul>
<h4>Openai Agents</h4>
<ul>
<li>feat(openai-agents): Set system instruction attribute on
<code>gen_ai.chat</code> spans by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5370">#5370</a></li>
<li>feat(openai-agents): Set system instruction attribute by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5355">#5355</a></li>
<li>feat(integrations): openai-agents streaming support by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5291">#5291</a></li>
</ul>
<h4>Other</h4>
<ul>
<li>feat(ai): Add original input length meta attribute by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5375">#5375</a></li>
<li>feat(anthropic): Set system instruction attribute by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5353">#5353</a></li>
<li>feat(asyncio): Allow to turn task spans off by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5367">#5367</a></li>
<li>feat(gen_ai): add function <code>set_conversation_id</code> and
managing functions on the Scope and apply it on the Span on
<code>.finish()</code> by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5362">#5362</a></li>
<li>feat(google-genai): Set system instruction attribute by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5354">#5354</a></li>
<li>feat(langchain): Set system instruction attribute by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5357">#5357</a></li>
<li>feat(pydantic-ai): Set system instruction attribute by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5356">#5356</a></li>
<li>feat(transport): Report 413 responses for oversized envelopes by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5380">#5380</a></li>
</ul>
<h3>Bug Fixes 🐛</h3>
<ul>
<li>fix(ai): Keep single content input message by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5345">#5345</a></li>
</ul>
<h3>Internal Changes 🔧</h3>
<ul>
<li>ci(release): Fix changelog-preview permissions by <a
href="https://github.com/BYK"><code>@​BYK</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5368">#5368</a></li>
<li>ref: Replace <code>set_data_normalized()</code> with
<code>Span.set_data()</code> for system instructions by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5374">#5374</a></li>
<li>ci: Fix path in AI integration tests by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5347">#5347</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="8517eb0a07"><code>8517eb0</code></a>
Update CHANGELOG.md</li>
<li><a
href="93e89e4c1b"><code>93e89e4</code></a>
release: 2.51.0</li>
<li><a
href="003cb73568"><code>003cb73</code></a>
feat(ai): Add original input length meta attribute (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5375">#5375</a>)</li>
<li><a
href="d4db6d32d6"><code>d4db6d3</code></a>
fix(ai): Keep single content input message (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5345">#5345</a>)</li>
<li><a
href="dafd62f0b5"><code>dafd62f</code></a>
ref: Replace <code>set_data_normalized()</code> with
<code>Span.set_data()</code> for system instru...</li>
<li><a
href="b3aa033dc1"><code>b3aa033</code></a>
feat(openai-agents): Set system instruction attribute on
<code>gen_ai.chat</code> spans ...</li>
<li><a
href="a6b4f2ea29"><code>a6b4f2e</code></a>
feat(openai): Set system instruction attribute for Responses API (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5376">#5376</a>)</li>
<li><a
href="6611957155"><code>6611957</code></a>
feat(openai): Set system instruction attribute for Completions API (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5358">#5358</a>)</li>
<li><a
href="0d424760b2"><code>0d42476</code></a>
feat(transport): Report 413 responses for oversized envelopes (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5380">#5380</a>)</li>
<li><a
href="0c81d3a450"><code>0c81d3a</code></a>
feat(integrations): OpenAI/OpenAI Agents detect and report the time to
first ...</li>
<li>Additional commits viewable in <a
href="https://github.com/getsentry/sentry-python/compare/2.50.0...2.51.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry-sdk&package-manager=uv&previous-version=2.50.0&new-version=2.51.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-03 06:40:59 +00:00
dependabot[bot]
505511b0e7 Bump pyjwt from 2.10.1 to 2.11.0 in /backend (#1547) 
Bumps [pyjwt](https://github.com/jpadilla/pyjwt) from 2.10.1 to 2.11.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/jpadilla/pyjwt/releases">pyjwt's
releases</a>.</em></p>
<blockquote>
<h2>2.11.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Fixed type error in comment by <a
href="https://github.com/shuhaib-aot"><code>@​shuhaib-aot</code></a> in
<a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1026">jpadilla/pyjwt#1026</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>[bot]
in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1018">jpadilla/pyjwt#1018</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>[bot]
in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1033">jpadilla/pyjwt#1033</a></li>
<li>Make note of use of leeway with nbf by <a
href="https://github.com/djw8605"><code>@​djw8605</code></a> in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1034">jpadilla/pyjwt#1034</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>[bot]
in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1035">jpadilla/pyjwt#1035</a></li>
<li>Fixes <a
href="https://redirect.github.com/jpadilla/pyjwt/issues/964">#964</a>:
Validate key against allowed types for Algorithm family by <a
href="https://github.com/pachewise"><code>@​pachewise</code></a> in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/985">jpadilla/pyjwt#985</a></li>
<li>Feat <a
href="https://redirect.github.com/jpadilla/pyjwt/issues/1024">#1024</a>:
Add iterator for PyJWKSet by <a
href="https://github.com/pachewise"><code>@​pachewise</code></a> in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1041">jpadilla/pyjwt#1041</a></li>
<li>Fixes <a
href="https://redirect.github.com/jpadilla/pyjwt/issues/1039">#1039</a>:
Add iss, issuer type checks by <a
href="https://github.com/pachewise"><code>@​pachewise</code></a> in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1040">jpadilla/pyjwt#1040</a></li>
<li>Fixes <a
href="https://redirect.github.com/jpadilla/pyjwt/issues/660">#660</a>:
Improve typing/logic for <code>options</code> in decode,
decode_complete; Improve docs by <a
href="https://github.com/pachewise"><code>@​pachewise</code></a> in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1045">jpadilla/pyjwt#1045</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>[bot]
in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1042">jpadilla/pyjwt#1042</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>[bot]
in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1052">jpadilla/pyjwt#1052</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>[bot]
in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1053">jpadilla/pyjwt#1053</a></li>
<li>Fix <a
href="https://redirect.github.com/jpadilla/pyjwt/issues/1022">#1022</a>:
Map <code>algorithm=None</code> to &quot;none&quot; by <a
href="https://github.com/qqii"><code>@​qqii</code></a> in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1056">jpadilla/pyjwt#1056</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>[bot]
in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1055">jpadilla/pyjwt#1055</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>[bot]
in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1058">jpadilla/pyjwt#1058</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>[bot]
in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1060">jpadilla/pyjwt#1060</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>[bot]
in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1061">jpadilla/pyjwt#1061</a></li>
<li>Fixes <a
href="https://redirect.github.com/jpadilla/pyjwt/issues/1047">#1047</a>:
Correct <code>PyJWKClient.get_signing_key_from_jwt</code> annotation by
<a href="https://github.com/khvn26"><code>@​khvn26</code></a> in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1048">jpadilla/pyjwt#1048</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>[bot]
in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1062">jpadilla/pyjwt#1062</a></li>
<li>Fixed doc string typo in _validate_jti() function <a
href="https://redirect.github.com/jpadilla/pyjwt/issues/1063">#1063</a>
by <a
href="https://github.com/kuldeepkhatke"><code>@​kuldeepkhatke</code></a>
in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1064">jpadilla/pyjwt#1064</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>[bot]
in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1065">jpadilla/pyjwt#1065</a></li>
<li>Update SECURITY.md by <a
href="https://github.com/auvipy"><code>@​auvipy</code></a> in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1057">jpadilla/pyjwt#1057</a></li>
<li>Typing fix: use <code>float</code> instead of <code>int</code> for
<code>lifespan</code> and <code>timeout</code> by <a
href="https://github.com/nikitagashkov"><code>@​nikitagashkov</code></a>
in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1068">jpadilla/pyjwt#1068</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>[bot]
in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1067">jpadilla/pyjwt#1067</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>[bot]
in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1071">jpadilla/pyjwt#1071</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>[bot]
in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1076">jpadilla/pyjwt#1076</a></li>
<li>Fix TYP header documentation by <a
href="https://github.com/fobiasmog"><code>@​fobiasmog</code></a> in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1046">jpadilla/pyjwt#1046</a></li>
<li>doc: Document claims sub and jti by <a
href="https://github.com/cleder"><code>@​cleder</code></a> in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1088">jpadilla/pyjwt#1088</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>[bot]
in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1077">jpadilla/pyjwt#1077</a></li>
<li>Bump actions/setup-python from 5 to 6 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1089">jpadilla/pyjwt#1089</a></li>
<li>Bump actions/stale from 8 to 10 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1090">jpadilla/pyjwt#1090</a></li>
<li>Bump actions/checkout from 4 to 5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1083">jpadilla/pyjwt#1083</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>[bot]
in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1091">jpadilla/pyjwt#1091</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>[bot]
in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1093">jpadilla/pyjwt#1093</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>[bot]
in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1096">jpadilla/pyjwt#1096</a></li>
<li>Resolve package build warnings by <a
href="https://github.com/kurtmckee"><code>@​kurtmckee</code></a> in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1105">jpadilla/pyjwt#1105</a></li>
<li>Support Python 3.14, and test against PyPy 3.10+ by <a
href="https://github.com/kurtmckee"><code>@​kurtmckee</code></a> in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1104">jpadilla/pyjwt#1104</a></li>
<li>Fix a <code>SyntaxWarning</code> caused by invalid escape sequences
by <a href="https://github.com/kurtmckee"><code>@​kurtmckee</code></a>
in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1103">jpadilla/pyjwt#1103</a></li>
<li>Standardize CHANGELOG links to PRs by <a
href="https://github.com/kurtmckee"><code>@​kurtmckee</code></a> in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1110">jpadilla/pyjwt#1110</a></li>
<li>Migrate from <code>pep517</code>, which is deprecated, to
<code>build</code> by <a
href="https://github.com/kurtmckee"><code>@​kurtmckee</code></a> in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1108">jpadilla/pyjwt#1108</a></li>
<li>Fix incorrectly-named test suite function by <a
href="https://github.com/kurtmckee"><code>@​kurtmckee</code></a> in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1116">jpadilla/pyjwt#1116</a></li>
<li>Fix Read the Docs builds by <a
href="https://github.com/kurtmckee"><code>@​kurtmckee</code></a> in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1111">jpadilla/pyjwt#1111</a></li>
<li>Bump actions/download-artifact from 4 to 6 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1118">jpadilla/pyjwt#1118</a></li>
<li>Escalate test suite warnings to errors by <a
href="https://github.com/kurtmckee"><code>@​kurtmckee</code></a> in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1107">jpadilla/pyjwt#1107</a></li>
<li>Add pyupgrade as a pre-commit hook by <a
href="https://github.com/kurtmckee"><code>@​kurtmckee</code></a> in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1109">jpadilla/pyjwt#1109</a></li>
<li>Simplify the test suite decorators by <a
href="https://github.com/kurtmckee"><code>@​kurtmckee</code></a> in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1113">jpadilla/pyjwt#1113</a></li>
<li>Improve coverage config and eliminate unused test suite code by <a
href="https://github.com/kurtmckee"><code>@​kurtmckee</code></a> in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1115">jpadilla/pyjwt#1115</a></li>
<li>Build a shared wheel once in the test suite by <a
href="https://github.com/kurtmckee"><code>@​kurtmckee</code></a> in <a
href="https://redirect.github.com/jpadilla/pyjwt/pull/1114">jpadilla/pyjwt#1114</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst">pyjwt's
changelog</a>.</em></p>
<blockquote>
<h2><code>v2.11.0
&lt;https://github.com/jpadilla/pyjwt/compare/2.10.1...2.11.0&gt;</code>__</h2>
<p>Fixed</p>
<pre><code>
- Enforce ECDSA curve validation per RFC 7518 Section 3.4.
- Fix build system warnings by @kurtmckee in
`[#1105](https://github.com/jpadilla/pyjwt/issues/1105)
&lt;https://github.com/jpadilla/pyjwt/pull/1105&gt;`__
- Validate key against allowed types for Algorithm family in
`[#964](https://github.com/jpadilla/pyjwt/issues/964)
&lt;https://github.com/jpadilla/pyjwt/pull/964&gt;`__
- Add iterator for JWKSet in
`[#1041](https://github.com/jpadilla/pyjwt/issues/1041)
&lt;https://github.com/jpadilla/pyjwt/pull/1041&gt;`__
- Validate `iss` claim is a string during encoding and decoding by
@pachewise in `[#1040](https://github.com/jpadilla/pyjwt/issues/1040)
&lt;https://github.com/jpadilla/pyjwt/pull/1040&gt;`__
- Improve typing/logic for `options` in decode, decode_complete by
@pachewise in `[#1045](https://github.com/jpadilla/pyjwt/issues/1045)
&lt;https://github.com/jpadilla/pyjwt/pull/1045&gt;`__
- Declare float supported type for lifespan and timeout by
@nikitagashkov in
`[#1068](https://github.com/jpadilla/pyjwt/issues/1068)
&lt;https://github.com/jpadilla/pyjwt/pull/1068&gt;`__
- Fix ``SyntaxWarning``\s/``DeprecationWarning``\s caused by invalid
escape sequences by @kurtmckee in
`[#1103](https://github.com/jpadilla/pyjwt/issues/1103)
&lt;https://github.com/jpadilla/pyjwt/pull/1103&gt;`__
- Development: Build a shared wheel once to speed up test suite setup
times by @kurtmckee in
`[#1114](https://github.com/jpadilla/pyjwt/issues/1114)
&lt;https://github.com/jpadilla/pyjwt/pull/1114&gt;`__
- Development: Test type annotations across all supported Python
versions,
increase the strictness of the type checking, and remove the mypy
pre-commit hook
by @kurtmckee in `[#1112](https://github.com/jpadilla/pyjwt/issues/1112)
&lt;https://github.com/jpadilla/pyjwt/pull/1112&gt;`__
<p>Added
</code></pre></p>
<ul>
<li>Support Python 3.14, and test against PyPy 3.10 and 3.11 by <a
href="https://github.com/kurtmckee"><code>@​kurtmckee</code></a> in
<code>[#1104](https://github.com/jpadilla/pyjwt/issues/1104)
&lt;https://github.com/jpadilla/pyjwt/pull/1104&gt;</code>__</li>
<li>Development: Migrate to <code>build</code> to test package building
in CI by <a
href="https://github.com/kurtmckee"><code>@​kurtmckee</code></a> in
<code>[#1108](https://github.com/jpadilla/pyjwt/issues/1108)
&lt;https://github.com/jpadilla/pyjwt/pull/1108&gt;</code>__</li>
<li>Development: Improve coverage config and eliminate unused test suite
code by <a
href="https://github.com/kurtmckee"><code>@​kurtmckee</code></a> in
<code>[#1115](https://github.com/jpadilla/pyjwt/issues/1115)
&lt;https://github.com/jpadilla/pyjwt/pull/1115&gt;</code>__</li>
<li>Docs: Standardize CHANGELOG links to PRs by <a
href="https://github.com/kurtmckee"><code>@​kurtmckee</code></a> in
<code>[#1110](https://github.com/jpadilla/pyjwt/issues/1110)
&lt;https://github.com/jpadilla/pyjwt/pull/1110&gt;</code>__</li>
<li>Docs: Fix Read the Docs builds by <a
href="https://github.com/kurtmckee"><code>@​kurtmckee</code></a> in
<code>[#1111](https://github.com/jpadilla/pyjwt/issues/1111)
&lt;https://github.com/jpadilla/pyjwt/pull/1111&gt;</code>__</li>
<li>Docs: Add example of using leeway with nbf by <a
href="https://github.com/djw8605"><code>@​djw8605</code></a> in
<code>[#1034](https://github.com/jpadilla/pyjwt/issues/1034)
&lt;https://github.com/jpadilla/pyjwt/pull/1034&gt;</code>__</li>
<li>Docs: Refactored docs with <code>autodoc</code>; added
<code>PyJWS</code> and <code>jwt.algorithms</code> docs by <a
href="https://github.com/pachewise"><code>@​pachewise</code></a> in
<code>[#1045](https://github.com/jpadilla/pyjwt/issues/1045)
&lt;https://github.com/jpadilla/pyjwt/pull/1045&gt;</code>__</li>
<li>Docs: Documentation improvements for &quot;sub&quot; and
&quot;jti&quot; claims by <a
href="https://github.com/cleder"><code>@​cleder</code></a> in
<code>[#1088](https://github.com/jpadilla/pyjwt/issues/1088)
&lt;https://github.com/jpadilla/pyjwt/pull/1088&gt;</code>__</li>
<li>Development: Add pyupgrade as a pre-commit hook by <a
href="https://github.com/kurtmckee"><code>@​kurtmckee</code></a> in
<code>[#1109](https://github.com/jpadilla/pyjwt/issues/1109)
&lt;https://github.com/jpadilla/pyjwt/pull/1109&gt;</code>__</li>
<li>Add minimum key length validation for HMAC and RSA keys (CWE-326).
Warns by default via <code>InsecureKeyLengthWarning</code> when keys are
below
minimum recommended lengths per RFC 7518 Section 3.2 (HMAC) and
NIST SP 800-131A (RSA). Pass
<code>enforce_minimum_key_length=True</code> in
options to <code>PyJWT</code> or <code>PyJWS</code> to raise
<code>InvalidKeyError</code> instead.</li>
<li>Refactor <code>PyJWT</code> to own an internal <code>PyJWS</code>
instance instead of
calling global <code>api_jws</code> functions.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="697344d259"><code>697344d</code></a>
bump up version</li>
<li><a
href="e4d0aec024"><code>e4d0aec</code></a>
fix: pre-commit</li>
<li><a
href="df9a6a0c44"><code>df9a6a0</code></a>
fix: failing test</li>
<li><a
href="2b2e53cd23"><code>2b2e53c</code></a>
fix: docs</li>
<li><a
href="635c8d89dd"><code>635c8d8</code></a>
fix: failing mypy</li>
<li><a
href="96ae3563b9"><code>96ae356</code></a>
feat: add minimum key length validation for HMAC and RSA</li>
<li><a
href="5b86227733"><code>5b86227</code></a>
fix: enforce ECDSA curve validation per RFC 7518 Section 3.4</li>
<li><a
href="04947d75dc"><code>04947d7</code></a>
Bump actions/download-artifact from 6 to 7 (<a
href="https://redirect.github.com/jpadilla/pyjwt/issues/1125">#1125</a>)</li>
<li><a
href="dd448344c3"><code>dd44834</code></a>
Fix leeway value in usage documentation (<a
href="https://redirect.github.com/jpadilla/pyjwt/issues/1124">#1124</a>)</li>
<li><a
href="407f0bde99"><code>407f0bd</code></a>
Thoroughly test type annotations, and resolve errors (<a
href="https://redirect.github.com/jpadilla/pyjwt/issues/1112">#1112</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/jpadilla/pyjwt/compare/2.10.1...2.11.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pyjwt&package-manager=uv&previous-version=2.10.1&new-version=2.11.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-03 06:40:47 +00:00
dependabot[bot]
7053b2daec Bump gunicorn from 24.1.1 to 25.0.1 in /backend (#1548) 
Bumps [gunicorn](https://github.com/benoitc/gunicorn) from 24.1.1 to
25.0.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/benoitc/gunicorn/releases">gunicorn's
releases</a>.</em></p>
<blockquote>
<h2>25.0.1</h2>
<h2>Bug Fixes</h2>
<ul>
<li>Fix ASGI streaming responses (SSE) hanging: add chunked transfer
encoding for
HTTP/1.1 responses without Content-Length header. Without chunked
encoding,
clients wait for connection close to determine end-of-response.</li>
</ul>
<h2>Changes</h2>
<ul>
<li>Update celery_alternative example to use FastAPI with native ASGI
worker and
uvloop for async task execution</li>
</ul>
<h2>Testing</h2>
<ul>
<li>Add ASGI compliance test suite with Docker-based integration tests
covering HTTP,
WebSocket, streaming, lifespan, framework integration (Starlette,
FastAPI),
HTTP/2, and concurrency scenarios</li>
</ul>
<h2>Gunicorn 25.0.0</h2>
<h2>New Features</h2>
<ul>
<li>
<p><strong>Dirty Arbiters</strong>: Separate process pool for executing
long-running, blocking
operations (AI model loading, heavy computation) without blocking HTTP
workers
([PR <a
href="https://redirect.github.com/benoitc/gunicorn/issues/3460">#3460</a>](<a
href="https://redirect.github.com/benoitc/gunicorn/pull/3460">benoitc/gunicorn#3460</a>))</p>
<ul>
<li>Inspired by Erlang's dirty schedulers</li>
<li>Asyncio-based with Unix socket IPC</li>
<li>Stateful workers that persist loaded resources</li>
<li>New settings: <code>--dirty-app</code>,
<code>--dirty-workers</code>, <code>--dirty-timeout</code>,
<code>--dirty-threads</code>, <code>--dirty-graceful-timeout</code></li>
<li>Lifecycle hooks: <code>on_dirty_starting</code>,
<code>dirty_post_fork</code>,
<code>dirty_worker_init</code>, <code>dirty_worker_exit</code></li>
</ul>
</li>
<li>
<p><strong>Per-App Worker Allocation for Dirty Arbiters</strong>:
Control how many dirty workers
load each app for memory optimization with heavy models
([PR <a
href="https://redirect.github.com/benoitc/gunicorn/issues/3473">#3473</a>](<a
href="https://redirect.github.com/benoitc/gunicorn/pull/3473">benoitc/gunicorn#3473</a>))</p>
<ul>
<li>Set <code>workers</code> class attribute on DirtyApp (e.g.,
<code>workers = 2</code>)</li>
<li>Or use config format <code>module:class:N</code> (e.g.,
<code>myapp:HeavyModel:2</code>)</li>
<li>Requests automatically routed to workers with the target app</li>
<li>New exception <code>DirtyNoWorkersAvailableError</code> for graceful
error handling</li>
<li>Example: 8 workers × 10GB model = 80GB → with
<code>workers=2</code>: 20GB (75% savings)</li>
</ul>
</li>
<li>
<p><strong>HTTP/2 Support (Beta)</strong>: Native HTTP/2 (RFC 7540)
support for improved performance
with modern clients ([PR <a
href="https://redirect.github.com/benoitc/gunicorn/issues/3468">#3468</a>](<a
href="https://redirect.github.com/benoitc/gunicorn/pull/3468">benoitc/gunicorn#3468</a>))</p>
<ul>
<li>Multiplexed streams over a single connection</li>
<li>Header compression (HPACK)</li>
<li>Flow control and stream prioritization</li>
<li>Works with gthread, gevent, and ASGI workers</li>
<li>New settings: <code>--http-protocols</code>,
<code>--http2-max-concurrent-streams</code>,
<code>--http2-initial-window-size</code>,
<code>--http2-max-frame-size</code>,
<code>--http2-max-header-list-size</code></li>
<li>Requires SSL/TLS and h2 library: <code>pip install
gunicorn[http2]</code></li>
</ul>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="3bf529f6c2"><code>3bf529f</code></a>
docs: sync news.md with 2026-news.md</li>
<li><a
href="1f4f245d76"><code>1f4f245</code></a>
Merge pull request <a
href="https://redirect.github.com/benoitc/gunicorn/issues/3478">#3478</a>
from benoitc/feature/asgi-compliance-testbed</li>
<li><a
href="e1519c0569"><code>e1519c0</code></a>
docs: add ASGI compliance test suite to changelog</li>
<li><a
href="0885005b08"><code>0885005</code></a>
fix(tests): correct assertions in ASGI compliance tests</li>
<li><a
href="658924c436"><code>658924c</code></a>
docs: update changelog for 25.0.1</li>
<li><a
href="c5b6e82277"><code>c5b6e82</code></a>
chore: bump version to 25.0.1</li>
<li><a
href="ce352dc230"><code>ce352dc</code></a>
fix(asgi): add chunked transfer encoding for streaming responses</li>
<li><a
href="29b8a3a763"><code>29b8a3a</code></a>
Merge pull request <a
href="https://redirect.github.com/benoitc/gunicorn/issues/3476">#3476</a>
from benoitc/dependabot/github_actions/actions/check...</li>
<li><a
href="791ab46e1c"><code>791ab46</code></a>
chore(deps): bump actions/checkout from 4 to 6</li>
<li><a
href="9235b72ab8"><code>9235b72</code></a>
Merge pull request <a
href="https://redirect.github.com/benoitc/gunicorn/issues/3475">#3475</a>
from benoitc/dependabot/github_actions/actions/uploa...</li>
<li>Additional commits viewable in <a
href="https://github.com/benoitc/gunicorn/compare/24.1.1...25.0.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gunicorn&package-manager=uv&previous-version=24.1.1&new-version=25.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-03 06:40:40 +00:00
dependabot[bot]
6b83168b22 Bump gunicorn from 23.0.0 to 24.1.1 in /backend (#1535) 
Bumps [gunicorn](https://github.com/benoitc/gunicorn) from 23.0.0 to
24.1.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/benoitc/gunicorn/releases">gunicorn's
releases</a>.</em></p>
<blockquote>
<h2>24.1.1</h2>
<h2>Bug Fixes</h2>
<ul>
<li>Fix <code>forwarded_allow_ips</code> and
<code>proxy_allow_ips</code> to remain as strings for backward
compatibility with external tools like uvicorn. Network validation now
uses strict
mode to detect invalid CIDR notation (e.g., <code>192.168.1.1/24</code>
where host bits are set)
(<a
href="https://redirect.github.com/benoitc/gunicorn/issues/3458">#3458</a>,
[PR <a
href="https://redirect.github.com/benoitc/gunicorn/issues/3459">#3459</a>](<a
href="https://redirect.github.com/benoitc/gunicorn/pull/3459">benoitc/gunicorn#3459</a>))</li>
</ul>
<hr />
<p><strong>Full Changelog</strong>: <a
href="https://github.com/benoitc/gunicorn/compare/24.1.0...24.1.1">https://github.com/benoitc/gunicorn/compare/24.1.0...24.1.1</a></p>
<h2>Gunicorn 24.1.0</h2>
<h2>New Features</h2>
<ul>
<li>
<p><strong>Official Docker Image</strong>: Gunicorn now publishes
official Docker images to GitHub Container Registry ([PR <a
href="https://redirect.github.com/benoitc/gunicorn/issues/3454">#3454</a>](<a
href="https://redirect.github.com/benoitc/gunicorn/pull/3454">benoitc/gunicorn#3454</a>))</p>
<ul>
<li>Available at <code>ghcr.io/benoitc/gunicorn</code></li>
<li>Based on Python 3.12 slim image</li>
<li>Uses recommended worker formula (2 × CPU + 1)</li>
<li>Configurable via environment variables</li>
</ul>
</li>
<li>
<p><strong>PROXY Protocol v2 Support</strong>: Extended PROXY protocol
implementation to support the binary v2 format in addition to the
existing text-based v1 format ([PR <a
href="https://redirect.github.com/benoitc/gunicorn/issues/3451">#3451</a>](<a
href="https://redirect.github.com/benoitc/gunicorn/pull/3451">benoitc/gunicorn#3451</a>))</p>
<ul>
<li>New <code>--proxy-protocol</code> modes: <code>off</code>,
<code>v1</code>, <code>v2</code>, <code>auto</code></li>
<li><code>auto</code> mode (default when enabled) detects v1 or v2
automatically</li>
<li>v2 binary format is more efficient and supports additional
metadata</li>
<li>Works with HAProxy, AWS NLB/ALB, and other PROXY protocol v2
sources</li>
</ul>
</li>
<li>
<p><strong>CIDR Network Support</strong>:
<code>--forwarded-allow-ips</code> and <code>--proxy-allow-from</code>
now accept CIDR notation (e.g., <code>192.168.0.0/16</code>) for
specifying trusted networks ([PR <a
href="https://redirect.github.com/benoitc/gunicorn/issues/3449">#3449</a>](<a
href="https://redirect.github.com/benoitc/gunicorn/pull/3449">benoitc/gunicorn#3449</a>))</p>
</li>
<li>
<p><strong>Socket Backlog Metric</strong>: New
<code>gunicorn.socket.backlog</code> gauge metric reports the current
socket backlog size on Linux systems ([PR <a
href="https://redirect.github.com/benoitc/gunicorn/issues/3450">#3450</a>](<a
href="https://redirect.github.com/benoitc/gunicorn/pull/3450">benoitc/gunicorn#3450</a>))</p>
</li>
<li>
<p><strong>InotifyReloader Enhancement</strong>: The inotify-based
reloader now watches newly imported modules, not just those loaded at
startup ([PR <a
href="https://redirect.github.com/benoitc/gunicorn/issues/3447">#3447</a>](<a
href="https://redirect.github.com/benoitc/gunicorn/pull/3447">benoitc/gunicorn#3447</a>))</p>
</li>
</ul>
<h2>Bug Fixes</h2>
<ul>
<li>Fix signal handling regression where SIGCLD alias caused
&quot;Unhandled signal: cld&quot; errors on Linux when workers fail
during boot (<a
href="https://github.com/benoitc/gunicorn/discussions/3453">#3453</a>)</li>
<li>Fix socket blocking mode on keepalive connections preventing SSL
handshake failures with async workers ([PR <a
href="https://redirect.github.com/benoitc/gunicorn/issues/3452">#3452</a>](<a
href="https://redirect.github.com/benoitc/gunicorn/pull/3452">benoitc/gunicorn#3452</a>))</li>
<li>Use smaller buffer size in <code>finish_body()</code> for faster
timeout detection on slow or abandoned connections ([PR <a
href="https://redirect.github.com/benoitc/gunicorn/issues/3453">#3453</a>](<a
href="https://redirect.github.com/benoitc/gunicorn/pull/3453">benoitc/gunicorn#3453</a>))</li>
<li>Handle <code>SSLWantReadError</code> in <code>finish_body()</code>
to prevent worker hangs during SSL renegotiation ([PR <a
href="https://redirect.github.com/benoitc/gunicorn/issues/3448">#3448</a>](<a
href="https://redirect.github.com/benoitc/gunicorn/pull/3448">benoitc/gunicorn#3448</a>))</li>
<li>Log SIGTERM as info level instead of warning to reduce noise in
orchestrated environments ([PR <a
href="https://redirect.github.com/benoitc/gunicorn/issues/3446">#3446</a>](<a
href="https://redirect.github.com/benoitc/gunicorn/pull/3446">benoitc/gunicorn#3446</a>))</li>
<li>Print exception details to stderr when worker fails to boot ([PR <a
href="https://redirect.github.com/benoitc/gunicorn/issues/3443">#3443</a>](<a
href="https://redirect.github.com/benoitc/gunicorn/pull/3443">benoitc/gunicorn#3443</a>))</li>
<li>Fix <code>unreader.unread()</code> to prepend data to buffer instead
of appending ([PR <a
href="https://redirect.github.com/benoitc/gunicorn/issues/3442">#3442</a>](<a
href="https://redirect.github.com/benoitc/gunicorn/pull/3442">benoitc/gunicorn#3442</a>))</li>
<li>Prevent <code>RecursionError</code> when pickling Config objects
([PR <a
href="https://redirect.github.com/benoitc/gunicorn/issues/3441">#3441</a>](<a
href="https://redirect.github.com/benoitc/gunicorn/pull/3441">benoitc/gunicorn#3441</a>))</li>
<li>Use proper exception chaining with <code>raise from</code> in
glogging.py ([PR <a
href="https://redirect.github.com/benoitc/gunicorn/issues/3440">#3440</a>](<a
href="https://redirect.github.com/benoitc/gunicorn/pull/3440">benoitc/gunicorn#3440</a>))</li>
</ul>
<h2>Installation</h2>
<pre lang="bash"><code>pip install gunicorn==24.1.0
&lt;/tr&gt;&lt;/table&gt; 
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="375e79e95b"><code>375e79e</code></a>
release: bump version to 24.1.1</li>
<li><a
href="ad0c12de98"><code>ad0c12d</code></a>
docs: add sponsors section to README</li>
<li><a
href="70200eef46"><code>70200ee</code></a>
chore: add GitHub Sponsors funding configuration</li>
<li><a
href="6841804116"><code>6841804</code></a>
docs: remove incorrect PR reference from Docker changelog entry</li>
<li><a
href="abce0ca9cb"><code>abce0ca</code></a>
docs: add 24.1.1 changelog entry for forwarded_allow_ips fix</li>
<li><a
href="e9a3f30a0f"><code>e9a3f30</code></a>
fix: keep forwarded_allow_ips as strings for backward compatibility (<a
href="https://redirect.github.com/benoitc/gunicorn/issues/3459">#3459</a>)</li>
<li><a
href="d73ff4b1d8"><code>d73ff4b</code></a>
docs: update main changelog with 24.1.0</li>
<li><a
href="53f2c31012"><code>53f2c31</code></a>
ci: allow docs deploy on workflow_dispatch</li>
<li><a
href="eab5f0b1a5"><code>eab5f0b</code></a>
ci: trigger Docker publish on tags with or without v prefix</li>
<li><a
href="a20d3fb220"><code>a20d3fb</code></a>
docs: add Docker image to 24.1.0 changelog</li>
<li>Additional commits viewable in <a
href="https://github.com/benoitc/gunicorn/compare/23.0.0...24.1.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gunicorn&package-manager=uv&previous-version=23.0.0&new-version=24.1.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-27 04:11:27 +00:00
dependabot[bot]
fe67b0c120 Bump pyrefly from 0.48.0 to 0.50.0 in /backend (#1534) 
Bumps [pyrefly](https://github.com/facebook/pyrefly) from 0.48.0 to
0.50.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/facebook/pyrefly/releases">pyrefly's
releases</a>.</em></p>
<blockquote>
<h2>Pyrefly v0.49.0</h2>
<p><strong>Status : BETA</strong><br />
<em>Release date: 20 January 2026</em></p>
<p>Pyrefly v0.49.0 bundles <strong>231 commits</strong> from <strong>25
contributors</strong>.</p>
<hr />
<h1> New &amp; Improved</h1>
<table>
<thead>
<tr>
<th align="left">Area</th>
<th align="left">What’s new</th>
</tr>
</thead>
<tbody>
<tr>
<td align="left"><strong>Type Inference</strong></td>
<td align="left">- Partial type inference now possible in loops <!-- raw
HTML omitted --><!-- raw HTML omitted -->- Variance inference for
self-referential generic types (PEP 695) <!-- raw HTML omitted --><!--
raw HTML omitted -->- <code>typing.Mapping</code> now recognised as a
type alias</td>
</tr>
<tr>
<td align="left"><strong>Language Server</strong></td>
<td align="left">- Improved refactoring capabilities for moving module
members and lifting local functions/methods to top-level module scope,
with automatic import/shim creation. <!-- raw HTML omitted --><!-- raw
HTML omitted -->- Hover support for <code>in</code> keyword when used in
iteration contexts (for-loops and comprehensions), showing the type of
the iterable being iterated over <!-- raw HTML omitted --><!-- raw HTML
omitted -->- “Go to symbol” now correctly includes methods inside a
class <!-- raw HTML omitted --><!-- raw HTML omitted -->- Enabled
clickable inlay hints for built-in types like tuple, dict, str, and
special forms (TypeVar, ParamSpec, etc.), allowing users to quickly
navigate to type definitions in the IDE</td>
</tr>
<tr>
<td align="left"><strong>Pydantic Support</strong></td>
<td align="left">Added detection and support for
<code>pydantic.dataclasses.dataclass</code> decorator, including strict
and lax mode support for pydantic dataclasses</td>
</tr>
<tr>
<td align="left"><strong>Error Reporting</strong></td>
<td align="left">Improved error messages for <code>yield</code>,
<code>yield from</code>, augmented assignment, missing imports, and
missing stubs for better user clarity.</td>
</tr>
</tbody>
</table>
<hr />
<h1>🐛 bug fixes</h1>
<p>We closed <strong>38 bug issues</strong> this week 👏</p>
<ul>
<li><a
href="https://redirect.github.com/facebook/pyrefly/issues/2145">#2145</a>
- Fixed variance inference incorrectly using
<code>inferred_variance</code> instead of
<code>specified_variance</code> for stdlib generic classes like
<code>Mapping[str, T]</code>.</li>
<li><a
href="https://redirect.github.com/facebook/pyrefly/issues/1806">#1806</a>
- Fixed improper type narrowing and captured variable typing for
sequence patterns (e.g., <code>[*values]</code>) in match/case
statements.</li>
<li><a
href="https://redirect.github.com/facebook/pyrefly/issues/1697">#1697</a>
- Fixed a bug where Pyrefly got confused if a class had the same name as
an overloaded method.</li>
<li><a
href="https://redirect.github.com/facebook/pyrefly/issues/1494">#1494</a>
- Ensures correct overload resolution when promoting nested tuple
element literals for unannotated method-initialized attributes.</li>
<li>And more: <a
href="https://redirect.github.com/facebook/pyrefly/issues/1481">#1481</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/1472">#1472</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/1466">#1466</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/1385">#1385</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/1341">#1341</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/1310">#1310</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/1277">#1277</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/1234">#1234</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/1219">#1219</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/1208">#1208</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/1013">#1013</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/1002">#1002</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/935">#935</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/910">#910</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/899">#899</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/773">#773</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/768">#768</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/755">#755</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/737">#737</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/708">#708</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/421">#421</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/295">#295</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/266">#266</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/265">#265</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/1503">#1503</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/1616">#1616</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/1626">#1626</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/1803">#1803</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/2051">#2051</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/2072">#2072</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/2077">#2077</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/2107">#2107</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/2111">#2111</a>,
<a
href="https://redirect.github.com/facebook/pyrefly/issues/2161">#2161</a></li>
</ul>
<p>Thank-you to all our contributors who found these bugs and reported
them! Did you know this is one of the most helpful contributions you can
make to an open-source project? If you find any bugs in Pyrefly we want
to know about them! Please open a bug report issue <a
href="https://github.com/facebook/pyrefly/issues">here</a></p>
<hr />
<h1>📦 Upgrade</h1>
<pre><code>pip install --upgrade pyrefly==0.49.0
</code></pre>
<h2>How to safely upgrade your codebase</h2>
<p>Upgrading the version of Pyrefly you're using or a third-party
library you depend on can reveal new type errors in your code. Fixing
them all at once is often unrealistic. We've written scripts to help you
temporarily silence them. After upgrading, follow these steps:</p>
<ol>
<li><code>pyrefly check --suppress-errors</code></li>
<li>run your code formatter of choice</li>
<li><code>pyrefly check --remove-unused-ignores</code></li>
<li>Repeat until you achieve a clean formatting run and a clean type
check.</li>
</ol>
<p>This will add <code># pyrefly: ignore</code> comments to your code,
enabling you to silence errors and return to fix them later. This can
make the process of upgrading a large codebase much more manageable.</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4c95fadbff"><code>4c95fad</code></a>
Allow suppress command to take in json values (4/n)</li>
<li><a
href="ddc207782f"><code>ddc2077</code></a>
Disable test failing on Windows</li>
<li><a
href="5d09330250"><code>5d09330</code></a>
Fix completion item kinds for module attributes (<a
href="https://redirect.github.com/facebook/pyrefly/issues/1936">#1936</a>)</li>
<li><a
href="c57c5e5659"><code>c57c5e5</code></a>
Fix go-to-definition for intermediate submodule components</li>
<li><a
href="c5b01d308b"><code>c5b01d3</code></a>
Add go-to-def test for deep submodule chain with explicit
re-exports</li>
<li><a
href="46a55b2462"><code>46a55b2</code></a>
make --remove-unused-ignores a no-op for files with no unused ignores
(<a
href="https://redirect.github.com/facebook/pyrefly/issues/2217">#2217</a>)</li>
<li><a
href="bdac377cc3"><code>bdac377</code></a>
fix relative pyrefly.org link in documentation (<a
href="https://redirect.github.com/facebook/pyrefly/issues/2186">#2186</a>)</li>
<li><a
href="ab05550d2d"><code>ab05550</code></a>
Update pyrefly version]</li>
<li><a
href="06583faa51"><code>06583fa</code></a>
Simplify tarjan NodeVec push</li>
<li><a
href="063154c9fa"><code>063154c</code></a>
Refactor IsInstancePattern to use NarrowSource on IsInstance</li>
<li>Additional commits viewable in <a
href="https://github.com/facebook/pyrefly/compare/0.48.0...0.50.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pyrefly&package-manager=uv&previous-version=0.48.0&new-version=0.50.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-27 04:11:14 +00:00
dependabot[bot]
92d8f81d96 Bump sentry-sdk from 2.49.0 to 2.50.0 in /backend (#1533) 
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from
2.49.0 to 2.50.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-python/releases">sentry-sdk's
releases</a>.</em></p>
<blockquote>
<h2>2.50.0</h2>
<h3>New Features </h3>
<h4>Ai</h4>
<ul>
<li>feat(ai): add cache writes for gen_ai by <a
href="https://github.com/shellmayr"><code>@​shellmayr</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5319">#5319</a></li>
<li>feat(ai): add parse_data_uri function to parse a data URI by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5311">#5311</a></li>
</ul>
<h4>Other</h4>
<ul>
<li>
<p>feat(asyncio): Add on-demand way to enable AsyncioIntegration by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5288">#5288</a></p>
<p>You can now enable the <code>AsyncioIntegration</code> on demand,
after calling <code>sentry_sdk.init()</code>. This is useful in
scenarios where you don't have
the event loop running early on, or when you need to instrument multiple
event loops.</p>
</li>
</ul>
<pre lang="python"><code>import sentry_sdk
from sentry_sdk.integrations.asyncio import enable_asyncio_integration
<h1>Initializing the SDK as early as possible, when there is no event
loop yet</h1>
<p>sentry_sdk.init(<br />
...<br />
# No AsyncioIntegration in explicitly provided
<code>integrations</code><br />
)</p>
<p>async def main():<br />
enable_asyncio_integration()  # instruments the current event loop<br />
# ...your code...<br />
</code></pre></p>
<ul>
<li>feat(openai-agents): Inject propagation headers for
<code>HostedMCPTool</code> by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5297">#5297</a></li>
<li>feat(stdlib): Handle proxy tunnels in httlib integration by <a
href="https://github.com/sl0thentr0py"><code>@​sl0thentr0py</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5303">#5303</a></li>
<li>feat: Support array types for logs and metrics attributes by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5314">#5314</a></li>
</ul>
<h3>Bug Fixes 🐛</h3>
<h4>Integrations</h4>
<ul>
<li>fix(integrations): google genai report image inputs by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5337">#5337</a></li>
<li>fix(integrations): google-genai: reworked
<code>gen_ai.request.messages</code> extraction from parameters by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5275">#5275</a></li>
<li>fix(integrations): pydantic-ai: properly format binary input message
parts to be conformant with the <code>gen_ai.request.messages</code>
structure by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5251">#5251</a></li>
<li>fix(integrations): Anthropic: add content transformation for images
and documents by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5276">#5276</a></li>
<li>fix(integrations): langchain add multimodal content transformation
functions for images, audio, and files by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5278">#5278</a></li>
</ul>
<h4>Litellm</h4>
<ul>
<li>fix(litellm): fix <code>gen_ai.request.messages</code> to be as
expected by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5255">#5255</a></li>
<li>fix(litellm): Guard against module shadowing by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5249">#5249</a></li>
</ul>
<h4>Other</h4>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md">sentry-sdk's
changelog</a>.</em></p>
<blockquote>
<h2>2.50.0</h2>
<h3>New Features </h3>
<h4>Ai</h4>
<ul>
<li>feat(ai): add cache writes for gen_ai by <a
href="https://github.com/shellmayr"><code>@​shellmayr</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5319">#5319</a></li>
<li>feat(ai): add parse_data_uri function to parse a data URI by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5311">#5311</a></li>
</ul>
<h4>Other</h4>
<ul>
<li>
<p>feat(asyncio): Add on-demand way to enable AsyncioIntegration by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5288">#5288</a></p>
<p>You can now enable the <code>AsyncioIntegration</code> on demand,
after calling <code>sentry_sdk.init()</code>. This is useful in
scenarios where you don't have
the event loop running early on, or when you need to instrument multiple
event loops.</p>
</li>
</ul>
<pre lang="python"><code>import sentry_sdk
from sentry_sdk.integrations.asyncio import enable_asyncio_integration
<h1>Initializing the SDK as early as possible, when there is no event
loop yet</h1>
<p>sentry_sdk.init(<br />
...<br />
# No AsyncioIntegration in explicitly provided
<code>integrations</code><br />
)</p>
<p>async def main():<br />
enable_asyncio_integration()  # instruments the current event loop<br />
# ...your code...<br />
</code></pre></p>
<ul>
<li>feat(openai-agents): Inject propagation headers for
<code>HostedMCPTool</code> by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5297">#5297</a></li>
<li>feat(stdlib): Handle proxy tunnels in httlib integration by <a
href="https://github.com/sl0thentr0py"><code>@​sl0thentr0py</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5303">#5303</a></li>
<li>feat: Support array types for logs and metrics attributes by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5314">#5314</a></li>
</ul>
<h3>Bug Fixes 🐛</h3>
<h4>Integrations</h4>
<ul>
<li>fix(integrations): google genai report image inputs by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5337">#5337</a></li>
<li>fix(integrations): google-genai: reworked
<code>gen_ai.request.messages</code> extraction from parameters by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5275">#5275</a></li>
<li>fix(integrations): pydantic-ai: properly format binary input message
parts to be conformant with the <code>gen_ai.request.messages</code>
structure by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5251">#5251</a></li>
<li>fix(integrations): Anthropic: add content transformation for images
and documents by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5276">#5276</a></li>
<li>fix(integrations): langchain add multimodal content transformation
functions for images, audio, and files by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5278">#5278</a></li>
</ul>
<h4>Litellm</h4>
<ul>
<li>fix(litellm): fix <code>gen_ai.request.messages</code> to be as
expected by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5255">#5255</a></li>
<li>fix(litellm): Guard against module shadowing by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5249">#5249</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="27b0bfd9b5"><code>27b0bfd</code></a>
Update CHANGELOG.md</li>
<li><a
href="73857b448f"><code>73857b4</code></a>
release: 2.50.0</li>
<li><a
href="d38b3782e0"><code>d38b378</code></a>
test(fastmcp): Narrow <code>AttributeError</code> try-except (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5339">#5339</a>)</li>
<li><a
href="e73e600ea1"><code>e73e600</code></a>
test(fastmcp): Stop accessing non-existent attribute (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5338">#5338</a>)</li>
<li><a
href="e0d42b9323"><code>e0d42b9</code></a>
chore(repo): Add Claude Code settings with basic permissions (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5342">#5342</a>)</li>
<li><a
href="2585678b19"><code>2585678</code></a>
feat(stdlib): Handle proxy tunnels in httlib integration (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5303">#5303</a>)</li>
<li><a
href="e1710092dc"><code>e171009</code></a>
fix(integrations): google genai report image inputs (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5337">#5337</a>)</li>
<li><a
href="749d8e5dba"><code>749d8e5</code></a>
fix(integrations): google-genai: reworked
<code>gen_ai.request.messages</code> extractio...</li>
<li><a
href="ab5cddedd6"><code>ab5cdde</code></a>
feat(ai): add cache writes for gen_ai (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5319">#5319</a>)</li>
<li><a
href="1970486d00"><code>1970486</code></a>
build(deps): bump getsentry/craft from 2.18.3 to 2.19.0 (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5331">#5331</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/getsentry/sentry-python/compare/2.49.0...2.50.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry-sdk&package-manager=uv&previous-version=2.49.0&new-version=2.50.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-27 04:10:59 +00:00
dependabot[bot]
1cfbc6391a Bump python-multipart from 0.0.20 to 0.0.22 in /backend (#1529) 
Bumps [python-multipart](https://github.com/Kludex/python-multipart)
from 0.0.20 to 0.0.22.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/Kludex/python-multipart/releases">python-multipart's
releases</a>.</em></p>
<blockquote>
<h2>Version 0.0.22</h2>
<h2>What's Changed</h2>
<ul>
<li>Drop directory path from filename in <code>File</code> <a
href="9433f4bbc9">9433f4b</a>.</li>
</ul>
<hr />
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Kludex/python-multipart/compare/0.0.21...0.0.22">https://github.com/Kludex/python-multipart/compare/0.0.21...0.0.22</a></p>
<h2>Version 0.0.21</h2>
<h2>What's Changed</h2>
<ul>
<li>Add support for Python 3.14 and drop EOL 3.8 and 3.9 by <a
href="https://github.com/hugovk"><code>@​hugovk</code></a> in <a
href="https://redirect.github.com/Kludex/python-multipart/pull/216">Kludex/python-multipart#216</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/waketzheng"><code>@​waketzheng</code></a> made
their first contribution in <a
href="https://redirect.github.com/Kludex/python-multipart/pull/203">Kludex/python-multipart#203</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Kludex/python-multipart/compare/0.0.20...0.0.21">https://github.com/Kludex/python-multipart/compare/0.0.20...0.0.21</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/Kludex/python-multipart/blob/master/CHANGELOG.md">python-multipart's
changelog</a>.</em></p>
<blockquote>
<h2>0.0.22 (2026-01-25)</h2>
<ul>
<li>Drop directory path from filename in <code>File</code> <a
href="9433f4bbc9">9433f4b</a>.</li>
</ul>
<h2>0.0.21 (2025-12-17)</h2>
<ul>
<li>Add support for Python 3.14 and drop EOL 3.8 and 3.9 <a
href="https://redirect.github.com/Kludex/python-multipart/pull/216">#216</a>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="bea7bbb290"><code>bea7bbb</code></a>
Version 0.0.22 (<a
href="https://redirect.github.com/Kludex/python-multipart/issues/222">#222</a>)</li>
<li><a
href="0fb59a9df0"><code>0fb59a9</code></a>
chore: add return type on test (<a
href="https://redirect.github.com/Kludex/python-multipart/issues/221">#221</a>)</li>
<li><a
href="9433f4bbc9"><code>9433f4b</code></a>
Merge commit from fork</li>
<li><a
href="d5c91ecb0a"><code>d5c91ec</code></a>
Bump the github-actions group with 2 updates (<a
href="https://redirect.github.com/Kludex/python-multipart/issues/219">#219</a>)</li>
<li><a
href="5a90631b48"><code>5a90631</code></a>
bump uv (<a
href="https://redirect.github.com/Kludex/python-multipart/issues/218">#218</a>)</li>
<li><a
href="1f72955602"><code>1f72955</code></a>
Version 0.0.21 (<a
href="https://redirect.github.com/Kludex/python-multipart/issues/217">#217</a>)</li>
<li><a
href="47ecfed353"><code>47ecfed</code></a>
Add support for Python 3.14 and drop EOL 3.8 and 3.9 (<a
href="https://redirect.github.com/Kludex/python-multipart/issues/216">#216</a>)</li>
<li><a
href="f18b70941b"><code>f18b709</code></a>
Bump the github-actions group across 1 directory with 4 updates (<a
href="https://redirect.github.com/Kludex/python-multipart/issues/214">#214</a>)</li>
<li><a
href="b388e9a7a8"><code>b388e9a</code></a>
chore: use depedency-groups in <code>pyproject.toml</code> (<a
href="https://redirect.github.com/Kludex/python-multipart/issues/212">#212</a>)</li>
<li><a
href="6113e75097"><code>6113e75</code></a>
Bump the github-actions group across 1 directory with 3 updates (<a
href="https://redirect.github.com/Kludex/python-multipart/issues/210">#210</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/Kludex/python-multipart/compare/0.0.20...0.0.22">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=python-multipart&package-manager=uv&previous-version=0.0.20&new-version=0.0.22)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/evroon/bracket/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-26 23:58:06 +00:00
dependabot[bot]
e8d35e7706 Bump urllib3 from 2.5.0 to 2.6.3 in /backend (#1523) 
Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.5.0 to 2.6.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/releases">urllib3's
releases</a>.</em></p>
<blockquote>
<h2>2.6.3</h2>
<h2>🚀 urllib3 is fundraising for HTTP/2 support</h2>
<p><a
href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3
is raising ~$40,000 USD</a> to release HTTP/2 support and ensure
long-term sustainable maintenance of the project after a sharp decline
in financial support. If your company or organization uses Python and
would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and
thousands of other projects <a
href="https://opencollective.com/urllib3">please consider contributing
financially</a> to ensure HTTP/2 support is developed sustainably and
maintained for the long-haul.</p>
<p>Thank you for your support.</p>
<h2>Changes</h2>
<ul>
<li>Fixed a security issue where decompression-bomb safeguards of the
streaming API were bypassed when HTTP redirects were followed.
(CVE-2026-21441 reported by <a
href="https://github.com/D47A"><code>@​D47A</code></a>, 8.9 High,
GHSA-38jv-5279-wg99)</li>
<li>Started treating <code>Retry-After</code> times greater than 6 hours
as 6 hours by default. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3743">urllib3/urllib3#3743</a>)</li>
<li>Fixed <code>urllib3.connection.VerifiedHTTPSConnection</code> on
Emscripten. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3752">urllib3/urllib3#3752</a>)</li>
</ul>
<h2>2.6.2</h2>
<h2>🚀 urllib3 is fundraising for HTTP/2 support</h2>
<p><a
href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3
is raising ~$40,000 USD</a> to release HTTP/2 support and ensure
long-term sustainable maintenance of the project after a sharp decline
in financial support. If your company or organization uses Python and
would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and
thousands of other projects <a
href="https://opencollective.com/urllib3">please consider contributing
financially</a> to ensure HTTP/2 support is developed sustainably and
maintained for the long-haul.</p>
<p>Thank you for your support.</p>
<h2>Changes</h2>
<ul>
<li>Fixed <code>HTTPResponse.read_chunked()</code> to properly handle
leftover data in the decoder's buffer when reading compressed chunked
responses. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3734">urllib3/urllib3#3734</a>)</li>
</ul>
<h2>2.6.1</h2>
<h2>🚀 urllib3 is fundraising for HTTP/2 support</h2>
<p><a
href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3
is raising ~$40,000 USD</a> to release HTTP/2 support and ensure
long-term sustainable maintenance of the project after a sharp decline
in financial support. If your company or organization uses Python and
would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and
thousands of other projects <a
href="https://opencollective.com/urllib3">please consider contributing
financially</a> to ensure HTTP/2 support is developed sustainably and
maintained for the long-haul.</p>
<p>Thank you for your support.</p>
<h2>Changes</h2>
<ul>
<li>Restore previously removed <code>HTTPResponse.getheaders()</code>
and <code>HTTPResponse.getheader()</code> methods. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3731">#3731</a>)</li>
</ul>
<h2>2.6.0</h2>
<h2>🚀 urllib3 is fundraising for HTTP/2 support</h2>
<p><a
href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3
is raising ~$40,000 USD</a> to release HTTP/2 support and ensure
long-term sustainable maintenance of the project after a sharp decline
in financial support. If your company or organization uses Python and
would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and
thousands of other projects <a
href="https://opencollective.com/urllib3">please consider contributing
financially</a> to ensure HTTP/2 support is developed sustainably and
maintained for the long-haul.</p>
<p>Thank you for your support.</p>
<h2>Security</h2>
<ul>
<li>Fixed a security issue where streaming API could improperly handle
highly compressed HTTP content (&quot;decompression bombs&quot;) leading
to excessive resource consumption even when a small amount of data was
requested. Reading small chunks of compressed data is safer and much
more efficient now. (CVE-2025-66471 reported by <a
href="https://github.com/Cycloctane"><code>@​Cycloctane</code></a>, 8.9
High, GHSA-2xpw-w6gg-jr37)</li>
<li>Fixed a security issue where an attacker could compose an HTTP
response with virtually unlimited links in the
<code>Content-Encoding</code> header, potentially leading to a denial of
service (DoS) attack by exhausting system resources during decoding. The
number of allowed chained encodings is now limited to 5. (CVE-2025-66418
reported by <a
href="https://github.com/illia-v"><code>@​illia-v</code></a>, 8.9 High,
GHSA-gm62-xv2j-4w53)</li>
</ul>
<blockquote>
<p>[!IMPORTANT]</p>
<ul>
<li>If urllib3 is not installed with the optional
<code>urllib3[brotli]</code> extra, but your environment contains a
Brotli/brotlicffi/brotlipy package anyway, make sure to upgrade it to at
least Brotli 1.2.0 or brotlicffi 1.2.0.0 to benefit from the security
fixes and avoid warnings. Prefer using <code>urllib3[brotli]</code> to
install a compatible Brotli package automatically.</li>
</ul>
</blockquote>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's
changelog</a>.</em></p>
<blockquote>
<h1>2.6.3 (2026-01-07)</h1>
<ul>
<li>Fixed a high-severity security issue where decompression-bomb
safeguards of
the streaming API were bypassed when HTTP redirects were followed.
(<code>GHSA-38jv-5279-wg99
&lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99&gt;</code>__)</li>
<li>Started treating <code>Retry-After</code> times greater than 6 hours
as 6 hours by
default. (<code>[#3743](https://github.com/urllib3/urllib3/issues/3743)
&lt;https://github.com/urllib3/urllib3/issues/3743&gt;</code>__)</li>
<li>Fixed <code>urllib3.connection.VerifiedHTTPSConnection</code> on
Emscripten.
(<code>[#3752](https://github.com/urllib3/urllib3/issues/3752)
&lt;https://github.com/urllib3/urllib3/issues/3752&gt;</code>__)</li>
</ul>
<h1>2.6.2 (2025-12-11)</h1>
<ul>
<li>Fixed <code>HTTPResponse.read_chunked()</code> to properly handle
leftover data in
the decoder's buffer when reading compressed chunked responses.
(<code>[#3734](https://github.com/urllib3/urllib3/issues/3734)
&lt;https://github.com/urllib3/urllib3/issues/3734&gt;</code>__)</li>
</ul>
<h1>2.6.1 (2025-12-08)</h1>
<ul>
<li>Restore previously removed <code>HTTPResponse.getheaders()</code>
and
<code>HTTPResponse.getheader()</code> methods.
(<code>[#3731](https://github.com/urllib3/urllib3/issues/3731)
&lt;https://github.com/urllib3/urllib3/issues/3731&gt;</code>__)</li>
</ul>
<h1>2.6.0 (2025-12-05)</h1>
<h2>Security</h2>
<ul>
<li>Fixed a security issue where streaming API could improperly handle
highly
compressed HTTP content (&quot;decompression bombs&quot;) leading to
excessive resource
consumption even when a small amount of data was requested. Reading
small
chunks of compressed data is safer and much more efficient now.
(<code>GHSA-2xpw-w6gg-jr37
&lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37&gt;</code>__)</li>
<li>Fixed a security issue where an attacker could compose an HTTP
response with
virtually unlimited links in the <code>Content-Encoding</code> header,
potentially
leading to a denial of service (DoS) attack by exhausting system
resources
during decoding. The number of allowed chained encodings is now limited
to 5.
(<code>GHSA-gm62-xv2j-4w53
&lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53&gt;</code>__)</li>
</ul>
<p>.. caution::</p>
<ul>
<li>If urllib3 is not installed with the optional
<code>urllib3[brotli]</code> extra, but
your environment contains a Brotli/brotlicffi/brotlipy package anyway,
make
sure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to
benefit from the security fixes and avoid warnings. Prefer using</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0248277dd7"><code>0248277</code></a>
Release 2.6.3</li>
<li><a
href="8864ac407b"><code>8864ac4</code></a>
Merge commit from fork</li>
<li><a
href="70cecb27ca"><code>70cecb2</code></a>
Fix Scorecard issues related to vulnerable dev dependencies (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3755">#3755</a>)</li>
<li><a
href="41f249abe1"><code>41f249a</code></a>
Move &quot;v2.0 Migration Guide&quot; to the end of the table of
contents (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3747">#3747</a>)</li>
<li><a
href="fd4dffd2fc"><code>fd4dffd</code></a>
Patch <code>VerifiedHTTPSConnection</code> for Emscripten (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3752">#3752</a>)</li>
<li><a
href="13f0bfd55e"><code>13f0bfd</code></a>
Handle massive values in Retry-After when calculating time to sleep for
(<a
href="https://redirect.github.com/urllib3/urllib3/issues/3743">#3743</a>)</li>
<li><a
href="8c480bf87b"><code>8c480bf</code></a>
Bump actions/upload-artifact from 5.0.0 to 6.0.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3748">#3748</a>)</li>
<li><a
href="4b40616e95"><code>4b40616</code></a>
Bump actions/cache from 4.3.0 to 5.0.1 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3750">#3750</a>)</li>
<li><a
href="82b8479663"><code>82b8479</code></a>
Bump actions/download-artifact from 6.0.0 to 7.0.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3749">#3749</a>)</li>
<li><a
href="34284cb017"><code>34284cb</code></a>
Mention experimental features in the security policy (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3746">#3746</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/urllib3/urllib3/compare/2.5.0...2.6.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=uv&previous-version=2.5.0&new-version=2.6.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/evroon/bracket/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-20 04:14:12 +00:00
dependabot[bot]
19b5a2924e Bump aiohttp from 3.13.2 to 3.13.3 in /backend (#1524) 
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=aiohttp&package-manager=uv&previous-version=3.13.2&new-version=3.13.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/evroon/bracket/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-20 04:13:56 +00:00
dependabot[bot]
4a6258ded3 Bump pyrefly from 0.47.0 to 0.48.0 in /backend (#1519) 
Bumps [pyrefly](https://github.com/facebook/pyrefly) from 0.47.0 to
0.48.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="468f7d55b4"><code>468f7d5</code></a>
Update pyrefly version]</li>
<li><a
href="96c01a087f"><code>96c01a0</code></a>
Add failing testcase for private attributes</li>
<li><a
href="583707b1af"><code>583707b</code></a>
Add testcase to document aggregate behavior</li>
<li><a
href="5e77d5a188"><code>5e77d5a</code></a>
Remove jinja and typeshed-stats from mypy primer blocklist</li>
<li><a
href="862bfcc4cf"><code>862bfcc</code></a>
Add additional test cases</li>
<li><a
href="59098f44a5"><code>59098f4</code></a>
fix Not inferring generic type for variable typed as Callable with
TypeVar <a
href="https://redirect.github.com/facebook/pyrefly/issues/1">#1</a>...</li>
<li><a
href="7f0ca20a16"><code>7f0ca20</code></a>
Allow mypy_primer results for xarray</li>
<li><a
href="b78342deaa"><code>b78342d</code></a>
Allow mypy_primer results for scikit learn</li>
<li><a
href="4311f9b011"><code>4311f9b</code></a>
Allow mypy primer for arviz</li>
<li><a
href="1279c6741e"><code>1279c67</code></a>
Allow mypy primer for pytest</li>
<li>Additional commits viewable in <a
href="https://github.com/facebook/pyrefly/compare/0.47.0...0.48.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pyrefly&package-manager=uv&previous-version=0.47.0&new-version=0.48.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-13 06:17:51 +00:00
dependabot[bot]
f8b595c2ae Bump alembic from 1.17.1 to 1.18.0 in /backend (#1518) 
Bumps [alembic](https://github.com/sqlalchemy/alembic) from 1.17.1 to
1.18.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sqlalchemy/alembic/releases">alembic's
releases</a>.</em></p>
<blockquote>
<h1>1.18.0</h1>
<p>Released: January 9, 2026</p>
<h2>feature</h2>
<ul>
<li>
<p><strong>[feature] [operations]</strong> When alembic is run in
&quot;verbose&quot; mode, alembic now logs a message to
indicate from which file is used to load the configuration.</p>
<p>References: <a
href="https://redirect.github.com/sqlalchemy/alembic/issues/1737">#1737</a></p>
</li>
<li>
<p><strong>[feature] [autogenerate]</strong> Autogenerate reflection
sweeps now use the &quot;bulk&quot; inspector methods
introduced in SQLAlchemy 2.0, which for selected dialects including
PostgreSQL and Oracle use batched queries to reflect whole collections
of
tables using O(1) queries rather than O(N).</p>
<p>References: <a
href="https://redirect.github.com/sqlalchemy/alembic/issues/1771">#1771</a></p>
</li>
<li>
<p><strong>[feature] [autogenerate]</strong> Release 1.18.0 introduces a
plugin system that allows for automatic
loading of third-party extensions as well as configurable autogenerate
compare functionality on a per-environment basis.</p>
<p>The <code>Plugin</code> class provides a common interface for
extensions that
register handlers among Alembic's existing extension points such as
<code>Operations.register_operation()</code> and
<code>Operations.implementation_for()</code>. A new interface for
registering
autogenerate comparison handlers,
<code>Plugin.add_autogenerate_comparator()</code>, provides for
autogenerate
compare functionality that may be custom-configured on a per-environment
basis using the new
<code>EnvironmentContext.configure.autogenerate_plugins</code>
parameter.</p>
<p>The change does not impact well known Alembic add-ons such as
<code>alembic-utils</code>, which continue to work as before; however,
such add-ons
have the option to provide plugin entrypoints going forward.</p>
<p>As part of this change, Alembic's autogenerate compare functionality
is
reorganized into a series of internal plugins under the
<code>alembic.autogenerate</code> namespace, which may be individually
or
collectively identified for inclusion and/or exclusion within the
<code>EnvironmentContext.configure()</code> call using a new parameter
<code>EnvironmentContext.configure.autogenerate_plugins</code>. This
parameter is also where third party comparison plugins may also be
indicated.</p>
<p>See <code>alembic.plugins.toplevel</code> for complete documentation
on
the new <code>Plugin</code> class as well as autogenerate-specific usage
instructions.</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/sqlalchemy/alembic/commits">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=alembic&package-manager=uv&previous-version=1.17.1&new-version=1.18.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-13 06:17:29 +00:00
dependabot[bot]
3f22bc08c5 Bump sentry-sdk from 2.48.0 to 2.49.0 in /backend (#1517) 
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from
2.48.0 to 2.49.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-python/releases">sentry-sdk's
releases</a>.</em></p>
<blockquote>
<h2>2.49.0</h2>
<h3>New Features </h3>
<ul>
<li>feat(api): Add <code>Scope.set_attribute</code> by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5256">#5256</a></li>
</ul>
<h3>Bug Fixes 🐛</h3>
<ul>
<li>fix(grpc): Gate third-party imports by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5246">#5246</a></li>
<li>fix(opentelemetry): Gate third-party imports by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5247">#5247</a></li>
<li>fix(ray): Keep variadic kwargs last in signatures by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5244">#5244</a></li>
<li>fix(trytond): Gate third-party imports by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5245">#5245</a></li>
<li>Fix openai count_tokens by <a
href="https://github.com/sl0thentr0py"><code>@​sl0thentr0py</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5281">#5281</a></li>
</ul>
<h3>Documentation 📚</h3>
<ul>
<li>docs: Fix typo in comment by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5280">#5280</a></li>
<li>docs: Fix <code>middleware_spans</code> docstring by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5279">#5279</a></li>
</ul>
<h3>Internal Changes 🔧</h3>
<ul>
<li>ref(scope): Set global attrs on global scope by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5259">#5259</a></li>
<li>chore: Ignore type migration for scripts/ and tests/ in blame by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5284">#5284</a></li>
<li>ref: Properly override parent func by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5283">#5283</a></li>
<li>ci: Allow to use Craft's new auto-versioning by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5218">#5218</a></li>
<li>ref: Deduplicate batchers by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5263">#5263</a></li>
<li>tests: Add dedicated transport format test for metrics, logs by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5264">#5264</a></li>
<li>ci: 🤖 Update test matrix with new releases (01/05) by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5273">#5273</a></li>
<li>tests: General logs tests should use Sentry logs API by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5262">#5262</a></li>
<li>tests: Test preserialization of attributes by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5260">#5260</a></li>
<li>ci: Unpin Pydantic 1.x version in tests by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5261">#5261</a></li>
<li>ref: Make logs, metrics go via scope by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5213">#5213</a></li>
<li>ci: Fix failing arq, fastapi tests on 3.7; update test matrix by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5258">#5258</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md">sentry-sdk's
changelog</a>.</em></p>
<blockquote>
<h2>2.49.0</h2>
<h3>New Features </h3>
<ul>
<li>feat(api): Add <code>Scope.set_attribute</code> by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5256">#5256</a></li>
</ul>
<h3>Bug Fixes 🐛</h3>
<ul>
<li>fix(grpc): Gate third-party imports by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5246">#5246</a></li>
<li>fix(opentelemetry): Gate third-party imports by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5247">#5247</a></li>
<li>fix(ray): Keep variadic kwargs last in signatures by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5244">#5244</a></li>
<li>fix(trytond): Gate third-party imports by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5245">#5245</a></li>
<li>Fix openai count_tokens by <a
href="https://github.com/sl0thentr0py"><code>@​sl0thentr0py</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5281">#5281</a></li>
</ul>
<h3>Documentation 📚</h3>
<ul>
<li>docs: Fix typo in comment by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5280">#5280</a></li>
<li>docs: Fix <code>middleware_spans</code> docstring by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5279">#5279</a></li>
</ul>
<h3>Internal Changes 🔧</h3>
<ul>
<li>ref(scope): Set global attrs on global scope by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5259">#5259</a></li>
<li>chore: Ignore type migration for scripts/ and tests/ in blame by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5284">#5284</a></li>
<li>ref: Properly override parent func by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5283">#5283</a></li>
<li>ci: Allow to use Craft's new auto-versioning by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5218">#5218</a></li>
<li>ref: Deduplicate batchers by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5263">#5263</a></li>
<li>tests: Add dedicated transport format test for metrics, logs by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5264">#5264</a></li>
<li>ci: 🤖 Update test matrix with new releases (01/05) by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5273">#5273</a></li>
<li>tests: General logs tests should use Sentry logs API by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5262">#5262</a></li>
<li>tests: Test preserialization of attributes by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5260">#5260</a></li>
<li>ci: Unpin Pydantic 1.x version in tests by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5261">#5261</a></li>
<li>ref: Make logs, metrics go via scope by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5213">#5213</a></li>
<li>ci: Fix failing arq, fastapi tests on 3.7; update test matrix by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5258">#5258</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="2c85e64f99"><code>2c85e64</code></a>
release: 2.49.0</li>
<li><a
href="8f273d45ea"><code>8f273d4</code></a>
chore: Ignore type migration for scripts/ and tests/ in blame (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5284">#5284</a>)</li>
<li><a
href="dc8a8e5b0d"><code>dc8a8e5</code></a>
ref: Properly override parent func (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5283">#5283</a>)</li>
<li><a
href="485aa6ddb3"><code>485aa6d</code></a>
ci: Allow to use Craft's new auto-versioning (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5218">#5218</a>)</li>
<li><a
href="c8d8d60bef"><code>c8d8d60</code></a>
docs: Fix typo in comment (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5280">#5280</a>)</li>
<li><a
href="6039305f7a"><code>6039305</code></a>
ref: Deduplicate batchers (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5263">#5263</a>)</li>
<li><a
href="f2317dc4c7"><code>f2317dc</code></a>
ref(scope): Set global attrs on global scope (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5259">#5259</a>)</li>
<li><a
href="3d83b3912a"><code>3d83b39</code></a>
fix(ray): Keep variadic kwargs last in signatures (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5244">#5244</a>)</li>
<li><a
href="f5c51fc4a5"><code>f5c51fc</code></a>
Fix openai count_tokens (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5281">#5281</a>)</li>
<li><a
href="a979755d26"><code>a979755</code></a>
docs: Fix <code>middleware_spans</code> docstring (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5279">#5279</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/getsentry/sentry-python/compare/2.48.0...2.49.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry-sdk&package-manager=uv&previous-version=2.48.0&new-version=2.49.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-13 06:17:01 +00:00
dependabot[bot]
af0f77030b Bump pyrefly from 0.46.0 to 0.47.0 in /backend (#1512) 
Bumps [pyrefly](https://github.com/facebook/pyrefly) from 0.46.0 to
0.47.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="65be741335"><code>65be741</code></a>
Update pyrefly version]</li>
<li><a
href="b104e3bf39"><code>b104e3b</code></a>
fix: Pyrefly should narrow to intersection, not Never, for a TypeIs call
(<a
href="https://redirect.github.com/facebook/pyrefly/issues/1924">#1924</a>)</li>
<li><a
href="16b0e2bda4"><code>16b0e2b</code></a>
Add test files for pydantic.dataclasses</li>
<li><a
href="f39c7d119c"><code>f39c7d1</code></a>
fix Support types like pydantic.types.PositiveInt <a
href="https://redirect.github.com/facebook/pyrefly/issues/1451">#1451</a>
able to check call si...</li>
<li><a
href="2d2a146d8a"><code>2d2a146</code></a>
Report Non-Exhaustive match Statements <a
href="https://redirect.github.com/facebook/pyrefly/issues/400">#400</a>
(<a
href="https://redirect.github.com/facebook/pyrefly/issues/1833">#1833</a>)</li>
<li><a
href="d1979ac5fa"><code>d1979ac</code></a>
fix: Resolve TypeVars in generic TypedDict inheritance with Unpack (<a
href="https://redirect.github.com/facebook/pyrefly/issues/1922">#1922</a>)</li>
<li><a
href="c6ee5edd5b"><code>c6ee5ed</code></a>
Update pydantic documentation to explain lax mode</li>
<li><a
href="2c2cb49fa2"><code>2c2cb49</code></a>
fix Special output format for Github actions <a
href="https://redirect.github.com/facebook/pyrefly/issues/1599">#1599</a>
(<a
href="https://redirect.github.com/facebook/pyrefly/issues/1785">#1785</a>)</li>
<li><a
href="a489d5e550"><code>a489d5e</code></a>
fix LSP: Provide key autocompletion on annotated TypedDict <a
href="https://redirect.github.com/facebook/pyrefly/issues/1886">#1886</a>
(<a
href="https://redirect.github.com/facebook/pyrefly/issues/1964">#1964</a>)</li>
<li><a
href="cbaf45ef18"><code>cbaf45e</code></a>
Bump qs from 6.13.0 to 6.14.1 in /lsp (<a
href="https://redirect.github.com/facebook/pyrefly/issues/1966">#1966</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/facebook/pyrefly/compare/0.46.0...0.47.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pyrefly&package-manager=uv&previous-version=0.46.0&new-version=0.47.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-06 04:09:10 +00:00
Erik Vroon
25262a59f9 Allow running backend on prefixed url (#1495) 2025-12-29 20:28:17 +01:00
Erik Vroon
bf8e4f0f05 Unignore uv.lock file (#1493) 2025-12-29 18:41:10 +00:00
Erik Vroon
6a03ea7294 Allow serving frontend via backend (#1492) 
This should make it easier to run Bracket in development/simple
production environments because you only need to run 1 Docker container.
Also, it avoids CORS problems because the frontend and backend run on
the same domain.
 2025-12-29 18:35:40 +00:00
dependabot[bot]
e5105a614c Bump fastapi from 0.127.0 to 0.128.0 in /backend (#1491) 
Bumps [fastapi](https://github.com/fastapi/fastapi) from 0.127.0 to
0.128.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/fastapi/fastapi/releases">fastapi's
releases</a>.</em></p>
<blockquote>
<h2>0.128.0</h2>
<h3>Breaking Changes</h3>
<ul>
<li> Drop support for <code>pydantic.v1</code>. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14609">#14609</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
</ul>
<h3>Internal</h3>
<ul>
<li> Run performance tests only on Pydantic v2. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14608">#14608</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
</ul>
<h2>0.127.1</h2>
<h3>Refactors</h3>
<ul>
<li>🔊 Add a custom <code>FastAPIDeprecationWarning</code>. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14605">#14605</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
</ul>
<h3>Docs</h3>
<ul>
<li>📝 Add documentary to website. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14600">#14600</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
</ul>
<h3>Translations</h3>
<ul>
<li>🌐 Update translations for de (update-outdated). PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14602">#14602</a>
by <a
href="https://github.com/nilslindemann"><code>@​nilslindemann</code></a>.</li>
<li>🌐 Update translations for de (update-outdated). PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14581">#14581</a>
by <a
href="https://github.com/nilslindemann"><code>@​nilslindemann</code></a>.</li>
</ul>
<h3>Internal</h3>
<ul>
<li>🔧 Update pre-commit to use local Ruff instead of hook. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14604">#14604</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li> Add missing tests for code examples. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14569">#14569</a>
by <a
href="https://github.com/YuriiMotov"><code>@​YuriiMotov</code></a>.</li>
<li>👷 Remove <code>lint</code> job from <code>test</code> CI workflow.
PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14593">#14593</a>
by <a
href="https://github.com/YuriiMotov"><code>@​YuriiMotov</code></a>.</li>
<li>👷 Update secrets check. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14592">#14592</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>👷 Run CodSpeed tests in parallel to other tests to speed up CI. PR
<a
href="https://redirect.github.com/fastapi/fastapi/pull/14586">#14586</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>🔨 Update scripts and pre-commit to autofix files. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14585">#14585</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="8322a4445a"><code>8322a44</code></a>
🔖 Release version 0.128.0</li>
<li><a
href="4b2cfcfd34"><code>4b2cfcf</code></a>
📝 Update release notes</li>
<li><a
href="e300630551"><code>e300630</code></a>
 Drop support for <code>pydantic.v1</code> (<a
href="https://redirect.github.com/fastapi/fastapi/issues/14609">#14609</a>)</li>
<li><a
href="1b3bea8b6b"><code>1b3bea8</code></a>
📝 Update release notes</li>
<li><a
href="34e884156f"><code>34e8841</code></a>
 Run performance tests only on Pydantic v2 (<a
href="https://redirect.github.com/fastapi/fastapi/issues/14608">#14608</a>)</li>
<li><a
href="cd90c78391"><code>cd90c78</code></a>
🔖 Release version 0.127.1</li>
<li><a
href="93f4dfd88b"><code>93f4dfd</code></a>
📝 Update release notes</li>
<li><a
href="535b5daa31"><code>535b5da</code></a>
🔊 Add a custom <code>FastAPIDeprecationWarning</code> (<a
href="https://redirect.github.com/fastapi/fastapi/issues/14605">#14605</a>)</li>
<li><a
href="6b53786f62"><code>6b53786</code></a>
📝 Update release notes</li>
<li><a
href="d98f4eb56e"><code>d98f4eb</code></a>
🔧 Update pre-commit to use local Ruff instead of hook (<a
href="https://redirect.github.com/fastapi/fastapi/issues/14604">#14604</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/fastapi/fastapi/compare/0.127.0...0.128.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=fastapi&package-manager=uv&previous-version=0.127.0&new-version=0.128.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-29 04:21:56 +00:00
dependabot[bot]
6245fb611f Bump uvicorn from 0.38.0 to 0.40.0 in /backend (#1486) 
Bumps [uvicorn](https://github.com/Kludex/uvicorn) from 0.38.0 to
0.40.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/Kludex/uvicorn/releases">uvicorn's
releases</a>.</em></p>
<blockquote>
<h2>Version 0.40.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Drop Python 3.9 by <a
href="https://github.com/Kludex"><code>@​Kludex</code></a> in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2772">Kludex/uvicorn#2772</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Kludex/uvicorn/compare/0.39.0...0.40.0">https://github.com/Kludex/uvicorn/compare/0.39.0...0.40.0</a></p>
<h2>Version 0.39.0</h2>
<h2>What's Changed</h2>
<ul>
<li>explicitly start ASGI run with empty context by <a
href="https://github.com/pmeier"><code>@​pmeier</code></a> in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2742">Kludex/uvicorn#2742</a></li>
<li>fix(websockets): Send close frame on ASGI return by <a
href="https://github.com/Kludex"><code>@​Kludex</code></a> in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2769">Kludex/uvicorn#2769</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/pmeier"><code>@​pmeier</code></a> made
their first contribution in <a
href="https://redirect.github.com/Kludex/uvicorn/pull/2742">Kludex/uvicorn#2742</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Kludex/uvicorn/compare/0.38.0...0.39.0">https://github.com/Kludex/uvicorn/compare/0.38.0...0.39.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/Kludex/uvicorn/blob/main/docs/release-notes.md">uvicorn's
changelog</a>.</em></p>
<blockquote>
<h2>0.40.0 (December 21, 2025)</h2>
<h3>Remove</h3>
<ul>
<li>Drop support for Python 3.9 (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2772">#2772</a>)</li>
</ul>
<h2>0.39.0 (December 21, 2025)</h2>
<h3>Fixed</h3>
<ul>
<li>Send close frame on ASGI return for WebSockets (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2769">#2769</a>)</li>
<li>Explicitly start ASGI run with empty context (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2742">#2742</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="9ff60042a5"><code>9ff6004</code></a>
Version 0.40.0 (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2773">#2773</a>)</li>
<li><a
href="19df042c54"><code>19df042</code></a>
Drop Python 3.9 (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2772">#2772</a>)</li>
<li><a
href="865ce7c0b4"><code>865ce7c</code></a>
Run strict mypy on test suite (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2771">#2771</a>)</li>
<li><a
href="4f40b84957"><code>4f40b84</code></a>
Version 0.39.0 (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2770">#2770</a>)</li>
<li><a
href="5692dfc416"><code>5692dfc</code></a>
fix(websockets): Send close frame on ASGI return (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2769">#2769</a>)</li>
<li><a
href="4194764a26"><code>4194764</code></a>
chore(deps): bump the github-actions group with 2 updates (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2763">#2763</a>)</li>
<li><a
href="d94bf28743"><code>d94bf28</code></a>
explicitly start ASGI run with empty context (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2742">#2742</a>)</li>
<li><a
href="8ae0bcbecb"><code>8ae0bcb</code></a>
chore(deps): bump the github-actions group with 2 updates (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2748">#2748</a>)</li>
<li><a
href="4744ff9a1a"><code>4744ff9</code></a>
Add groups configuration for GitHub Actions (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2747">#2747</a>)</li>
<li><a
href="0391372376"><code>0391372</code></a>
chore(deps): bump astral-sh/setup-uv from 6.8.0 to 7.1.2 (<a
href="https://redirect.github.com/Kludex/uvicorn/issues/2746">#2746</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/Kludex/uvicorn/compare/0.38.0...0.40.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=uvicorn&package-manager=uv&previous-version=0.38.0&new-version=0.40.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-22 04:25:06 +00:00
dependabot[bot]
c0ac90a49c Bump fastapi from 0.125.0 to 0.127.0 in /backend (#1485) 
Bumps [fastapi](https://github.com/fastapi/fastapi) from 0.125.0 to
0.127.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/fastapi/fastapi/releases">fastapi's
releases</a>.</em></p>
<blockquote>
<h2>0.127.0</h2>
<h3>Breaking Changes</h3>
<ul>
<li>🔊 Add deprecation warnings when using <code>pydantic.v1</code>. PR
<a
href="https://redirect.github.com/fastapi/fastapi/pull/14583">#14583</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
</ul>
<h3>Translations</h3>
<ul>
<li>🔧 Add LLM prompt file for Korean, generated from the existing
translations. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14546">#14546</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>🔧 Add LLM prompt file for Japanese, generated from the existing
translations. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14545">#14545</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
</ul>
<h3>Internal</h3>
<ul>
<li>⬆️ Upgrade OpenAI model for translations to gpt-5.2. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14579">#14579</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
</ul>
<h2>0.126.0</h2>
<h3>Upgrades</h3>
<ul>
<li> Drop support for Pydantic v1, keeping short temporary support for
Pydantic v2's <code>pydantic.v1</code>. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14575">#14575</a>
by <a href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.
<ul>
<li>The minimum version of Pydantic installed is now <code>pydantic
&gt;=2.7.0</code>.</li>
<li>The <code>standard</code> dependencies now include
<code>pydantic-settings &gt;=2.0.0</code> and <code>pydantic-extra-types
&gt;=2.0.0</code>.</li>
</ul>
</li>
</ul>
<h3>Docs</h3>
<ul>
<li>📝 Fix duplicated variable in
<code>docs_src/python_types/tutorial005_py39.py</code>. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14565">#14565</a>
by <a
href="https://github.com/paras-verma7454"><code>@​paras-verma7454</code></a>.</li>
</ul>
<h3>Translations</h3>
<ul>
<li>🔧 Add LLM prompt file for Ukrainian, generated from the existing
translations. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14548">#14548</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
</ul>
<h3>Internal</h3>
<ul>
<li>🔧 Tweak pre-commit to allow committing release-notes. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14577">#14577</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>⬆️ Use prek as a pre-commit alternative. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14572">#14572</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>👷 Add performance tests with CodSpeed. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14558">#14558</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c4a1ab5036"><code>c4a1ab5</code></a>
🔖 Release version 0.127.0</li>
<li><a
href="22c7200ebb"><code>22c7200</code></a>
📝 Update release notes</li>
<li><a
href="6e42bcd8ce"><code>6e42bcd</code></a>
🔊 Add deprecation warnings when using <code>pydantic.v1</code> (<a
href="https://redirect.github.com/fastapi/fastapi/issues/14583">#14583</a>)</li>
<li><a
href="6513d4daa1"><code>6513d4d</code></a>
📝 Update release notes</li>
<li><a
href="1d93d531bc"><code>1d93d53</code></a>
⬆️ Upgrade OpenAI model for translations to gpt-5.2 (<a
href="https://redirect.github.com/fastapi/fastapi/issues/14579">#14579</a>)</li>
<li><a
href="c2c1cc8aec"><code>c2c1cc8</code></a>
📝 Update release notes</li>
<li><a
href="5289259275"><code>5289259</code></a>
🔧 Add LLM prompt file for Korean, generated from the existing
translations (#...</li>
<li><a
href="5783910d0c"><code>5783910</code></a>
📝 Update release notes</li>
<li><a
href="026b43e5d3"><code>026b43e</code></a>
🔧 Add LLM prompt file for Japanese, generated from the existing
translations ...</li>
<li><a
href="6b591ddd7e"><code>6b591dd</code></a>
📝 Update release notes</li>
<li>Additional commits viewable in <a
href="https://github.com/fastapi/fastapi/compare/0.125.0...0.127.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=fastapi&package-manager=uv&previous-version=0.125.0&new-version=0.127.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-22 04:24:45 +00:00
Erik Vroon
016ce4d9fe Use hey api tournament types (#1481) 2025-12-21 16:15:51 +00:00
Erik Vroon
a548ff6d61 Use hey-api (#1479) 
Store the `openapi.json` of the backend in the repo and import it using
https://heyapi.dev/ to generate TypeScript types for the backend API
query params, responses, bodies.
 2025-12-20 19:32:33 +01:00
dependabot[bot]
77e91508df Bump fastapi-sso from 0.18.0 to 0.19.0 in /backend (#1478) 
Bumps [fastapi-sso](https://github.com/tomasvotava/fastapi-sso) from
0.18.0 to 0.19.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tomasvotava/fastapi-sso/releases">fastapi-sso's
releases</a>.</em></p>
<blockquote>
<h2>0.19.0</h2>
<p>️⚠️ A critical OAuth login CSRF vulnerability caused by missing
<code>state</code> validation was
reported by <a
href="https://github.com/davidbors-snyk"><code>@​davidbors-snyk</code></a>
(Snyk Security Labs)
in <a
href="https://redirect.github.com/tomasvotava/fastapi-sso/issues/266">#266</a>
and has been resolved
in version <code>0.19.0</code>.</p>
<p>Starting with <code>fastapi-sso==1.0.0</code>, OAuth
<code>state</code> will be backed by a pluggable server-side store
(in-memory by default, with support for external stores such as
<code>Redis</code>).</p>
<h2>What's Changed</h2>
<ul>
<li>chore(deps): bump the all group with 11 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tomasvotava/fastapi-sso/pull/230">tomasvotava/fastapi-sso#230</a></li>
<li>chore(deps): bump the all group with 3 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tomasvotava/fastapi-sso/pull/231">tomasvotava/fastapi-sso#231</a></li>
<li>chore(deps): bump the all group with 6 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tomasvotava/fastapi-sso/pull/232">tomasvotava/fastapi-sso#232</a></li>
<li>chore(deps): bump the all group with 4 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tomasvotava/fastapi-sso/pull/233">tomasvotava/fastapi-sso#233</a></li>
<li>chore(deps-dev): bump the all group with 3 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tomasvotava/fastapi-sso/pull/234">tomasvotava/fastapi-sso#234</a></li>
<li>chore(deps-dev): bump the all group with 2 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tomasvotava/fastapi-sso/pull/235">tomasvotava/fastapi-sso#235</a></li>
<li>chore(deps): bump the all group across 1 directory with 3 updates by
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tomasvotava/fastapi-sso/pull/237">tomasvotava/fastapi-sso#237</a></li>
<li>chore(deps): bump the all group across 1 directory with 3 updates by
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tomasvotava/fastapi-sso/pull/239">tomasvotava/fastapi-sso#239</a></li>
<li>chore(deps-dev): bump the all group across 1 directory with 4
updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tomasvotava/fastapi-sso/pull/241">tomasvotava/fastapi-sso#241</a></li>
<li>chore(deps): bump the all group with 5 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tomasvotava/fastapi-sso/pull/242">tomasvotava/fastapi-sso#242</a></li>
<li>chore(deps): bump the all group across 1 directory with 10 updates
by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tomasvotava/fastapi-sso/pull/247">tomasvotava/fastapi-sso#247</a></li>
<li>chore(deps-dev): bump the all group with 3 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tomasvotava/fastapi-sso/pull/248">tomasvotava/fastapi-sso#248</a></li>
<li>chore(deps-dev): bump the all group across 1 directory with 3
updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tomasvotava/fastapi-sso/pull/251">tomasvotava/fastapi-sso#251</a></li>
<li>chore(deps-dev): bump the all group with 3 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tomasvotava/fastapi-sso/pull/252">tomasvotava/fastapi-sso#252</a></li>
<li>chore(deps-dev): bump the all group with 2 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tomasvotava/fastapi-sso/pull/253">tomasvotava/fastapi-sso#253</a></li>
<li>chore(deps): bump the all group with 2 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tomasvotava/fastapi-sso/pull/254">tomasvotava/fastapi-sso#254</a></li>
<li>chore(deps): bump the all group across 1 directory with 12 updates
by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tomasvotava/fastapi-sso/pull/259">tomasvotava/fastapi-sso#259</a></li>
<li>fix: enforce state validation by <a
href="https://github.com/davidbors-snyk"><code>@​davidbors-snyk</code></a>
in <a
href="https://redirect.github.com/tomasvotava/fastapi-sso/pull/267">tomasvotava/fastapi-sso#267</a></li>
<li>chore(deps): bump the all group across 1 directory with 7 updates by
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tomasvotava/fastapi-sso/pull/265">tomasvotava/fastapi-sso#265</a></li>
<li>docs(<a
href="https://redirect.github.com/tomasvotava/fastapi-sso/issues/266">#266</a>):
warn against using state as an arbitrary data transport by <a
href="https://github.com/tomasvotava"><code>@​tomasvotava</code></a> in
<a
href="https://redirect.github.com/tomasvotava/fastapi-sso/pull/269">tomasvotava/fastapi-sso#269</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/davidbors-snyk"><code>@​davidbors-snyk</code></a>
made their first contribution in <a
href="https://redirect.github.com/tomasvotava/fastapi-sso/pull/267">tomasvotava/fastapi-sso#267</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/tomasvotava/fastapi-sso/compare/0.18.0...0.19.0">https://github.com/tomasvotava/fastapi-sso/compare/0.18.0...0.19.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c905eafe2d"><code>c905eaf</code></a>
chore: 0.18.0 =&gt; 0.19.0</li>
<li><a
href="94343bf276"><code>94343bf</code></a>
docs(<a
href="https://redirect.github.com/tomasvotava/fastapi-sso/issues/266">#266</a>):
warn against using state as an arbitrary data transport (<a
href="https://redirect.github.com/tomasvotava/fastapi-sso/issues/269">#269</a>)</li>
<li><a
href="d057c1d4db"><code>d057c1d</code></a>
chore(deps): bump the all group across 1 directory with 7 updates (<a
href="https://redirect.github.com/tomasvotava/fastapi-sso/issues/265">#265</a>)</li>
<li><a
href="6117d1a5ad"><code>6117d1a</code></a>
fix: enforce state validation (<a
href="https://redirect.github.com/tomasvotava/fastapi-sso/issues/267">#267</a>)</li>
<li><a
href="da63c19bca"><code>da63c19</code></a>
chore(deps): bump the all group across 1 directory with 12 updates (<a
href="https://redirect.github.com/tomasvotava/fastapi-sso/issues/259">#259</a>)</li>
<li><a
href="0ccaeddf9e"><code>0ccaedd</code></a>
chore(deps): bump the all group with 2 updates (<a
href="https://redirect.github.com/tomasvotava/fastapi-sso/issues/254">#254</a>)</li>
<li><a
href="a43e62e67d"><code>a43e62e</code></a>
chore(deps-dev): bump the all group with 2 updates (<a
href="https://redirect.github.com/tomasvotava/fastapi-sso/issues/253">#253</a>)</li>
<li><a
href="8cd706d335"><code>8cd706d</code></a>
chore(deps-dev): bump the all group with 3 updates (<a
href="https://redirect.github.com/tomasvotava/fastapi-sso/issues/252">#252</a>)</li>
<li><a
href="ea769fa223"><code>ea769fa</code></a>
chore(deps-dev): bump the all group across 1 directory with 3 updates
(<a
href="https://redirect.github.com/tomasvotava/fastapi-sso/issues/251">#251</a>)</li>
<li><a
href="7aba1e6ea4"><code>7aba1e6</code></a>
chore(deps-dev): bump the all group with 3 updates (<a
href="https://redirect.github.com/tomasvotava/fastapi-sso/issues/248">#248</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tomasvotava/fastapi-sso/compare/0.18.0...0.19.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=fastapi-sso&package-manager=uv&previous-version=0.18.0&new-version=0.19.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-18 04:32:09 +00:00
dependabot[bot]
5574dd6d7f Bump fastapi from 0.124.0 to 0.125.0 in /backend (#1477) 
Bumps [fastapi](https://github.com/fastapi/fastapi) from 0.124.0 to
0.125.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/fastapi/fastapi/releases">fastapi's
releases</a>.</em></p>
<blockquote>
<h2>0.125.0</h2>
<h3>Breaking Changes</h3>
<ul>
<li>🔧 Drop support for Python 3.8. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14563">#14563</a>
by <a href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.
<ul>
<li>This would actually not be a <em>breaking</em> change as no code
would really break. Any Python 3.8 installer would just refuse to
install the latest version of FastAPI and would only install 0.124.4.
Only marking it as a &quot;breaking change&quot; to make it
visible.</li>
</ul>
</li>
</ul>
<h3>Refactors</h3>
<ul>
<li>♻️ Upgrade internal syntax to Python 3.9+ 🎉. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14564">#14564</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
</ul>
<h3>Docs</h3>
<ul>
<li>⚰️ Remove Python 3.8 from CI and remove Python 3.8 examples from
source docs. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14559">#14559</a>
by <a href="https://github.com/YuriiMotov"><code>@​YuriiMotov</code></a>
and <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
</ul>
<h3>Translations</h3>
<ul>
<li>🌐 Update translations for pt (add-missing). PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14539">#14539</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>🔧 Add LLM prompt file for French, generated from the existing French
docs. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14544">#14544</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>🌐 Sync Portuguese docs (pages found with script). PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14554">#14554</a>
by <a
href="https://github.com/YuriiMotov"><code>@​YuriiMotov</code></a>.</li>
<li>🌐 Sync Spanish docs (outdated pages found with script). PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14553">#14553</a>
by <a
href="https://github.com/YuriiMotov"><code>@​YuriiMotov</code></a>.</li>
<li>🌐 Sync German docs. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14519">#14519</a>
by <a
href="https://github.com/nilslindemann"><code>@​nilslindemann</code></a>.</li>
<li>🔥 Remove inactive/scarce translations to Vietnamese. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14543">#14543</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>🔥 Remove inactive/scarce translations to Persian. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14542">#14542</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>🔥 Remove translation to emoji to simplify the new setup with LLM
autotranslations. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14541">#14541</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>🌐 Update translations for pt (update-outdated). PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14537">#14537</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>🌐 Update translations for es (update-outdated). PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14532">#14532</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>🌐 Update translations for es (add-missing). PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14533">#14533</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>🌐 Remove translations for removed docs. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14516">#14516</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
</ul>
<h3>Internal</h3>
<ul>
<li>⬆ Bump <code>markdown-include-variants</code> from 0.0.7 to 0.0.8.
PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14556">#14556</a>
by <a
href="https://github.com/YuriiMotov"><code>@​YuriiMotov</code></a>.</li>
<li>🔧 Temporarily disable translations still in progress, being migrated
to the new LLM setup. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14555">#14555</a>
by <a
href="https://github.com/YuriiMotov"><code>@​YuriiMotov</code></a>.</li>
<li>🔧 Update test workflow config, remove commented code. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14540">#14540</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>👷 Configure coverage, error on main tests, don't wait for Smokeshow.
PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14536">#14536</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>👷 Run Smokeshow always, even on test failures. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14538">#14538</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>👷 Make Pydantic versions customizable in CI. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14535">#14535</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>👷 Fix checkout GitHub Action fetch-depth for LLM translations,
enable cron monthly. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14531">#14531</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>👷 Fix Typer command for CI LLM translations. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14530">#14530</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>👷 Update LLM translation CI, add language matrix and extra commands,
prepare for scheduled run. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14529">#14529</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>👷 Update github-actions user for GitHub Actions workflows. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14528">#14528</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li> Add requirements for translations. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14515">#14515</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
</ul>
<h2>0.124.4</h2>
<h3>Fixes</h3>
<ul>
<li>🐛 Fix parameter aliases. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14371">#14371</a>
by <a
href="https://github.com/YuriiMotov"><code>@​YuriiMotov</code></a>.</li>
</ul>
<h2>0.124.3</h2>
<h3>Fixes</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c75f17d483"><code>c75f17d</code></a>
🔖 Release version 0.125.0</li>
<li><a
href="241ca9a533"><code>241ca9a</code></a>
📝 Update release notes</li>
<li><a
href="3f75f51255"><code>3f75f51</code></a>
📝 Update release notes</li>
<li><a
href="1c4fc96c91"><code>1c4fc96</code></a>
♻️ Upgrade internal syntax to Python 3.9+ 🎉 (<a
href="https://redirect.github.com/fastapi/fastapi/issues/14564">#14564</a>)</li>
<li><a
href="7f9709d75e"><code>7f9709d</code></a>
📝 Update release notes</li>
<li><a
href="84668c2acc"><code>84668c2</code></a>
🔧 Drop support for Python 3.8 (<a
href="https://redirect.github.com/fastapi/fastapi/issues/14563">#14563</a>)</li>
<li><a
href="e0fd79139e"><code>e0fd791</code></a>
📝 Update release notes</li>
<li><a
href="ed97d9dc0c"><code>ed97d9d</code></a>
⚰️ Remove Python 3.8 from CI and remove Python 3.8 examples from source
docs ...</li>
<li><a
href="99ef383398"><code>99ef383</code></a>
📝 Update release notes</li>
<li><a
href="56a549b4d5"><code>56a549b</code></a>
🌐 Update translations for pt (add-missing) (<a
href="https://redirect.github.com/fastapi/fastapi/issues/14539">#14539</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/fastapi/fastapi/compare/0.124.0...0.125.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=fastapi&package-manager=uv&previous-version=0.124.0&new-version=0.125.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-18 04:29:39 +00:00
dependabot[bot]
f4d4ee369f Bump sentry-sdk from 2.47.0 to 2.48.0 in /backend (#1474) 
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from
2.47.0 to 2.48.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-python/releases">sentry-sdk's
releases</a>.</em></p>
<blockquote>
<h2>2.48.0</h2>
<p>Middleware spans are now disabled by default in Django, Starlette and
FastAPI integrations. Set the <code>middleware_spans</code>
integration-level
option to capture individual spans per middleware layer. To record
Django middleware spans, for example, configure as follows</p>
<pre lang="python"><code>  import sentry_sdk
  from sentry_sdk.integrations.django import DjangoIntegration
<p>sentry_sdk.init(<br />
dsn=&quot;&lt;your-dsn&gt;&quot;,<br />
integrations=[<br />
DjangoIntegration(middleware_spans=True),<br />
],<br />
)<br />
</code></pre></p>
<h3>New Features </h3>
<ul>
<li>
<p>feat(ai): add single message truncation by <a
href="https://github.com/shellmayr"><code>@​shellmayr</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5079">#5079</a></p>
</li>
<li>
<p>feat(django): Add span around <code>Task.enqueue</code> by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5209">#5209</a></p>
</li>
<li>
<p>feat(starlette): Set transaction name when middleware spans are
disabled by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5223">#5223</a></p>
</li>
<li>
<p>feat: Add &quot;K_REVISION&quot; to environment variable release
check (exposed by cloud run) by <a
href="https://github.com/rpradal"><code>@​rpradal</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5222">#5222</a></p>
</li>
</ul>
<h4>Langgraph</h4>
<ul>
<li>feat(langgraph): Response model attribute on invocation spans by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5212">#5212</a></li>
<li>feat(langgraph): Usage attributes on invocation spans by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5211">#5211</a></li>
</ul>
<h4>OTLP</h4>
<ul>
<li>feat(otlp): Optionally capture exceptions from otel's
Span.record_exception api by <a
href="https://github.com/sl0thentr0py"><code>@​sl0thentr0py</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5235">#5235</a></li>
<li>feat(otlp): Implement new Propagator.inject for OTLPIntegration by
<a
href="https://github.com/sl0thentr0py"><code>@​sl0thentr0py</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5221">#5221</a></li>
</ul>
<h3>Bug Fixes 🐛</h3>
<h4>Integrations</h4>
<ul>
<li>
<p>fix(django): Set active thread ID when middleware spans are disabled
by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5220">#5220</a></p>
</li>
<li>
<p>fix(integrations): openai-agents fixing the input messages structure
which was wrapped too much in some cases by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5203">#5203</a></p>
</li>
<li>
<p>fix(integrations): openai-agents fix multi-patching of
<code>get_model</code> function by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5195">#5195</a></p>
</li>
<li>
<p>fix(integrations): add values for pydantic-ai and openai-agents to
<code>_INTEGRATION_DEACTIVATES</code> to prohibit double span creation
by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5196">#5196</a></p>
</li>
<li>
<p>fix(logs): Set <code>span_id</code> instead of
<code>sentry.trace.parent_span_id</code> attribute by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5241">#5241</a></p>
</li>
<li>
<p>fix(logs, metrics): Gate metrics, logs user attributes behind
<code>send_default_pii</code> by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5240">#5240</a></p>
</li>
<li>
<p>fix(pydantic-ai): Stop capturing internal exceptions by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5237">#5237</a></p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md">sentry-sdk's
changelog</a>.</em></p>
<blockquote>
<h2>2.48.0</h2>
<p>Middleware spans are now disabled by default in Django, Starlette and
FastAPI integrations. Set the <code>middleware_spans</code>
integration-level
option to capture individual spans per middleware layer. To record
Django middleware spans, for example, configure as follows</p>
<pre lang="python"><code>  import sentry_sdk
  from sentry_sdk.integrations.django import DjangoIntegration
<p>sentry_sdk.init(<br />
dsn=&quot;&lt;your-dsn&gt;&quot;,<br />
integrations=[<br />
DjangoIntegration(middleware_spans=True),<br />
],<br />
)<br />
</code></pre></p>
<h3>New Features </h3>
<ul>
<li>
<p>feat(ai): add single message truncation by <a
href="https://github.com/shellmayr"><code>@​shellmayr</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5079">#5079</a></p>
</li>
<li>
<p>feat(django): Add span around <code>Task.enqueue</code> by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5209">#5209</a></p>
</li>
<li>
<p>feat(starlette): Set transaction name when middleware spans are
disabled by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5223">#5223</a></p>
</li>
<li>
<p>feat: Add &quot;K_REVISION&quot; to environment variable release
check (exposed by cloud run) by <a
href="https://github.com/rpradal"><code>@​rpradal</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5222">#5222</a></p>
</li>
</ul>
<h4>Langgraph</h4>
<ul>
<li>feat(langgraph): Response model attribute on invocation spans by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5212">#5212</a></li>
<li>feat(langgraph): Usage attributes on invocation spans by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5211">#5211</a></li>
</ul>
<h4>OTLP</h4>
<ul>
<li>feat(otlp): Optionally capture exceptions from otel's
Span.record_exception api by <a
href="https://github.com/sl0thentr0py"><code>@​sl0thentr0py</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5235">#5235</a></li>
<li>feat(otlp): Implement new Propagator.inject for OTLPIntegration by
<a
href="https://github.com/sl0thentr0py"><code>@​sl0thentr0py</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5221">#5221</a></li>
</ul>
<h3>Bug Fixes 🐛</h3>
<h4>Integrations</h4>
<ul>
<li>
<p>fix(django): Set active thread ID when middleware spans are disabled
by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5220">#5220</a></p>
</li>
<li>
<p>fix(integrations): openai-agents fixing the input messages structure
which was wrapped too much in some cases by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5203">#5203</a></p>
</li>
<li>
<p>fix(integrations): openai-agents fix multi-patching of
<code>get_model</code> function by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5195">#5195</a></p>
</li>
<li>
<p>fix(integrations): add values for pydantic-ai and openai-agents to
<code>_INTEGRATION_DEACTIVATES</code> to prohibit double span creation
by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5196">#5196</a></p>
</li>
<li>
<p>fix(logs): Set <code>span_id</code> instead of
<code>sentry.trace.parent_span_id</code> attribute by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5241">#5241</a></p>
</li>
<li>
<p>fix(logs, metrics): Gate metrics, logs user attributes behind
<code>send_default_pii</code> by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5240">#5240</a></p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="32e9cac9b2"><code>32e9cac</code></a>
Phrasing and code formatting in changelog</li>
<li><a
href="bf3040395e"><code>bf30403</code></a>
Call out new default for middleware spans and fix formatting in
changelog</li>
<li><a
href="19e0d1fb8c"><code>19e0d1f</code></a>
Fix changelog</li>
<li><a
href="6516b8b627"><code>6516b8b</code></a>
release: 2.48.0</li>
<li><a
href="e275c9e943"><code>e275c9e</code></a>
Convert all remaining type annotations to PEP-526 format (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5239">#5239</a>)</li>
<li><a
href="a29b42171e"><code>a29b421</code></a>
fix(logs): Set <code>span_id</code> instead of
<code>sentry.trace.parent_span_id</code> attribute (...</li>
<li><a
href="a9d89f2ddd"><code>a9d89f2</code></a>
fix(pydantic-ai): Stop capturing internal exceptions (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5237">#5237</a>)</li>
<li><a
href="5606bb3e58"><code>5606bb3</code></a>
fix(logs, metrics): Gate metrics, logs user attributes behind
`send_default_p...</li>
<li><a
href="6046f2d046"><code>6046f2d</code></a>
ci: Unpin Python version for LiteLLM tests (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5238">#5238</a>)</li>
<li><a
href="42ed87a774"><code>42ed87a</code></a>
ci: 🤖 Update test matrix with new releases (12/15) (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5229">#5229</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/getsentry/sentry-python/compare/2.47.0...2.48.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry-sdk&package-manager=uv&previous-version=2.47.0&new-version=2.48.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-17 04:27:29 +00:00
dependabot[bot]
51a0252e23 Bump pydantic-settings from 2.1.0 to 2.12.0 in /backend (#1475) 
Bumps [pydantic-settings](https://github.com/pydantic/pydantic-settings)
from 2.1.0 to 2.12.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pydantic/pydantic-settings/releases">pydantic-settings's
releases</a>.</em></p>
<blockquote>
<h2>v2.12.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Support for enum kebab case. by <a
href="https://github.com/kschwab"><code>@​kschwab</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/686">pydantic/pydantic-settings#686</a></li>
<li>Apply source order: init &gt; env &gt; dotenv &gt; secrets &gt;
defaults and pres… by <a
href="https://github.com/chbndrhnns"><code>@​chbndrhnns</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/688">pydantic/pydantic-settings#688</a></li>
<li>Add NestedSecretsSettings source by <a
href="https://github.com/makukha"><code>@​makukha</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/690">pydantic/pydantic-settings#690</a></li>
<li>Strip non-explicit default values. by <a
href="https://github.com/kschwab"><code>@​kschwab</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/692">pydantic/pydantic-settings#692</a></li>
<li>Coerce env vars if strict is True. by <a
href="https://github.com/kschwab"><code>@​kschwab</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/693">pydantic/pydantic-settings#693</a></li>
<li>Restore init kwarg names before returning final state dictionary. by
<a href="https://github.com/kschwab"><code>@​kschwab</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/700">pydantic/pydantic-settings#700</a></li>
<li>Drop Python3.9 support by <a
href="https://github.com/hramezani"><code>@​hramezani</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/699">pydantic/pydantic-settings#699</a></li>
<li>Adapt test_protected_namespace_defaults for dev. Pydantic by <a
href="https://github.com/musicinmybrain"><code>@​musicinmybrain</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/637">pydantic/pydantic-settings#637</a></li>
<li>Add Python 3.14 by <a
href="https://github.com/hramezani"><code>@​hramezani</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/704">pydantic/pydantic-settings#704</a></li>
<li>Prepare release 2.12 by <a
href="https://github.com/hramezani"><code>@​hramezani</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/705">pydantic/pydantic-settings#705</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/chbndrhnns"><code>@​chbndrhnns</code></a> made
their first contribution in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/688">pydantic/pydantic-settings#688</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/pydantic/pydantic-settings/compare/v2.11.0...v2.12.0">https://github.com/pydantic/pydantic-settings/compare/v2.11.0...v2.12.0</a></p>
<h2>v2.11.0</h2>
<h2>What's Changed</h2>
<ul>
<li>CLI Serialize Support by <a
href="https://github.com/kschwab"><code>@​kschwab</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/643">pydantic/pydantic-settings#643</a></li>
<li>Inspect type aliases to determine if an annotation is complex by <a
href="https://github.com/tselepakis"><code>@​tselepakis</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/644">pydantic/pydantic-settings#644</a></li>
<li>Revert &quot;fix: Respect 'cli_parse_args' from model_config with
settings_customise_sources (<a
href="https://redirect.github.com/pydantic/pydantic-settings/issues/611">#611</a>)&quot;
by <a href="https://github.com/hramezani"><code>@​hramezani</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/655">pydantic/pydantic-settings#655</a></li>
<li>Remove parsing of command line arguments from
<code>CliSettingsSource.__init__</code>. by <a
href="https://github.com/trygve-baerland"><code>@​trygve-baerland</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/656">pydantic/pydantic-settings#656</a></li>
<li>turn off allow_abbrev on subparsers by <a
href="https://github.com/mroch"><code>@​mroch</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/658">pydantic/pydantic-settings#658</a></li>
<li>CLI Serialization Fixes by <a
href="https://github.com/kschwab"><code>@​kschwab</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/649">pydantic/pydantic-settings#649</a></li>
<li>Fix PydanticModel type checking. by <a
href="https://github.com/kschwab"><code>@​kschwab</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/659">pydantic/pydantic-settings#659</a></li>
<li>Avoid env_prefix falling back to env vars without prefix by <a
href="https://github.com/tselepakis"><code>@​tselepakis</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/648">pydantic/pydantic-settings#648</a></li>
<li>Warn if model_config sets unused keys for missing settings sources
by <a href="https://github.com/HomerusJa"><code>@​HomerusJa</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/663">pydantic/pydantic-settings#663</a></li>
<li>Included endpoint_url kwarg in AWSSecretsManagerSettingsSource class
by <a href="https://github.com/adrianohrl"><code>@​adrianohrl</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/664">pydantic/pydantic-settings#664</a></li>
<li>Fix typo (&quot;Accesing&quot;) in the &quot;Adding sources&quot;
docs by <a
href="https://github.com/deepyaman"><code>@​deepyaman</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/668">pydantic/pydantic-settings#668</a></li>
<li>CLI Windows Path Fix by <a
href="https://github.com/kschwab"><code>@​kschwab</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/669">pydantic/pydantic-settings#669</a></li>
<li>Cli root model support by <a
href="https://github.com/kschwab"><code>@​kschwab</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/677">pydantic/pydantic-settings#677</a></li>
<li>Snake case conversion in Azure Key Vault by <a
href="https://github.com/AndreuCodina"><code>@​AndreuCodina</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/680">pydantic/pydantic-settings#680</a></li>
<li>Make <code>InitSettingsSource</code> resolution deterministic by <a
href="https://github.com/enrico-stauss"><code>@​enrico-stauss</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/681">pydantic/pydantic-settings#681</a></li>
<li>Update deps by <a
href="https://github.com/hramezani"><code>@​hramezani</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/683">pydantic/pydantic-settings#683</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/tselepakis"><code>@​tselepakis</code></a> made
their first contribution in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/644">pydantic/pydantic-settings#644</a></li>
<li><a
href="https://github.com/trygve-baerland"><code>@​trygve-baerland</code></a>
made their first contribution in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/656">pydantic/pydantic-settings#656</a></li>
<li><a href="https://github.com/mroch"><code>@​mroch</code></a> made
their first contribution in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/658">pydantic/pydantic-settings#658</a></li>
<li><a href="https://github.com/HomerusJa"><code>@​HomerusJa</code></a>
made their first contribution in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/663">pydantic/pydantic-settings#663</a></li>
<li><a
href="https://github.com/adrianohrl"><code>@​adrianohrl</code></a> made
their first contribution in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/664">pydantic/pydantic-settings#664</a></li>
<li><a href="https://github.com/deepyaman"><code>@​deepyaman</code></a>
made their first contribution in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/668">pydantic/pydantic-settings#668</a></li>
<li><a
href="https://github.com/enrico-stauss"><code>@​enrico-stauss</code></a>
made their first contribution in <a
href="https://redirect.github.com/pydantic/pydantic-settings/pull/681">pydantic/pydantic-settings#681</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/pydantic/pydantic-settings/compare/2.10.1...v2.11.0">https://github.com/pydantic/pydantic-settings/compare/2.10.1...v2.11.0</a></p>
<h2>v2.10.1</h2>
<h2>What's Changed</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="584983d253"><code>584983d</code></a>
Prepare release 2.12 (<a
href="https://redirect.github.com/pydantic/pydantic-settings/issues/705">#705</a>)</li>
<li><a
href="6b4d87e776"><code>6b4d87e</code></a>
Add Python 3.14 (<a
href="https://redirect.github.com/pydantic/pydantic-settings/issues/704">#704</a>)</li>
<li><a
href="02de5b622b"><code>02de5b6</code></a>
Adapt test_protected_namespace_defaults for dev. Pydantic (<a
href="https://redirect.github.com/pydantic/pydantic-settings/issues/637">#637</a>)</li>
<li><a
href="4239ea460a"><code>4239ea4</code></a>
Drop Python3.9 support (<a
href="https://redirect.github.com/pydantic/pydantic-settings/issues/699">#699</a>)</li>
<li><a
href="5008c694f6"><code>5008c69</code></a>
Restore init kwarg names before returning final state dictionary. (<a
href="https://redirect.github.com/pydantic/pydantic-settings/issues/700">#700</a>)</li>
<li><a
href="4433101fef"><code>4433101</code></a>
Coerce env vars if strict is True. (<a
href="https://redirect.github.com/pydantic/pydantic-settings/issues/693">#693</a>)</li>
<li><a
href="4d2ebfd543"><code>4d2ebfd</code></a>
Strip non-explicit default values. (<a
href="https://redirect.github.com/pydantic/pydantic-settings/issues/692">#692</a>)</li>
<li><a
href="4a6ffcaeae"><code>4a6ffca</code></a>
Add NestedSecretsSettings source (<a
href="https://redirect.github.com/pydantic/pydantic-settings/issues/690">#690</a>)</li>
<li><a
href="7a6e96ebfc"><code>7a6e96e</code></a>
Apply source order: init &gt; env &gt; dotenv &gt; secrets &gt; defaults
and pres… (<a
href="https://redirect.github.com/pydantic/pydantic-settings/issues/688">#688</a>)</li>
<li><a
href="68563eddc0"><code>68563ed</code></a>
Support for enum kebab case. (<a
href="https://redirect.github.com/pydantic/pydantic-settings/issues/686">#686</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/pydantic/pydantic-settings/compare/v2.1.0...v2.12.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pydantic-settings&package-manager=uv&previous-version=2.1.0&new-version=2.12.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-17 04:26:14 +00:00
dependabot[bot]
73935512e9 Bump pyrefly from 0.45.0 to 0.46.0 in /backend (#1472) 
Bumps [pyrefly](https://github.com/facebook/pyrefly) from 0.45.0 to
0.46.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b9fcb7ac8a"><code>b9fcb7a</code></a>
Update pyrefly version]</li>
<li><a
href="db0d49be8e"><code>db0d49b</code></a>
Fix unused parameter lint error</li>
<li><a
href="bcd9f78b23"><code>bcd9f78</code></a>
Fix maturin version pin</li>
<li><a
href="6edff54d4d"><code>6edff54</code></a>
fix numba jit decorators special casing</li>
<li><a
href="6deeae9d5f"><code>6deeae9</code></a>
Register the dunder repr call as an artificial call</li>
<li><a
href="08e2bf82bf"><code>08e2bf8</code></a>
Revert back to <code>debug = 1</code> for now (<a
href="https://redirect.github.com/facebook/pyrefly/issues/1844">#1844</a>)</li>
<li><a
href="aacf5fe135"><code>aacf5fe</code></a>
add version support to textDocument/publishDiagnostics (<a
href="https://redirect.github.com/facebook/pyrefly/issues/1382">#1382</a>)</li>
<li><a
href="c04dc361bf"><code>c04dc36</code></a>
fix panic: capacity overflow with large tuple expansion <a
href="https://redirect.github.com/facebook/pyrefly/issues/1826">#1826</a>
(<a
href="https://redirect.github.com/facebook/pyrefly/issues/1830">#1830</a>)</li>
<li><a
href="c9364f2506"><code>c9364f2</code></a>
test document symbols</li>
<li><a
href="b785ba5b9a"><code>b785ba5</code></a>
Add test that shows Typeshed path not being used from config</li>
<li>Additional commits viewable in <a
href="https://github.com/facebook/pyrefly/compare/0.45.0...0.46.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pyrefly&package-manager=uv&previous-version=0.45.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-16 04:29:24 +00:00
dependabot[bot]
c0e2a1b738 Bump pyrefly from 0.44.0 to 0.45.0 in /backend (#1461) 
Bumps [pyrefly](https://github.com/facebook/pyrefly) from 0.44.0 to
0.45.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="93cacf99df"><code>93cacf9</code></a>
Update pyrefly version]</li>
<li><a
href="9ed447ce33"><code>9ed447c</code></a>
special-case numba.jit and numba.njit to preserve decorated function
signatures</li>
<li><a
href="495e7dcfaf"><code>495e7dc</code></a>
Remove Arc from HeavyTaskQueue</li>
<li><a
href="e34715c8b9"><code>e34715c</code></a>
Remove Arc from connection and lsp_queue</li>
<li><a
href="361ad739f1"><code>361ad73</code></a>
Borrow in server threads</li>
<li><a
href="f2482475e5"><code>f248247</code></a>
Run server threads in a thread scope</li>
<li><a
href="87cfca7e60"><code>87cfca7</code></a>
Stop listening for LSP requests after Exit notification</li>
<li><a
href="7f485246d8"><code>7f48524</code></a>
Move Pydantic lax mode into its own file</li>
<li><a
href="40759d7b44"><code>40759d7</code></a>
regression test for lazy class attr init</li>
<li><a
href="3f263a0470"><code>3f263a0</code></a>
Move suggest.rs into the pyrefly_util crate</li>
<li>Additional commits viewable in <a
href="https://github.com/facebook/pyrefly/compare/0.44.0...0.45.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pyrefly&package-manager=uv&previous-version=0.44.0&new-version=0.45.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Erik Vroon <erik.vroon@channable.com>
 2025-12-09 12:24:57 +00:00
dependabot[bot]
5d57c2932e Bump fastapi from 0.123.0 to 0.124.0 in /backend (#1459) 
Bumps [fastapi](https://github.com/fastapi/fastapi) from 0.123.0 to
0.124.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/fastapi/fastapi/releases">fastapi's
releases</a>.</em></p>
<blockquote>
<h2>0.124.0</h2>
<h3>Features</h3>
<ul>
<li>🚸 Improve tracebacks by adding endpoint metadata. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14306">#14306</a>
by <a
href="https://github.com/savannahostrowski"><code>@​savannahostrowski</code></a>.</li>
</ul>
<h3>Internal</h3>
<ul>
<li>✏️ Fix typo in <code>scripts/mkdocs_hooks.py</code>. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14457">#14457</a>
by <a
href="https://github.com/yujiteshima"><code>@​yujiteshima</code></a>.</li>
</ul>
<h2>0.123.10</h2>
<h3>Fixes</h3>
<ul>
<li>🐛 Fix using class (not instance) dependency that has
<code>__call__</code> method. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14458">#14458</a>
by <a
href="https://github.com/YuriiMotov"><code>@​YuriiMotov</code></a>.</li>
<li>🐛 Fix <code>separate_input_output_schemas=False</code> with
<code>computed_field</code>. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14453">#14453</a>
by <a
href="https://github.com/YuriiMotov"><code>@​YuriiMotov</code></a>.</li>
</ul>
<h2>0.123.9</h2>
<h3>Fixes</h3>
<ul>
<li>🐛 Fix OAuth2 scopes in OpenAPI in extra corner cases, parent
dependency with scopes, sub-dependency security scheme without scopes.
PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14459">#14459</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
</ul>
<h2>0.123.8</h2>
<h3>Fixes</h3>
<ul>
<li>🐛 Fix OpenAPI security scheme OAuth2 scopes declaration, deduplicate
security schemes with different scopes. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14455">#14455</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
</ul>
<h2>0.123.7</h2>
<h3>Fixes</h3>
<ul>
<li>🐛 Fix evaluating stringified annotations in Python 3.10. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/11355">#11355</a>
by <a href="https://github.com/chaen"><code>@​chaen</code></a>.</li>
</ul>
<h2>0.123.6</h2>
<h3>Fixes</h3>
<ul>
<li>🐛 Fix support for functools wraps and partial combined, for async
and regular functions and classes in path operations and dependencies.
PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14448">#14448</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
</ul>
<h2>0.123.5</h2>
<h3>Features</h3>
<ul>
<li> Allow using dependables with <code>functools.partial()</code>. PR
<a
href="https://redirect.github.com/fastapi/fastapi/pull/9753">#9753</a>
by <a href="https://github.com/lieryan"><code>@​lieryan</code></a>.</li>
<li> Add support for wrapped functions (e.g.
<code>@functools.wraps()</code>) used with forward references. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/5077">#5077</a>
by <a
href="https://github.com/lucaswiman"><code>@​lucaswiman</code></a>.</li>
<li> Handle wrapped dependencies. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/9555">#9555</a>
by <a href="https://github.com/phy1729"><code>@​phy1729</code></a>.</li>
</ul>
<h3>Fixes</h3>
<ul>
<li>🐛 Fix optional sequence handling with new union syntax from Python
3.10. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14430">#14430</a>
by <a href="https://github.com/Viicos"><code>@​Viicos</code></a>.</li>
</ul>
<h3>Refactors</h3>
<ul>
<li>🔥 Remove dangling extra condiitonal no longer needed. PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14435">#14435</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
<li>♻️ Refactor internals, update <code>is_coroutine</code> check to
reuse internal supported variants (unwrap, check class). PR <a
href="https://redirect.github.com/fastapi/fastapi/pull/14434">#14434</a>
by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a>.</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b5ca13249e"><code>b5ca132</code></a>
🔖 Release version 0.124.0</li>
<li><a
href="a2cef707e3"><code>a2cef70</code></a>
📝 Update release notes</li>
<li><a
href="5b6245666b"><code>5b62456</code></a>
✏️ Fix typo in <code>scripts/mkdocs_hooks.py</code> (<a
href="https://redirect.github.com/fastapi/fastapi/issues/14457">#14457</a>)</li>
<li><a
href="dbd34f1578"><code>dbd34f1</code></a>
📝 Update release notes</li>
<li><a
href="e1117f7550"><code>e1117f7</code></a>
🚸 Improve tracebacks by adding endpoint metadata (<a
href="https://redirect.github.com/fastapi/fastapi/issues/14306">#14306</a>)</li>
<li><a
href="08b09e5236"><code>08b09e5</code></a>
🔖 Release version 0.123.10</li>
<li><a
href="e7d7038dfa"><code>e7d7038</code></a>
📝 Update release notes</li>
<li><a
href="da0ffab0b2"><code>da0ffab</code></a>
🐛 Fix using class (not instance) dependency that has
<code>__call__</code> method (<a
href="https://redirect.github.com/fastapi/fastapi/issues/14458">#14458</a>)</li>
<li><a
href="516169428d"><code>5161694</code></a>
📝 Update release notes</li>
<li><a
href="812a1926f0"><code>812a192</code></a>
🐛 Fix <code>separate_input_output_schemas=False</code> with
<code>computed_field</code> (<a
href="https://redirect.github.com/fastapi/fastapi/issues/14453">#14453</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/fastapi/fastapi/compare/0.123.0...0.124.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=fastapi&package-manager=uv&previous-version=0.123.0&new-version=0.124.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-08 04:30:58 +00:00
Erik Vroon
2e00bb20c5 Update pyrefly to 0.44 (#1457) 2025-12-04 08:32:30 +00:00
dependabot[bot]
356769fd00 Bump sentry-sdk from 2.46.0 to 2.47.0 in /backend (#1455) 
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from
2.46.0 to 2.47.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-python/releases">sentry-sdk's
releases</a>.</em></p>
<blockquote>
<h2>2.47.0</h2>
<h3>Bug Fixes 🐛</h3>
<ul>
<li>fix: Make PropagationContext.from_incoming_data always return a
PropagationContext by <a
href="https://github.com/sl0thentr0py"><code>@​sl0thentr0py</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5186">#5186</a></li>
<li>fix(integrations): anthropic set <code>GEN_AI_OPERATION_NAME</code>
by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5185">#5185</a></li>
<li>fix(spotlight): align behavior with SDK spec by <a
href="https://github.com/BYK"><code>@​BYK</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5169">#5169</a></li>
<li>fix(integrations): do not exit early when config is not passed as it
is not required and prohibits setting
<code>gen_ai.request.messages</code> by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5167">#5167</a></li>
<li>fix(langchain): add gen_ai.response.model to chat spans by <a
href="https://github.com/shellmayr"><code>@​shellmayr</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5159">#5159</a></li>
<li>fix(integrations): add the system prompt to the
<code>gen_ai.request.messages</code> attribute by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5161">#5161</a></li>
<li>fix(ai): Handle Pydantic model classes in _normalize_data by <a
href="https://github.com/skalinchuk"><code>@​skalinchuk</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5143">#5143</a></li>
<li>fix(openai-agents): Avoid double span exit on exception by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5174">#5174</a></li>
<li>fix(openai-agents): Store <code>invoke_agent</code> span on
<code>agents.RunContextWrapper</code> by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5165">#5165</a></li>
<li>Add back span status by <a
href="https://github.com/sl0thentr0py"><code>@​sl0thentr0py</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5147">#5147</a></li>
</ul>
<h3>New Features </h3>
<ul>
<li>feat(integrations): openai-agents: add usage and response model
reporting for chat and invoke_agent spans by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5157">#5157</a></li>
<li>feat: Implement strict_trace_continuation by <a
href="https://github.com/sl0thentr0py"><code>@​sl0thentr0py</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5178">#5178</a></li>
<li>feat(integration): pydantic-ai: properly report token usage and
response model for invoke_agent spans by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5153">#5153</a></li>
<li>feat(integrations): add support for embed_content methods in
GoogleGenAI integration by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5128">#5128</a></li>
<li>feat(logs): Record discarded log bytes by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5144">#5144</a></li>
<li>feat: Add an initial changelog config by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5145">#5145</a></li>
<li>feat(django): Instrument database rollbacks by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5115">#5115</a></li>
<li>feat(django): Instrument database commits by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5100">#5100</a></li>
<li>feat(openai-agents): Truncate long messages by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5141">#5141</a></li>
<li>Add org_id support by <a
href="https://github.com/sl0thentr0py"><code>@​sl0thentr0py</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5166">#5166</a></li>
</ul>
<h3>Deprecations</h3>
<ul>
<li>Deprecate <code>continue_from_headers</code> by <a
href="https://github.com/sl0thentr0py"><code>@​sl0thentr0py</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5160">#5160</a></li>
</ul>
<h3>Build / dependencies / internal 🔧</h3>
<ul>
<li>Remove unsupported SPANSTATUS.(ERROR|UNSET) by <a
href="https://github.com/sl0thentr0py"><code>@​sl0thentr0py</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5146">#5146</a></li>
<li>Rename setup_otlp_exporter to setup_otlp_traces_exporter by <a
href="https://github.com/sl0thentr0py"><code>@​sl0thentr0py</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5142">#5142</a></li>
<li>Simplify continue_trace to reuse propagation_context values by <a
href="https://github.com/sl0thentr0py"><code>@​sl0thentr0py</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5158">#5158</a></li>
<li>Make PropagationContext hold baggage instead of
dynamic_sampling_context by <a
href="https://github.com/sl0thentr0py"><code>@​sl0thentr0py</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5156">#5156</a></li>
<li>Cleanup PropagationContext.from_incoming_data by <a
href="https://github.com/sl0thentr0py"><code>@​sl0thentr0py</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5155">#5155</a></li>
<li>chore: Add <code>commit_patterns</code> to changelog config, remove
auto-labeler by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5176">#5176</a></li>
<li>build(deps): bump actions/github-script from 7 to 8 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5171">#5171</a></li>
<li>build(deps): bump supercharge/redis-github-action from 1.8.1 to 2 by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/getsentry/sentry-python/pull/5172">#5172</a></li>
<li>ci: 🤖 Update test matrix with new releases (12/01) by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5173">#5173</a></li>
<li>ci: Add auto-label GH action by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5163">#5163</a></li>
<li>ci: Split up Test AI workflow by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5148">#5148</a></li>
<li>ci: Update test matrix with new releases (11/24) by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5139">#5139</a></li>
<li>test: Import integrations with empty shadow modules by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5150">#5150</a></li>
<li>Add deprecations to changelog categories by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5162">#5162</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md">sentry-sdk's
changelog</a>.</em></p>
<blockquote>
<h2>2.47.0</h2>
<h3>Bug Fixes 🐛</h3>
<ul>
<li>fix: Make PropagationContext.from_incoming_data always return a
PropagationContext by <a
href="https://github.com/sl0thentr0py"><code>@​sl0thentr0py</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5186">#5186</a></li>
<li>fix(integrations): anthropic set <code>GEN_AI_OPERATION_NAME</code>
by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5185">#5185</a></li>
<li>fix(spotlight): align behavior with SDK spec by <a
href="https://github.com/BYK"><code>@​BYK</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5169">#5169</a></li>
<li>fix(integrations): do not exit early when config is not passed as it
is not required and prohibits setting
<code>gen_ai.request.messages</code> by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5167">#5167</a></li>
<li>fix(langchain): add gen_ai.response.model to chat spans by <a
href="https://github.com/shellmayr"><code>@​shellmayr</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5159">#5159</a></li>
<li>fix(integrations): add the system prompt to the
<code>gen_ai.request.messages</code> attribute by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5161">#5161</a></li>
<li>fix(ai): Handle Pydantic model classes in _normalize_data by <a
href="https://github.com/skalinchuk"><code>@​skalinchuk</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5143">#5143</a></li>
<li>fix(openai-agents): Avoid double span exit on exception by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5174">#5174</a></li>
<li>fix(openai-agents): Store <code>invoke_agent</code> span on
<code>agents.RunContextWrapper</code> by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5165">#5165</a></li>
<li>Add back span status by <a
href="https://github.com/sl0thentr0py"><code>@​sl0thentr0py</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5147">#5147</a></li>
</ul>
<h3>New Features </h3>
<ul>
<li>feat(integrations): openai-agents: add usage and response model
reporting for chat and invoke_agent spans by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5157">#5157</a></li>
<li>feat: Implement strict_trace_continuation by <a
href="https://github.com/sl0thentr0py"><code>@​sl0thentr0py</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5178">#5178</a></li>
<li>feat(integration): pydantic-ai: properly report token usage and
response model for invoke_agent spans by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5153">#5153</a></li>
<li>feat(integrations): add support for embed_content methods in
GoogleGenAI integration by <a
href="https://github.com/constantinius"><code>@​constantinius</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5128">#5128</a></li>
<li>feat(logs): Record discarded log bytes by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5144">#5144</a></li>
<li>feat: Add an initial changelog config by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5145">#5145</a></li>
<li>feat(django): Instrument database rollbacks by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5115">#5115</a></li>
<li>feat(django): Instrument database commits by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5100">#5100</a></li>
<li>feat(openai-agents): Truncate long messages by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5141">#5141</a></li>
<li>Add org_id support by <a
href="https://github.com/sl0thentr0py"><code>@​sl0thentr0py</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5166">#5166</a></li>
</ul>
<h3>Deprecations</h3>
<ul>
<li>Deprecate <code>continue_from_headers</code> by <a
href="https://github.com/sl0thentr0py"><code>@​sl0thentr0py</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5160">#5160</a></li>
</ul>
<h3>Build / dependencies / internal 🔧</h3>
<ul>
<li>Remove unsupported SPANSTATUS.(ERROR|UNSET) by <a
href="https://github.com/sl0thentr0py"><code>@​sl0thentr0py</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5146">#5146</a></li>
<li>Rename setup_otlp_exporter to setup_otlp_traces_exporter by <a
href="https://github.com/sl0thentr0py"><code>@​sl0thentr0py</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5142">#5142</a></li>
<li>Simplify continue_trace to reuse propagation_context values by <a
href="https://github.com/sl0thentr0py"><code>@​sl0thentr0py</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5158">#5158</a></li>
<li>Make PropagationContext hold baggage instead of
dynamic_sampling_context by <a
href="https://github.com/sl0thentr0py"><code>@​sl0thentr0py</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5156">#5156</a></li>
<li>Cleanup PropagationContext.from_incoming_data by <a
href="https://github.com/sl0thentr0py"><code>@​sl0thentr0py</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5155">#5155</a></li>
<li>chore: Add <code>commit_patterns</code> to changelog config, remove
auto-labeler by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5176">#5176</a></li>
<li>build(deps): bump actions/github-script from 7 to 8 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5171">#5171</a></li>
<li>build(deps): bump supercharge/redis-github-action from 1.8.1 to 2 by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/getsentry/sentry-python/pull/5172">#5172</a></li>
<li>ci: 🤖 Update test matrix with new releases (12/01) by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5173">#5173</a></li>
<li>ci: Add auto-label GH action by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5163">#5163</a></li>
<li>ci: Split up Test AI workflow by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5148">#5148</a></li>
<li>ci: Update test matrix with new releases (11/24) by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5139">#5139</a></li>
<li>test: Import integrations with empty shadow modules by <a
href="https://github.com/alexander-alderman-webb"><code>@​alexander-alderman-webb</code></a>
in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5150">#5150</a></li>
<li>Add deprecations to changelog categories by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a> in <a
href="https://redirect.github.com/getsentry/sentry-python/pull/5162">#5162</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="a1e3004593"><code>a1e3004</code></a>
Update CHANGELOG.md</li>
<li><a
href="9aa07c5747"><code>9aa07c5</code></a>
release: 2.47.0</li>
<li><a
href="8d0b6ccf86"><code>8d0b6cc</code></a>
fix(openai-agents): Avoid double span exit on exception (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5174">#5174</a>)</li>
<li><a
href="d2d3d3545f"><code>d2d3d35</code></a>
test: Import integrations with empty shadow modules (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5150">#5150</a>)</li>
<li><a
href="9a9fbfef0b"><code>9a9fbfe</code></a>
fix: Make PropagationContext.from_incoming_data always return a
PropagationCo...</li>
<li><a
href="9c9510d7d3"><code>9c9510d</code></a>
feat(integrations): openai-agents: add usage and response model
reporting for...</li>
<li><a
href="4df00564dc"><code>4df0056</code></a>
fix(integrations): anthropic set <code>GEN_AI_OPERATION_NAME</code> (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5185">#5185</a>)</li>
<li><a
href="6c6705a3d9"><code>6c6705a</code></a>
fix(spotlight): align behavior with SDK spec (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5169">#5169</a>)</li>
<li><a
href="7449603a80"><code>7449603</code></a>
feat(openai-agents): Truncate long messages (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/5141">#5141</a>)</li>
<li><a
href="996f9359aa"><code>996f935</code></a>
fix(openai-agents): Store <code>invoke_agent</code> span on
<code>agents.RunContextWrapper</code> (...</li>
<li>Additional commits viewable in <a
href="https://github.com/getsentry/sentry-python/compare/2.46.0...2.47.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry-sdk&package-manager=uv&previous-version=2.46.0&new-version=2.47.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-04 07:56:02 +00:00