Bump the development-dependencies group across 1 directory with 8 updates

[dependabot]

Updates the requirements on asyncio, cryptography, pillow, uvloop, pytest, pytest-asyncio, pytest-cov and ruff to permit the latest version.
Updates asyncio to 4.0.0

Commits

• See full diff in compare view

Updates cryptography to 46.0.3

Changelog

Sourced from cryptography's changelog.

46.0.3 - 2025-10-15

* Fixed compilation when using LibreSSL 4.2.0.
.. _v46-0-2:
46.0.2 - 2025-09-30

• Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.4.

.. _v46-0-1:

46.0.1 - 2025-09-16

* Fixed an issue where users installing via ``pip`` on Python 3.14 development
  versions would not properly install a dependency.
* Fixed an issue building the free-threaded macOS 3.14 wheels.
.. _v46-0-0:
46.0.0 - 2025-09-16

• BACKWARDS INCOMPATIBLE: Support for Python 3.7 has been removed.
• Support for OpenSSL < 3.0 is deprecated and will be removed in the next release.
• Support for x86_64 macOS (including publishing wheels) is deprecated and will be removed in two releases. We will switch to publishing an arm64 only wheel for macOS.
• Support for 32-bit Windows (including publishing wheels) is deprecated and will be removed in two releases. Users should move to a 64-bit Python installation.
• Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.3.
• We now build ppc64le manylinux wheels and publish them to PyPI.
• We now build win_arm64 (Windows on Arm) wheels and publish them to PyPI.
• Added support for free-threaded Python 3.14.
• Removed the deprecated get_attribute_for_oid method on :class:~cryptography.x509.CertificateSigningRequest. Users should use :meth:~cryptography.x509.Attributes.get_attribute_for_oid instead.
• Removed the deprecated CAST5, SEED, IDEA, and Blowfish classes from the cipher module. These are still available in :doc:/hazmat/decrepit/index.
• In X.509, when performing a PSS signature with a SHA-3 hash, it is now encoded with the official NIST SHA3 OID.

.. _v45-0-7:

... (truncated)

Commits

• c0af4dd release 46.0.3 (#13681)
• 99efe5a bump version for 46.0.2 (#13531)
• e735cfc release 46.0.1 (#13450)
• 4e457ff Explicitly specify python in mac uv build invocation (#13447)
• 2726efd Depend on CFFI 2.0.0 or newer on Python > 3.8 (#13448)
• 6223062 release 46.0.0 (#13446)
• 563c491 Update comment for pyopenssl-release tag (#13445)
• d2f6f7f Bump downstream dependencies in CI (#13439)
• e7ab02b we'll ship this with 3.5.3 why not (#13442)
• 0b68a4b Another pair of bump dependencies fix (#13444)
• Additional commits viewable in compare view

Updates pillow to 12.0.0

Release notes

Sourced from pillow's releases.

12.0.0

https://pillow.readthedocs.io/en/stable/releasenotes/12.0.0.html

Removals

• Remove support for FreeType <= 2.9.0 #9159 [@​radarhere]
• Drop support for Python 3.9 #9119 [@​hugovk]
• Remove deprecations for Pillow 12.0.0 #9053 [@​radarhere]

Deprecations

• Deprecate Image._show #9186 [@​radarhere]
• Deprecate ImageCmsProfile product_name and product_info #8995 [@​lukegb]

Documentation

• ImagingHistogramInstance can use two bands #9251 [@​radarhere]
• Update 12.0.0 release notes #9247 [@​hugovk]
• Added ImageDraw alpha channel examples #9201 [@​radarhere]
• Update Python version #9230 [@​radarhere]
• Updated macOS tested Pillow versions #9209 [@​radarhere]
• Add GitHub profile link to release notes #9197 [@​radarhere]
• Split versionadded info #9190 [@​radarhere]
• Document ImageFile.MAXBLOCK #9163 [@​radarhere]
• Updated macOS version in CI targets #9157 [@​radarhere]
• Fix typos #9135 [@​radarhere]
• Added "Colors" to concepts #9067 [@​radarhere]
• Update macOS tested Pillow versions #9068 [@​radarhere]
• Thanks, folks! #9056 [@​aclark4life]
• Setup nit: "fork" should be lowercased #9055 [@​aclark4life]

Dependencies

• Update dependency cibuildwheel to v3.2.1 #9246 [@renovate[bot]]
• [pre-commit.ci] pre-commit autoupdate #9233 [@pre-commit-ci[bot]]
• Update harfbuzz to 12.1.0 #9218 [@​radarhere]
• Update libtiff to 4.7.1 #9222 [@​radarhere]
• Update FreeType to 2.14.1 on macOS and Linux wheels #9217 [@​radarhere]
• Update dependency cibuildwheel to v3.2.0 #9219 [@renovate[bot]]
• Update Ghostscript to 10.6.0 #9202 [@​radarhere]
• Update openjpeg to 2.5.4 #9215 [@​radarhere]
• Update harfbuzz to 11.5.0 #9203 [@​radarhere]
• Update dependency mypy to v1.18.2 #9213 [@renovate[bot]]
• Update dependency mypy to v1.18.1 #9207 [@renovate[bot]]
• Update github-actions #9194 [@renovate[bot]]
• Updated harfbuzz to 11.4.5 #9150 [@​radarhere]
• Update zlib-ng to 2.2.5 #9140 [@​radarhere]
• Update raqm to 0.10.3 #9137 [@​radarhere]
• Update libjpeg-turbo to 3.1.2 #9188 [@​radarhere]
• [pre-commit.ci] pre-commit autoupdate #9180 [@pre-commit-ci[bot]]

... (truncated)

Changelog

Sourced from pillow's changelog.

Changelog (Pillow)

11.1.0 and newer

See GitHub Releases:

• https://github.com/python-pillow/Pillow/releases

11.0.0 (2024-10-15)

• Update licence to MIT-CMU #8460 [hugovk]

• Conditionally define ImageCms type hint to avoid requiring core #8197 [radarhere]

• Support writing LONG8 offsets in AppendingTiffWriter #8417 [radarhere]

• Use ImageFile.MAXBLOCK when saving TIFF images #8461 [radarhere]

• Do not close provided file handles with libtiff when saving #8458 [radarhere]

• Support ImageFilter.BuiltinFilter for I;16* images #8438 [radarhere]

• Use ImagingCore.ptr instead of ImagingCore.id #8341 [homm, radarhere, hugovk]

• Updated EPS mode when opening images without transparency #8281 [Yay295, radarhere]

• Use transparency when combining P frames from APNGs #8443 [radarhere]

• Support all resampling filters when resizing I;16* images #8422 [radarhere]

• Free memory on early return #8413 [radarhere]

• Cast int before potentially exceeding INT_MAX #8402 [radarhere]

... (truncated)

Commits

• 693df7b 12.0.0 version bump
• d175bb8 Use macos-14 for iOS arm64 simulator (#9258)
• 592b2f8 Revert "Use macos-latest for iOS arm64 simulator"
• 5dddb2c Use enums for Modes and RawModes in C (#9256)
• e7b72a3 Add ImageText (#9098)
• 864d4b6 Shift bits before making value negative (#9255)
• 994a9de Install arro3 dependencies when type checking (#9254)
• d5e1601 Improved documentation
• e533ccc Merge branch 'main' into imagetext
• 95a85dc Use snake case
• Additional commits viewable in compare view

Updates uvloop to 0.22.1

Release notes

Sourced from uvloop's releases.

v0.22.1

This is identical to 0.22.0, re-ran with CI fixes

Commits

• 74f4c96 uvloop 0.22.1
• 321d345 ci: bump pypa/gh-action-pypi-publish
• 3cf6b44 uvloop 0.22.0
• e4d569e ci: use native ubuntu-24.04-arm
• d9fa054 ci: fix test and release workflow
• 7effa90 ci: fix artifact handling
• 286b370 add free-threading support (#693)
• 46456b6 Fixes for Python 3.14 (#638)
• 96b7ed3 test: fix task name for Python 3.13.3/3.14 (#662)
• 5680792 test: fix getaddrinfo test (#663)
• Additional commits viewable in compare view

Updates pytest to 9.0.0

Release notes

Sourced from pytest's releases.

9.0.0

pytest 9.0.0 (2025-11-05)

New features

• #1367: Support for subtests has been added.

  subtests <subtests> are an alternative to parametrization, useful in situations where the parametrization values are not all known at collection time.

  Example:

  def contains_docstring(p: Path) -> bool:
      """Return True if the given Python file contains a top-level docstring."""
      ...
  def test_py_files_contain_docstring(subtests: pytest.Subtests) -> None:
  for path in Path.cwd().glob("*.py"):
  with subtests.test(path=str(path)):
  assert contains_docstring(path)

  Each assert failure or error is caught by the context manager and reported individually, giving a clear picture of all files that are missing a docstring.

  In addition, unittest.TestCase.subTest is now also supported.

  This feature was originally implemented as a separate plugin in pytest-subtests, but since then has been merged into the core.

  [!NOTE] This feature is experimental and will likely evolve in future releases. By that we mean that we might change how subtests are reported on failure, but the functionality and how to use it are stable.

• #13743: Added support for native TOML configuration files.

  While pytest, since version 6, supports configuration in pyproject.toml files under [tool.pytest.ini_options], it does so in an "INI compatibility mode", where all configuration values are treated as strings or list of strings. Now, pytest supports the native TOML data model.

  In pyproject.toml, the native TOML configuration is under the [tool.pytest] table.

  # pyproject.toml
  [tool.pytest]
  minversion = "9.0"
  addopts = ["-ra", "-q"]
  testpaths = [
      "tests",
      "integration",
  ]

... (truncated)

Commits

• f4b0fd2 Prepare release version 9.0.0
• 52d8e68 Merge pull request #13889 from bluetech/regendoc-restore
• d6d3e4a doc: fixes for regendoc
• 7cb3974 doc: restore missing "# content of pytest.toml" regendoc commands
• 5ae9e47 build(deps): Bump django in /testing/plugins_integration (#13881)
• adb3658 Merge pull request #13864 from bluetech/config-cleanups-2
• a28c08e Merge pull request #13875 from bluetech/ci-tweaks
• a250954 ci: split publish-to-pypi and push-tag jobs
• ebc152f ci: update setup python's from 3.11 or 3.* to 3.13
• dfd796f ci: move running update-plugin-list script to tox
• Additional commits viewable in compare view

Updates pytest-asyncio to 1.3.0

Release notes

Sourced from pytest-asyncio's releases.

pytest-asyncio 1.3.0

1.3.0 - 2025-11-10

Removed

• Support for Python 3.9 (#1278)

Added

• Support for pytest 9 (#1279)

Notes for Downstream Packagers

• Tested Python versions include free threaded Python 3.14t (#1274)
• Tests are run in the same pytest process, instead of spawning a subprocess with pytest.Pytester.runpytest_subprocess. This prevents the test suite from accidentally using a system installation of pytest-asyncio, which could result in test errors. (#1275)

Commits

• 2e9695f docs: Compile changelog for v1.3.0
• dd0e9ba docs: Reference correct issue in news fragment.
• 4c31abe Build(deps): Bump nh3 from 0.3.1 to 0.3.2
• 13e9477 Link to migration guides from changelog
• 4d2cf3c tests: handle Python 3.14 DefaultEventLoopPolicy deprecation warnings
• ee3549b test: Remove obsolete test for the event_loop fixture.
• 7a67c82 tests: Fix failing test by preventing warning conversion to error.
• a17b689 test: add pytest config to isolated test directories
• 18afc9d fix(tests): replace runpytest_subprocess with runpytest
• cdc6bd1 Add support for pytest 9 and drop Python 3.9 support
• Additional commits viewable in compare view

Updates pytest-cov to 7.0.0

Changelog

Sourced from pytest-cov's changelog.

7.0.0 (2025-09-09)

• Dropped support for subprocesses measurement.

  It was a feature added long time ago when coverage lacked a nice way to measure subprocesses created in tests. It relied on a .pth file, there was no way to opt-out and it created bad interations with coverage's new patch system <https://coverage.readthedocs.io/en/latest/config.html#run-patch>_ added in 7.10 <https://coverage.readthedocs.io/en/7.10.6/changes.html#version-7-10-0-2025-07-24>_.

  To migrate to this release you might need to enable the suprocess patch, example for .coveragerc:

  .. code-block:: ini

  [run] patch = subprocess

  This release also requires at least coverage 7.10.6.

• Switched packaging to have metadata completely in pyproject.toml and use hatchling <https://pypi.org/project/hatchling/>_ for building. Contributed by Ofek Lev in [#551](https://github.com/pytest-dev/pytest-cov/issues/551) <https://github.com/pytest-dev/pytest-cov/pull/551>_ with some extras in [#716](https://github.com/pytest-dev/pytest-cov/issues/716) <https://github.com/pytest-dev/pytest-cov/pull/716>_.

• Removed some not really necessary testing deps like six.

6.3.0 (2025-09-06)

• Added support for markdown reports. Contributed by Marcos Boger in [#712](https://github.com/pytest-dev/pytest-cov/issues/712) <https://github.com/pytest-dev/pytest-cov/pull/712>_ and [#714](https://github.com/pytest-dev/pytest-cov/issues/714) <https://github.com/pytest-dev/pytest-cov/pull/714>_.
• Fixed some formatting issues in docs. Anonymous contribution in [#706](https://github.com/pytest-dev/pytest-cov/issues/706) <https://github.com/pytest-dev/pytest-cov/pull/706>_.

6.2.1 (2025-06-12)

• Added a version requirement for pytest's pluggy dependency (1.2.0, released 2023-06-21) that has the required new-style hookwrapper API.

• Removed deprecated license classifier (packaging).

• Disabled coverage warnings in two more situations where they have no value:

  • "module-not-measured" in workers
  • "already-imported" in subprocesses

6.2.0 (2025-06-11)

• The plugin now adds 3 rules in the filter warnings configuration to prevent common coverage warnings being raised as obscure errors::

  default:unclosed database in <sqlite3.Connection object at:ResourceWarning once::PytestCovWarning

... (truncated)

Commits

• 224d896 Bump version: 6.3.0 → 7.0.0
• 73424e3 Cleanup the docs a bit.
• 36f1cc2 Bump pins in template.
• f299c59 Bump the github-actions group with 2 updates
• 25f0b2e Update docs/config.rst
• bb23eac Improve configuration docs
• a19531e Switch from build/pre-commit to uv/prek - this should make this faster.
• 82f9993 Update changelog.
• 211b5cd Fix links.
• 97aadd7 Update some ci config, reformat and apply some lint fixes.
• Additional commits viewable in compare view

Updates ruff to 0.14.4

Release notes

Sourced from ruff's releases.

0.14.4

Release Notes

Released on 2025-11-06.

Preview features

• [formatter] Allow newlines after function headers without docstrings (#21110)
• [formatter] Avoid extra parentheses for long match patterns with as captures (#21176)
• [refurb] Expand fix safety for keyword arguments and Decimals (FURB164) (#21259)
• [refurb] Preserve argument ordering in autofix (FURB103) (#20790)

Bug fixes

• [server] Fix missing diagnostics for notebooks (#21156)
• [flake8-bugbear] Ignore non-NFKC attribute names in B009 and B010 (#21131)
• [refurb] Fix false negative for underscores before sign in Decimal constructor (FURB157) (#21190)
• [ruff] Fix false positives on starred arguments (RUF057) (#21256)

Rule changes

• [airflow] extend deprecated argument concurrency in airflow..DAG (AIR301) (#21220)

Documentation

• Improve extend docs (#21135)
• [flake8-comprehensions] Fix typo in C416 documentation (#21184)
• Revise Ruff setup instructions for Zed editor (#20935)

Other changes

• Make ruff analyze graph work with jupyter notebooks (#21161)

Contributors

• @​chirizxc
• @​Lee-W
• @​musicinmybrain
• @​MichaReiser
• @​tjkuson
• @​danparizher
• @​renovate
• @​ntBre
• @​gauthsvenkat
• @​LoicRiegel

Install ruff 0.14.4

Install prebuilt binaries via shell script

... (truncated)

Changelog

Sourced from ruff's changelog.

0.14.4

Released on 2025-11-06.

Preview features

• [formatter] Allow newlines after function headers without docstrings (#21110)
• [formatter] Avoid extra parentheses for long match patterns with as captures (#21176)
• [refurb] Expand fix safety for keyword arguments and Decimals (FURB164) (#21259)
• [refurb] Preserve argument ordering in autofix (FURB103) (#20790)

Bug fixes

• [server] Fix missing diagnostics for notebooks (#21156)
• [flake8-bugbear] Ignore non-NFKC attribute names in B009 and B010 (#21131)
• [refurb] Fix false negative for underscores before sign in Decimal constructor (FURB157) (#21190)
• [ruff] Fix false positives on starred arguments (RUF057) (#21256)

Rule changes

• [airflow] extend deprecated argument concurrency in airflow..DAG (AIR301) (#21220)

Documentation

• Improve extend docs (#21135)
• [flake8-comprehensions] Fix typo in C416 documentation (#21184)
• Revise Ruff setup instructions for Zed editor (#20935)

Other changes

• Make ruff analyze graph work with jupyter notebooks (#21161)

Contributors

• @​chirizxc
• @​Lee-W
• @​musicinmybrain
• @​MichaReiser
• @​tjkuson
• @​danparizher
• @​renovate
• @​ntBre
• @​gauthsvenkat
• @​LoicRiegel

0.14.3

Released on 2025-10-30.

Preview features

... (truncated)

Commits

• c7ff982 Bump 0.14.4 (#21306)
• 35640dd Fix main by using infer_expression (#21299)
• cb2e277 [ty] Understand legacy and PEP 695 ParamSpec (#21139)
• 132d10f [ty] Discover site-packages from the environment that ty is installed in (#21...
• f189aad [ty] Make special cases for UnionType slightly narrower (#21276)
• 5517c99 Require ignore 0.4.24 in Cargo.toml (#21292)
• b5ff965 [ty] Favour imported symbols over builtin symbols (#21285)
• c6573b1 docs: revise Ruff setup instructions for Zed editor (#20935)
• 76127e5 [ty] Update salsa (#21281)
• cddc0fe [syntax-error]: no binding for nonlocal PLE0117 as a semantic syntax error (...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions