MESH-2092 Bump the dependencies group across 1 directory with 24 updates

[dependabot]

Bumps the dependencies group with 23 updates in the / directory:

Package	From	To
types-python-dateutil	2.8.19.20240106	2.9.0.20250822
python-dateutil	2.8.2	2.9.0.post0
cryptography	44.0.3	45.0.6
fastapi	0.115.14	0.116.1
uvicorn	0.23.2	0.35.0
pytest	7.4.4	8.4.1
pytest-asyncio	0.23.8	1.1.0
httpx	0.27.2	0.28.1
lxml	4.9.4	6.0.1
black	24.10.0	25.1.0
ipython	8.37.0	9.4.0
annotated-types	0.6.0	0.7.0
anyio	3.7.1	4.10.0
cffi	1.16.0	1.17.1
click	8.1.7	8.2.1
idna	3.6	3.10
packaging	23.2	25.0
pycparser	2.21	2.22
pydantic	2.5.3	2.11.7
pydantic-core	2.14.6	2.39.0
six	1.16.0	1.17.0
sniffio	1.3.0	1.3.1
starlette	0.47.2	0.47.3

Updates types-python-dateutil from 2.8.19.20240106 to 2.9.0.20250822

Commits

• See full diff in compare view

Updates python-dateutil from 2.8.2 to 2.9.0.post0

Release notes

Sourced from python-dateutil's releases.

2.9.0.post0

Version 2.9.0.post0 (2024-03-01)

Bugfixes

• Pinned setuptools_scm to <8, which should make the generated _version.py file compatible with all supported versions of Python.

2.9.0

Version 2.9.0 (2024-02-29)

Data updates

• Updated tzdata version to 2024a. (gh pr #1342)

Features

• Made all dateutil submodules lazily imported using PEP 562. On Python 3.7+, things like import dateutil; dateutil.tz.gettz("America/New_York") will now work without explicitly importing dateutil.tz, with the import occurring behind the scenes on first use. The old behavior remains on Python 3.6 and earlier. Fixed by Orson Adams. (gh issue #771, gh pr #1007)

Bugfixes

• Removed a call to datetime.utcfromtimestamp, which is deprecated as of Python 3.12. Reported by Hugo van Kemenade (gh pr #1284), fixed by Thomas Grainger (gh pr #1285).

Documentation changes

• Added note into docs and tests where relativedelta would return last day of the month only if the same day on a different month resolves to a date that doesn't exist. Reported by @​hawkEye-01 (gh issue #1167). Fixed by @​Mifrill (gh pr #1168)

Changelog

Sourced from python-dateutil's changelog.

Version 2.9.0.post0 (2024-03-01)

Bugfixes

• Pinned setuptools_scm to <8, which should make the generated _version.py file compatible with all supported versions of Python.

Version 2.9.0 (2024-02-29)

Data updates

• Updated tzdata version to 2024a. (gh pr #1342)

Features

• Made all dateutil submodules lazily imported using PEP 562 <https://www.python.org/dev/peps/pep-0562/>_. On Python 3.7+, things like import dateutil; dateutil.tz.gettz("America/New_York") will now work without explicitly importing dateutil.tz, with the import occurring behind the scenes on first use. The old behavior remains on Python 3.6 and earlier. Fixed by Orson Adams. (gh issue #771, gh pr #1007)

Bugfixes

• Removed a call to datetime.utcfromtimestamp, which is deprecated as of Python 3.12. Reported by Hugo van Kemenade (gh pr #1284), fixed by Thomas Grainger (gh pr #1285).

Documentation changes

• Added note into docs and tests where relativedelta would return last day of the month only if the same day on a different month resolves to a date that doesn't exist. Reported by @​hawkEye-01 (gh issue #1167). Fixed by @​Mifrill (gh pr #1168)

Commits

• 1ae8077 Merge pull request #1346 from pganssle/release_2.9.0.post0
• ee6de9d Update news to prepare for release
• 9780d32 Pin setuptools_scm to <8
• db9d018 Merge pull request #1343 from pganssle/release_2.9.0
• 423ca2f Run updatezinfo before build
• edd3fd4 Update NEWS file
• fe02d02 Run towncrier with Python 3.11
• 9c7524a Fix MANIFEST.in pattern
• 6de58f5 Update classifiers to include Python 3.12
• 8fe0cab Merge pull request #1342 from pganssle/update_zoneinfo
• Additional commits viewable in compare view

Updates cryptography from 44.0.3 to 45.0.6

Changelog

Sourced from cryptography's changelog.

45.0.6 - 2025-08-05

* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.2.
.. _v45-0-5:
45.0.5 - 2025-07-02

• Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.1.

.. _v45-0-4:

45.0.4 - 2025-06-09

* Fixed decrypting PKCS#8 files encrypted with SHA1-RC4. (This is not
  considered secure, and is supported only for backwards compatibility.)
.. _v45-0-3:
45.0.3 - 2025-05-25

• Fixed decrypting PKCS#8 files encrypted with long salts (this impacts keys encrypted by Bouncy Castle).
• Fixed decrypting PKCS#8 files encrypted with DES-CBC-MD5. While wildly insecure, this remains prevalent.

.. _v45-0-2:

45.0.2 - 2025-05-17

* Fixed using ``mypy`` with ``cryptography`` on older versions of Python.
.. _v45-0-1:
45.0.1 - 2025-05-17

• Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.0.

.. _v45-0-0:

45.0.0 - 2025-05-17 (YANKED)

* Support for Python 3.7 is deprecated and will be removed in the next
</tr></table> 

... (truncated)

Commits

• 66198c2 Bump for release (#13249)
• 3e53a23 Bump for 45.0.5 release (#13135)
• 678c0c5 prepare for 45.0.4 release (#13058)
• 5038495 backports for 45.0.3 release (#12979)
• f81c075 Backport mypy fixes for release (#12930)
• 8ea28e0 bump for 45.0.1 (#12922)
• 6784097 bump for 45 release (#12886)
• 2d9c1c9 bump MSRV to 1.74 (#12919)
• 6c18874 Bump BoringSSL, OpenSSL, AWS-LC in CI (#12918)
• 43fd312 add test vectors for upcoming explicit curve loading (#12913)
• Additional commits viewable in compare view

Updates fastapi from 0.115.14 to 0.116.1

Release notes

Sourced from fastapi's releases.

0.116.1

Upgrades

• ⬆️ Upgrade Starlette supported version range to >=0.40.0,<0.48.0. PR #13884 by @​tiangolo.

Docs

• 📝 Add notification about impending changes in Translations to docs/en/docs/contributing.md. PR #13886 by @​YuriiMotov.

Internal

• ⬆ [pre-commit.ci] pre-commit autoupdate. PR #13871 by @​pre-commit-ci[bot].

0.116.0

Features

• ✨ Add support for deploying to FastAPI Cloud with fastapi deploy. PR #13870 by @​tiangolo.

Installing fastapi[standard] now includes fastapi-cloud-cli.

This will allow you to deploy to FastAPI Cloud with the fastapi deploy command.

If you want to install fastapi with the standard dependencies but without fastapi-cloud-cli, you can install instead fastapi[standard-no-fastapi-cloud-cli].

Translations

• 🌐 Add Russian translation for docs/ru/docs/advanced/response-directly.md. PR #13801 by @​NavesSapnis.
• 🌐 Add Russian translation for docs/ru/docs/advanced/additional-status-codes.md. PR #13799 by @​NavesSapnis.
• 🌐 Add Ukrainian translation for docs/uk/docs/tutorial/body-updates.md. PR #13804 by @​valentinDruzhinin.

Internal

• ⬆ Bump pillow from 11.1.0 to 11.3.0. PR #13852 by @​dependabot[bot].
• 👥 Update FastAPI People - Sponsors. PR #13846 by @​tiangolo.
• 👥 Update FastAPI GitHub topic repositories. PR #13848 by @​tiangolo.
• ⬆ Bump mkdocs-material from 9.6.1 to 9.6.15. PR #13849 by @​dependabot[bot].
• ⬆ [pre-commit.ci] pre-commit autoupdate. PR #13843 by @​pre-commit-ci[bot].
• 👥 Update FastAPI People - Contributors and Translators. PR #13845 by @​tiangolo.

Commits

• 3137234 🔖 Release version 0.116.1
• 095dab0 📝 Update release notes
• cad6880 ⬆️ Upgrade Starlette supported version range to >=0.40.0,<0.48.0 (#13884)
• a6e79e6 📝 Update release notes
• 2c13b1b 📝 Add notification about impending changes in Translations to `docs/en/docs/c...
• 7179d48 📝 Update release notes
• 07bcb18 ⬆ [pre-commit.ci] pre-commit autoupdate (#13871)
• bd8f358 🔖 Release version 0.116.0
• 18eb7a7 📝 Update release notes
• dd906a9 📝 Update release notes
• Additional commits viewable in compare view

Updates uvicorn from 0.23.2 to 0.35.0

Release notes

Sourced from uvicorn's releases.

Version 0.35.0

Added

• Add WebSocketsSansIOProtocol by @​Kludex in encode/uvicorn#2540

Changed

• Refine help message for option --proxy-headers by @​zhangyoufu in encode/uvicorn#2653

New Contributors

• @​zhangyoufu made their first contribution in encode/uvicorn#2653

Full Changelog: Kludex/uvicorn@0.34.3...0.35.0

Version 0.34.3

What's Changed

• Don't include cwd() when non-empty --reload-dirs is passed by @​stinovlas in encode/uvicorn#2598
• Apply get_client_addr formatting to WebSocket logging by @​Harry-Lees in encode/uvicorn#2636
• chore: improve type hints by @​waketzheng in encode/uvicorn#2638

New Contributors

• @​stinovlas made their first contribution in encode/uvicorn#2598
• @​LifeLex made their first contribution in encode/uvicorn#2621
• @​Harry-Lees made their first contribution in encode/uvicorn#2636
• @​waketzheng made their first contribution in encode/uvicorn#2638

Full Changelog: Kludex/uvicorn@0.34.2...0.34.3

Version 0.34.2

What's Changed

• Flush the stdout buffer on Windows to trigger reload by @​jamesh1999 in encode/uvicorn#2604

New Contributors

• @​jamesh1999 made their first contribution in encode/uvicorn#2604

Full Changelog: Kludex/uvicorn@0.34.1...0.34.2

Version 0.34.1

What's Changed

• Deprecate ServerState in the main module by @​Kludex in encode/uvicorn#2581

New Contributors

• @​RakhimovRamis made their first contribution in encode/uvicorn#2567
• @​carlwgeorge made their first contribution in encode/uvicorn#2590

Full Changelog: Kludex/uvicorn@0.34.0...0.34.1

Version 0.34.0

What's Changed

... (truncated)

Changelog

Sourced from uvicorn's changelog.

0.35.0 (June 28, 2025)

Added

• Add WebSocketsSansIOProtocol (#2540)

Changed

• Refine help message for option --proxy-headers (#2653)

0.34.3 (June 1, 2025)

Fixed

• Don't include cwd() when non-empty --reload-dirs is passed (#2598)
• Apply get_client_addr formatting to WebSocket logging (#2636)

0.34.2 (April 19, 2025)

Fixed

• Flush stdout buffer on Windows to trigger reload (#2604)

0.34.1 (April 13, 2025)

Deprecated

• Deprecate ServerState in the main module (#2581)

0.34.0 (December 15, 2024)

Added

• Add content-length to 500 response in wsproto implementation (#2542)

Removed

• Drop support for Python 3.8 (#2543)

0.33.0 (December 14, 2024)

Removed

• Remove WatchGod support for --reload (#2536)

0.32.1 (November 20, 2024)

Fixed

• Drop ASGI spec version to 2.3 on HTTP scope (#2513)

... (truncated)

Commits

• daecb45 Version 0.35.0 (#2654)
• 22dfd3f refine help message for option --proxy-headers (#2653)
• b960626 Add WebSocketsSansIOProtocol (#2540)
• 5432729 Add CITATION.cff (#2649)
• 5e33d43 Add notes about 0.34.3 and Google Analytics (#2642)
• ce129ff chore: improve type hints (#2638)
• fa3d9d2 Apply get_client_addr formatting to WebSocket logging (#2636)
• 66b9b58 Bump the python-packages group across 1 directory with 5 updates (#2631)
• bc79505 chore: update h11 dependecy to latest release (#2621)
• 2eda7b1 Bump uvloop (#2618)
• Additional commits viewable in compare view

Updates pytest from 7.4.4 to 8.4.1

Release notes

Sourced from pytest's releases.

8.4.1

pytest 8.4.1 (2025-06-17)

Bug fixes

• #13461: Corrected _pytest.terminal.TerminalReporter.isatty to support being called as a method. Before it was just a boolean which could break correct code when using -o log_cli=true).

• #13477: Reintroduced pytest.PytestReturnNotNoneWarning{.interpreted-text role="class"} which was removed by accident in pytest [8.4]{.title-ref}.

  This warning is raised when a test functions returns a value other than None, which is often a mistake made by beginners.

  See return-not-none{.interpreted-text role="ref"} for more information.

• #13497: Fixed compatibility with Twisted 25+.

Improved documentation

• #13492: Fixed outdated warning about faulthandler not working on Windows.

8.4.0

pytest 8.4.0 (2025-06-02)

Removals and backward incompatible breaking changes

• #11372: Async tests will now fail, instead of warning+skipping, if you don't have any suitable plugin installed.

• #12346: Tests will now fail, instead of raising a warning, if they return any value other than None.

• #12874: We dropped support for Python 3.8 following its end of life (2024-10-07).

• #12960: Test functions containing a yield now cause an explicit error. They have not been run since pytest 4.0, and were previously marked as an expected failure and deprecation warning.

  See the docs <yield tests deprecated>{.interpreted-text role="ref"} for more information.

Deprecations (removal in next major release)

• #10839: Requesting an asynchronous fixture without a [pytest_fixture_setup]{.title-ref} hook that resolves it will now give a DeprecationWarning. This most commonly happens if a sync test requests an async fixture. This should have no effect on a majority of users with async tests or fixtures using async pytest plugins, but may affect non-standard hook setups or autouse=True. For guidance on how to work around this warning see sync-test-async-fixture{.interpreted-text role="ref"}.

New features

• #11538: Added pytest.RaisesGroup{.interpreted-text role="class"} as an equivalent to pytest.raises{.interpreted-text role="func"} for expecting ExceptionGroup{.interpreted-text role="exc"}. Also adds pytest.RaisesExc{.interpreted-text role="class"} which is now the logic behind pytest.raises{.interpreted-text role="func"} and used as parameter to pytest.RaisesGroup{.interpreted-text role="class"}. RaisesGroup includes the ability to specify multiple different expected exceptions, the structure of nested exception groups, and flags for emulating except* <except_star>{.interpreted-text role="ref"}. See assert-matching-exception-groups{.interpreted-text role="ref"} and docstrings for more information.

• #12081: Added capteesys{.interpreted-text role="fixture"} to capture AND pass output to next handler set by --capture=.

• #12504: pytest.mark.xfail{.interpreted-text role="func"} now accepts pytest.RaisesGroup{.interpreted-text role="class"} for the raises parameter when you expect an exception group. You can also pass a pytest.RaisesExc{.interpreted-text role="class"} if you e.g. want to make use of the check parameter.

• #12713: New [--force-short-summary]{.title-ref} option to force condensed summary output regardless of verbosity level.

... (truncated)

Commits

• 8d99211 Prepare release version 8.4.1
• 5dc5880 docs: update pytest.ini addopts example to use separate -p entries (#13529) (...
• d0c7ed0 Reintroduce PytestReturnNotNoneWarning (#13495) (#13527)
• a1b3a78 Fix compatibility with Twisted 25 (#13502) (#13531)
• 4c161ab pytester: avoid unraisableexception gc collects in inline runs to speed up te...
• a86ee09 Fix typo in parametrize.rst (#13514) (#13516)
• 1a0581b Remove outdated warning about faulthandler_timeout on Windows (#13492) (#13493)
• 4e631a7 Merge pull request #13486 from hosmir/fixtypo (#13487)
• b49745e fix: support TerminalReporter.isatty being called (#13462) (#13483)
• cc5ceed RELEASING: remove pytest mailing list (#13472) (#13473)
• Additional commits viewable in compare view

Updates pytest-asyncio from 0.23.8 to 1.1.0

Release notes

Sourced from pytest-asyncio's releases.

pytest-asyncio 1.1.0

Added

• Propagation of ContextVars from async fixtures to other fixtures and tests on Python 3.10 and older (#127)
• Cancellation of tasks when the loop_scope ends (#200)
• Warning when the current event loop is closed by a test

Fixed

• Error about missing loop when calling functions requiring a loop in the finally clause of a task (#878)
• An error that could cause duplicate warnings to be issued

Notes for Downstream Packagers

• Added runtime dependency on backports.asyncio.runner for use with Python 3.10 and older

pytest-asyncio 1.1.0a1

1.1.0a1 - 2025-06-30

Added

• Propagation of ContextVars from async fixtures to other fixtures and tests on Python 3.10 and older (#127)
• Cancellation of tasks when the loop_scope ends (#200)
• Warning when the current event loop is closed by a test

Fixed

• Error about missing loop when calling functions requiring a loop in the finally clause of a task (#878)
• An error that could cause duplicate warnings to be issued

Notes for Downstream Packagers

• Added runtime dependency on backports.asyncio.runner for use with Python 3.10 and older

pytest-asyncio 1.0.0

1.0.0 - 2025-05-26

Removed

• The deprecated event_loop fixture. (#1106)

Added

• Prelimiary support for Python 3.14 (#1025)

Changed

... (truncated)

Commits

• ce06c07 chore: Prepare release of v1.1.0.
• d9a8dcc ci: Workaround missing Tag annotation during release.
• d66e12f [pre-commit.ci] pre-commit autoupdate
• 9e5e25f Build(deps): Bump certifi in /dependencies/docs
• 0e63423 Build(deps): Bump hypothesis in /dependencies/default
• bd4551c Build(deps): Bump ncipollo/release-action from 1.16.0 to 1.18.0
• 8e20305 Build(deps): Bump hypothesis in /dependencies/default
• b7a8ab5 Build(deps): Bump coverage from 7.9.1 to 7.9.2 in /dependencies/default
• 8cc378d Build(deps): Bump typing-extensions in /dependencies/default
• fb6bfbf [pre-commit.ci] pre-commit autoupdate
• Additional commits viewable in compare view

Updates httpx from 0.27.2 to 0.28.1

Release notes

Sourced from httpx's releases.

Version 0.28.1

0.28.1 (6th December, 2024)

• Fix SSL case where verify=False together with client side certificates.

Version 0.28.0

0.28.0 (28th November, 2024)

The 0.28 release includes a limited set of deprecations.

Deprecations:

We are working towards a simplified SSL configuration API.

For users of the standard verify=True or verify=False cases, or verify=<ssl_context> case this should require no changes. The following cases have been deprecated...

• The verify argument as a string argument is now deprecated and will raise warnings.
• The cert argument is now deprecated and will raise warnings.

Our revised SSL documentation covers how to implement the same behaviour with a more constrained API.

The following changes are also included:

• The deprecated proxies argument has now been removed.
• The deprecated app argument has now been removed.
• JSON request bodies use a compact representation. (#3363)
• Review URL percent escape sets, based on WHATWG spec. (#3371, #3373)
• Ensure certifi and httpcore are only imported if required. (#3377)
• Treat socks5h as a valid proxy scheme. (#3178)
• Cleanup Request() method signature in line with client.request() and httpx.request(). (#3378)
• Bugfix: When passing params={}, always strictly update rather than merge with an existing querystring. (#3364)

Changelog

Sourced from httpx's changelog.

0.28.1 (6th December, 2024)

• Fix SSL case where verify=False together with client side certificates.

0.28.0 (28th November, 2024)

Be aware that the default JSON request bodies now use a more compact representation. This is generally considered a prefered style, tho may require updates to test suites.

The 0.28 release includes a limited set of deprecations...

Deprecations:

We are working towards a simplified SSL configuration API.

For users of the standard verify=True or verify=False cases, or verify=<ssl_context> case this should require no changes. The following cases have been deprecated...

• The verify argument as a string argument is now deprecated and will raise warnings.
• The cert argument is now deprecated and will raise warnings.

Our revised SSL documentation covers how to implement the same behaviour with a more constrained API.

The following changes are also included:

• The deprecated proxies argument has now been removed.
• The deprecated app argument has now been removed.
• JSON request bodies use a compact representation. (#3363)
• Review URL percent escape sets, based on WHATWG spec. (#3371, #3373)
• Ensure certifi and httpcore are only imported if required. (#3377)
• Treat socks5h as a valid proxy scheme. (#3178)
• Cleanup Request() method signature in line with client.request() and httpx.request(). (#3378)
• Bugfix: When passing params={}, always strictly update rather than merge with an existing querystring. (#3364)

Commits

• 26d48e0 Version 0.28.1 (#3445)
• 89599a9 Fix verify=False, cert=... case. (#3442)
• 8ecb86f Add test for request params behavior changes (#3364) (#3440)
• 0cb7e5a Bump the python-packages group with 11 updates (#3434)
• 15e21e9 Updating deprecated docstring Client() class (#3426)
• 80960fa Version 0.28.0. (#3419)
• a33c878 Fix extensions type annotation. (#3380)
• ce7e14d Error on verify as str. (#3418)
• 47f4a96 Handle empty zstd responses (#3412)
• 189fc4b Update CHANGELOG.md, fix typo(s) (#3406)
• Additional commits viewable in compare view

Updates pyopenssl from 24.3.0 to 25.1.0

Changelog

Sourced from pyopenssl's changelog.

25.1.0 (2025-05-17)

Backward-incompatible changes: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Deprecations: ^^^^^^^^^^^^^

• Attempting using any methods that mutate an OpenSSL.SSL.Context after it has been used to create an OpenSSL.SSL.Connection will emit a warning. In a future release, this will raise an exception.

Changes: ^^^^^^^^

• cryptography maximum version has been increased to 45.0.x.

25.0.0 (2025-01-12)

Backward-incompatible changes: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Deprecations: ^^^^^^^^^^^^^

Changes: ^^^^^^^^

• Corrected type annotations on Context.set_alpn_select_callback, Context.set_session_cache_mode, Context.set_options, Context.set_mode, X509.subject_name_hash, and X509Store.load_locations.
• Deprecated APIs are now marked using warnings.deprecated. mypy will emit deprecation notices for them when used with --enable-error-code deprecated.

Commits

• 62a0f50 Bump for 25.1.0 release (#1428)
• a1b4f7f Attempt to prohibit mutating a Context after its in use (#1416)
• 56d20e7 Bump actions/download-artifact from 4.2.1 to 4.3.0 (#1427)
• fd99b1a fix CI for new ubuntu rolling (#1426)
• e02c93c Bump actions/upload-artifact in /.github/actions/upload-coverage (#1423)
• 5f461df Bump actions/download-artifact from 4.2.0 to 4.2.1 (#1422)
• 3232015 Bump actions/upload-artifact from 4.6.1 to 4.6.2 (#1421)
• fd04add Bump actions/download-artifact from 4.1.9 to 4.2.0 (#1420)
• b0b7364 Bump actions/download-artifact from 4.1.8 to 4.1.9 (#1419)
• de6766d Bump actions/upload-artifact from 4.6.0 to 4.6.1 (#1417)
• Additional commits viewable in compare view

Updates lxml from 4.9.4 to 6.0.1

Release notes

Sourced from lxml's releases.

lxml-6.0.1

No release notes provided.

lxml-6.0.0

No release notes provided.

lxml-5.4.0

5.4.0 (2025-04-22)

Bugs fixed

• LP#2107279: Binary wheels use libxml2 2.13.8 and libxslt 1.1.43 to resolve several CVEs. (Binary wheels for Windows continue to use a patched libxml2 2.11.9 and libxslt 1.1.39.) Issue found by Anatoly Katyushin, see https://bugs.launchpad.net/lxml/+bug/2107279

lxml-5.3.2

No release notes provided.

lxml-5.3.1

No release notes provided.

lxml-5.3.0

No release notes provided.

lxml-5.2.2

5.2.2 (2024-05-12)

Bugs fixed

• GH#417: The test_feed_parser test could fail if lxml_html_clean was not installed. It is now skipped in that case.

• LP#2059910: The minimum CPU architecture for the Linux x86 binary wheels was set back to "core2", without SSE 4.2.

• If libxml2 uses iconv, the compile time version is available as etree.ICONV_COMPILED_VERSION.

lxml-5.2.1

No release notes provided.

lxml-5.2.0

No release notes provided.

lxml-5.1.1

No release notes provided.

... (truncated)

Changelog

Sourced from lxml's changelog.

6.0.1 (2025-08-22)

Bugs fixed

• LP#2116333: lxml.sax._getNsTag() could fail with an exception on malformed input.

• GH#467: Some test adaptations were made for libxml2 2.15. Patch by Nick Wellnhofer.

• LP2119510, GH#473: A Python compatibility test was fixed for Python 3.14+. Patch by Lumír Balhar.

• GH#471: Wheels for "riscv64" on recent Python versions were added. Patch by ffgan.

• GH#469: The wheel build no longer requires the wheel package unconditionally. Patch by Miro Hrončok.

• Binary wheels use the library version libxml2 2.14.5.

• Windows binary wheels continue to use a security patched library version libxml2 2.11.9.

6.0.0 (2025-06-26)

Features added

• GH#463: lxml.html.diff is faster and provides structurally better diffs. Original patch by Steven Fernandez.

• GH#405: The factories Element and ElementTree can now be used in type hints.

• GH#448: Parsing from memoryview and other buffers is supported to allow zero-copy parsing.

• GH#437: lxml.html.builder was missing several HTML5 tag names. Patch by Nick Tarleton.

• GH#458: CDATA can now be written into the incremental xmlfile() writer. Original patch by Lane Shaw.

• A new parser option decompress=False was added that controls the automatic input decompression when using libxml2 2.15.0 or later. Disabling this option by default will effectively prevent decompression bombs when handling untrusted input. Code that depends on automatic decompression must enable this option. Note that libxml2 2.15.0 was not released yet, so this option currently has no effect but can already be used.

... (truncated)

Commits

• 5aca07d Prepare release of lxml 6.0.1.
• f0e555a Build: Add Py3.14 also to tox.ini.
• afc745a Update changelog.
• 25242c6 Build: Add "riscv64" wheels for Py3.12+.
• 457c564 Build: Mark Py3.14 as officially supported.
• 66a3cc3 Remove Py2 test code.
• 6e88838 CI: Fix version usage in cache keys.
• fe5df46 Build: bump the github-actions group across 1 directory with 3 updates (#476)
• 9177121 CI: Configure library versions centrally in pyproject.toml to prevent build t...
• 525c6b9 Build: Separate libs cache by CPU architecture.
• Additional commits viewable in compare view

Updates black from 24.10.0 to 25.1.0

Release notes

Sourced from black's releases.

25.1.0

Highlights

This release introduces the new 2025 stable style (#4558), stabilizing the following changes:

• Normalize casing of Unicode escape characters in strings to lowercase (#2916)
• Fix inconsistencies in whether certain strings are detected as docstrings (#4095)
• Consistently add trailing commas to typed function parameters (#4164)
• Remove redundant parentheses in if guards for case blocks (#4214)
• Add parentheses to if clauses in case blocks when the line is too long (#4269)
• Whitespace before # fmt: skip comments is no longer normalized (#4146)
• Fix line length computation for certain expressions that involve the power operator (#4154)
• Check if there is a newline before the terminating quotes of a docstring (#4185)
• Fix type annotation spacing between * and more complex type variable tuple (#4440)

The following changes were not in any previous release:

• Remove parentheses around sole list items (#4312)
• Generic function definitions are now formatted more elegantly: parameters are split over multiple lines first instead of type parameter definitions (#4553)

Stable style

• Fix formatting cells in IPython notebooks with magic methods and starting or trailing empty lines (#4484)
• Fix crash when formatting with statements containing tuple generators/unpacking (#4538)

Preview style

• Fix/remove string merging changing f-string quotes on f-strings with internal quotes (#4498)
• Collapse multiple empty lines after an import into one (#4489)
• Prevent string_processing and wrap_long_dict_values_in_parens from removing parentheses around long dictionary values (#4377)
• Move wrap_long_dict_values_in_parens from the unstable to preview style (#4561)

Packaging

• Store license identifier inside the License-Expression metadata field, see PEP 639. (#4479)

Performance

• Speed up the is_fstring_start function in Black's tokenizer (#4541)

Integrations

• If using stdin with --stdin-filename set to a force excluded path, stdin won't be

... (truncated)

Changelog

Sourced from black's changelog.

25.1.0

Highlights

This release introduces the new 2025 stable style (#4558), stabilizing the following changes:

• Normalize casing of Unicode escape characters in strings to lowercase (#2916)
• Fix inconsistencies in whether certain strings are detected as docstrings (#4095)
• Consistently add trailing commas to typed function parameters (#4164)
• Remove redundant parentheses in if guards for case blocks (#4214)
• Add parentheses to if clauses in case blocks when the line is too long (#4269)
• Whitespace before # fmt: skip comments is no longer normalized (#4146)
• Fix line length computation for certain expressions that involve the power operator (#4154)
• Check if there is a newline before the terminating quotes of a docstring (#4185)
• Fix type annotation spacing between * and more complex type variable tuple (#4440)

The following changes were not in any previous release:

• Remove parentheses around sole list items (#4312)
• Generic function definitions are now formatted more elegantly: parameters are split over multiple lines first instead of type parameter definitions (#4553)

Stable style

• Fix formatting cells in IPython notebooks with magic methods and starting or trailing empty lines (#4484)
• Fix crash when formatting with statements containing tuple generators/unpacking (

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.