chore(deps): bump the poetry group across 1 directory with 6 updates

[dependabot]

Bumps the poetry group with 6 updates in the / directory:

Package	From	To
cryptography	43.0.3	44.0.0
fastapi	0.115.5	0.115.6
httpx	0.27.2	0.28.1
icalendar	6.0.1	6.1.0
redis	5.2.0	5.2.1
ruff	0.7.4	0.8.3

Updates cryptography from 43.0.3 to 44.0.0

Changelog

Sourced from cryptography's changelog.

44.0.0 - 2024-11-27

* **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL < 3.9.
* Deprecated Python 3.7 support. Python 3.7 is no longer supported by the
  Python core team. Support for Python 3.7 will be removed in a future
  ``cryptography`` release.
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.0.
* macOS wheels are now built against the macOS 10.13 SDK. Users on older
  versions of macOS should upgrade, or they will need to build
  ``cryptography`` themselves.
* Enforce the :rfc:`5280` requirement that extended key usage extensions must
  not be empty.
* Added support for timestamp extraction to the
  :class:`~cryptography.fernet.MultiFernet` class.
* Relax the Authority Key Identifier requirements on root CA certificates
  during X.509 verification to allow fields permitted by :rfc:`5280` but
  forbidden by the CA/Browser BRs.
* Added support for :class:`~cryptography.hazmat.primitives.kdf.argon2.Argon2id`
  when using OpenSSL 3.2.0+.
* Added support for the :class:`~cryptography.x509.Admissions` certificate extension.
* Added basic support for PKCS7 decryption (including S/MIME 3.2) via
  :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_der`,
  :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_pem`, and
  :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_smime`.
.. _v43-0-3:

Commits

• f299a48 remove deprecated call (#12052)
• 439eb05 Bump version for 44.0.0 (#12051)
• 2c5ad4d chore(deps): bump maturin from 1.7.4 to 1.7.5 in /.github/requirements (#12050)
• d23968a chore(deps): bump libc from 0.2.165 to 0.2.166 (#12049)
• 133c0e0 Bump x509-limbo and/or wycheproof in CI (#12047)
• f2259d7 Bump BoringSSL and/or OpenSSL in CI (#12046)
• e201c87 fixed metadata in changelog (#12044)
• c6104cc Prohibit Python 3.9.0, 3.9.1 -- they have a bug that causes errors (#12045)
• d6cac75 Add support for decrypting S/MIME messages (#11555)
• b8e5bfd chore(deps): bump libc from 0.2.164 to 0.2.165 (#12042)
• Additional commits viewable in compare view

Updates fastapi from 0.115.5 to 0.115.6

Release notes

Sourced from fastapi's releases.

0.115.6

Fixes

• 🐛 Preserve traceback when an exception is raised in sync dependency with yield. PR #5823 by @​sombek.

Refactors

• ♻️ Update tests and internals for compatibility with Pydantic >=2.10. PR #12971 by @​tamird.

Docs

• 📝 Update includes format in docs with an automated script. PR #12950 by @​tiangolo.
• 📝 Update includes for docs/de/docs/advanced/using-request-directly.md. PR #12685 by @​alissadb.
• 📝 Update includes for docs/de/docs/how-to/conditional-openapi.md. PR #12689 by @​alissadb.

Translations

• 🌐 Add Traditional Chinese translation for docs/zh-hant/docs/async.md. PR #12990 by @​ILoveSorasakiHina.
• 🌐 Add Traditional Chinese translation for docs/zh-hant/docs/tutorial/query-param-models.md. PR #12932 by @​Vincy1230.
• 🌐 Add Korean translation for docs/ko/docs/advanced/testing-dependencies.md. PR #12992 by @​Limsunoh.
• 🌐 Add Korean translation for docs/ko/docs/advanced/websockets.md. PR #12991 by @​kwang1215.
• 🌐 Add Portuguese translation for docs/pt/docs/tutorial/response-model.md. PR #12933 by @​AndreBBM.
• 🌐 Add Korean translation for docs/ko/docs/advanced/middlewares.md. PR #12753 by @​nahyunkeem.
• 🌐 Add Korean translation for docs/ko/docs/advanced/openapi-webhooks.md. PR #12752 by @​saeye.
• 🌐 Add Chinese translation for docs/zh/docs/tutorial/query-param-models.md. PR #12931 by @​Vincy1230.
• 🌐 Add Russian translation for docs/ru/docs/tutorial/query-param-models.md. PR #12445 by @​gitgernit.
• 🌐 Add Korean translation for docs/ko/docs/tutorial/query-param-models.md. PR #12940 by @​jts8257.
• 🔥 Remove obsolete tutorial translation to Chinese for docs/zh/docs/tutorial/sql-databases.md, it references files that are no longer on the repo. PR #12949 by @​tiangolo.

Internal

• ⬆ [pre-commit.ci] pre-commit autoupdate. PR #12954 by @​pre-commit-ci[bot].

Commits

• bb8c2a6 🔖 Release version 0.115.6
• 905ec1e 📝 Update release notes
• 4f81575 🐛 Preserve traceback when exception is raised in sync dependency with yield...
• 8255edf 📝 Update release notes
• 53c8784 🌐 Add Traditional Chinese translation for docs/zh-hant/docs/async.md (#12990)
• 2971352 📝 Update release notes
• 8376228 🌐 Add Traditional Chinese translation for `docs/zh-hant/docs/tutorial/query-p...
• 6c7873c 📝 Update release notes
• d75b81c 🌐 Add Korean translation for docs/ko/docs/advanced/testing-dependencies.md ...
• 206037c 📝 Update release notes
• Additional commits viewable in compare view

Updates httpx from 0.27.2 to 0.28.1

Release notes

Sourced from httpx's releases.

Version 0.28.1

0.28.1 (6th December, 2024)

• Fix SSL case where verify=False together with client side certificates.

Version 0.28.0

0.28.0 (28th November, 2024)

The 0.28 release includes a limited set of deprecations.

Deprecations:

We are working towards a simplified SSL configuration API.

For users of the standard verify=True or verify=False cases, or verify=<ssl_context> case this should require no changes. The following cases have been deprecated...

• The verify argument as a string argument is now deprecated and will raise warnings.
• The cert argument is now deprecated and will raise warnings.

Our revised SSL documentation covers how to implement the same behaviour with a more constrained API.

The following changes are also included:

• The deprecated proxies argument has now been removed.
• The deprecated app argument has now been removed.
• JSON request bodies use a compact representation. (#3363)
• Review URL percent escape sets, based on WHATWG spec. (#3371, #3373)
• Ensure certifi and httpcore are only imported if required. (#3377)
• Treat socks5h as a valid proxy scheme. (#3178)
• Cleanup Request() method signature in line with client.request() and httpx.request(). (#3378)

Changelog

Sourced from httpx's changelog.

0.28.1 (6th December, 2024)

• Fix SSL case where verify=False together with client side certificates.

0.28.0 (28th November, 2024)

The 0.28 release includes a limited set of deprecations.

Deprecations:

We are working towards a simplified SSL configuration API.

For users of the standard verify=True or verify=False cases, or verify=<ssl_context> case this should require no changes. The following cases have been deprecated...

• The verify argument as a string argument is now deprecated and will raise warnings.
• The cert argument is now deprecated and will raise warnings.

Our revised SSL documentation covers how to implement the same behaviour with a more constrained API.

The following changes are also included:

• The deprecated proxies argument has now been removed.
• The deprecated app argument has now been removed.
• JSON request bodies use a compact representation. (#3363)
• Review URL percent escape sets, based on WHATWG spec. (#3371, #3373)
• Ensure certifi and httpcore are only imported if required. (#3377)
• Treat socks5h as a valid proxy scheme. (#3178)
• Cleanup Request() method signature in line with client.request() and httpx.request(). (#3378)
• Bugfix: When passing params={}, always strictly update rather than merge with an existing querystring. (#3364)

Commits

• 26d48e0 Version 0.28.1 (#3445)
• 89599a9 Fix verify=False, cert=... case. (#3442)
• 8ecb86f Add test for request params behavior changes (#3364) (#3440)
• 0cb7e5a Bump the python-packages group with 11 updates (#3434)
• 15e21e9 Updating deprecated docstring Client() class (#3426)
• 80960fa Version 0.28.0. (#3419)
• a33c878 Fix extensions type annotation. (#3380)
• ce7e14d Error on verify as str. (#3418)
• 47f4a96 Handle empty zstd responses (#3412)
• 189fc4b Update CHANGELOG.md, fix typo(s) (#3406)
• Additional commits viewable in compare view

Updates icalendar from 6.0.1 to 6.1.0

Release notes

Sourced from icalendar's releases.

v6.1.0

To view the changes, please see the Changelog. This release can be installed from PyPI.

Changelog

Sourced from icalendar's changelog.

6.1.0 (2024-11-22)

Minor changes:

• Add end, start, duration, DTSTART, DUE, and DURATION attributes to Todo components. See Issue 662_.
• Add DTSTART, TZOFFSETTO and TZOFFSETFROM properties to TimezoneStandard and TimezoneDaylight. See Issue 662_.
• Format test code with Ruff. See Issue 672 <https://github.com/collective/icalendar/issues/672>_.
• Document the Debian package. See Issue 701 <https://github.com/collective/icalendar/issues/701>_.
• Document vDatetime.from_ical
• Allow passing a datetime.date to TZP.localize_utc and TZP.localize methods.
• Document component classes with description from :rfc:5545.
• Merge "File Structure" and "Overview" sections in the docs. See Issue 626 <https://github.com/collective/icalendar/issues/626>_.
• Update code blocks in usage.rst with the correct lexer.
• Tidy up the docstring for icalendar.prop.vPeriod.
• Improve typing and fix typing issues

New features:

• Add VALARM properties for :rfc:9074. See Issue 657 <https://github.com/collective/icalendar/issues/657>_
• Test compatibility with Python 3.13
• Add Timezone.from_tzinfo() and Timezone.from_tzid() to create a Timezone component from a datetime.tzinfo timezone. See Issue 722_.
• Add icalendar.prop.tzid_from_tzinfo.
• Add icalendar.alarms module to calculate alarm times. See Issue 716 <https://github.com/collective/icalendar/issues/716>_.
• Add Event.alarms and Todo.alarms to access alarm calculation.
• Add Component.DTSTAMP and Component.LAST_MODIFIED properties for datetime in UTC.
• Add Component.is_thunderbird() to check if the component uses custom properties by Thunderbird.
• Add X_MOZ_SNOOZE_TIME and X_MOZ_LASTACK properties to Event and Todo.
• Add Alarm.ACKNOWLEDGED, Alarm.TRIGGER, Alarm.REPEAT, and Alarm.DURATION properties as well as Alarm.triggers to calculate alarm triggers.
• Add __doc__ string documentation for vDate, vBoolean, vCalAddress, vDuration, vFloat, vGeo, vInt, vPeriod, vTime, vUTCOffset and vUri. See Issue 742 <https://github.com/collective/icalendar/issues/742>_.
• Add DTSTART, TZOFFSETTO, and TZOFFSETFROM to TimezoneStandard and TimezoneDaylight
• Use example methods of components without arguments.
• Add events, timezones, and todos property to Calendar for nicer access.
• To calculate which timezones are in use and add them to the Calendar when needed these methods are added: get_used_tzids, get_missing_tzids, and add_missing_timezones.
• Identify the TZID of more timezones from dateutil.
• Identify totally unknown timezones using a UTC offset lookup tree generated in icalendar.timezone.equivalent_timezone_ids and stored in icalendar.timezone.equivalent_timezone_ids.
• Add icalendar.timezone.tzid to identify a timezone's TZID.

Bug fixes:

• Add icalendar.timezone to the documentation.

.. _Issue 722: collective/icalendar#722

Commits

• a492d69 Merge pull request #748 from niccokunzmann/release
• 9f4e436 version 6.1.0
• 590c4b6 Merge pull request #746 from collective/prop-docstring
• c41557d Merge branch 'main' into prop-docstring
• 345b96c This adds generating VTIMEZONE components from tzinfo objects (#741)
• 8e8af07 changelog
• 1f8b266 changelog
• 921ad52 Tidy up the docstring for icalendar.prop.vPeriod
• 32c5049 Merge pull request #745 from SerifOZ/doc
• 5732b8f Merge pull request #739 from natashamm/file_stucture_overview
• Additional commits viewable in compare view

Updates redis from 5.2.0 to 5.2.1

Release notes

Sourced from redis's releases.

5.2.1

Changes

🐛 Bug Fixes

• Fixed unsecured tempfile.mktemp() command usage (#3446)
• Fixed bug with SLOWLOG GET response parsing on Redis Software (#3441)
• Fixed issue with invoking _close() on closed event loop (#3438)

🧰 Maintenance

• Migrate test infrastructure to new custom docker images (#3415)
• Fixed flacky test with HEXPIREAT command (#3437)

Contributors

We'd like to thank all the contributors who worked on this release!

@​IlianIliev @​uglide @​vladvildanov @​teodorfn @​akx

Commits

• a74fa6a Release 5.2.1 (#3451)
• See full diff in compare view

Updates ruff from 0.7.4 to 0.8.3

Release notes

Sourced from ruff's releases.

0.8.3

Release Notes

Preview features

• Fix fstring formatting removing overlong implicit concatenated string in expression part (#14811)
• [airflow] Add fix to remove deprecated keyword arguments (AIR302) (#14887)
• [airflow]: Extend rule to include deprecated names for Airflow 3.0 (AIR302) (#14765 and #14804)
• [flake8-bugbear] Improve error messages for except* (B025, B029, B030, B904) (#14815)
• [flake8-bugbear] itertools.batched() without explicit strict (B911) (#14408)
• [flake8-use-pathlib] Dotless suffix passed to Path.with_suffix() (PTH210) (#14779)
• [pylint] Include parentheses and multiple comparators in check for boolean-chained-comparison (PLR1716) (#14781)
• [ruff] Do not simplify round() calls (RUF046) (#14832)
• [ruff] Don't emit used-dummy-variable on function parameters (RUF052) (#14818)
• [ruff] Implement if-key-in-dict-del (RUF051) (#14553)
• [ruff] Mark autofix for RUF052 as always unsafe (#14824)
• [ruff] Teach autofix for used-dummy-variable about TypeVars etc. (RUF052) (#14819)

Rule changes

• [flake8-bugbear] Offer unsafe autofix for no-explicit-stacklevel (B028) (#14829)
• [flake8-pyi] Skip all type definitions in string-or-bytes-too-long (PYI053) (#14797)
• [pyupgrade] Do not report when a UTF-8 comment is followed by a non-UTF-8 one (UP009) (#14728)
• [pyupgrade] Mark fixes for convert-typed-dict-functional-to-class and convert-named-tuple-functional-to-class as unsafe if they will remove comments (UP013, UP014) (#14842)

Bug fixes

• Raise syntax error for mixing except and except* (#14895)
• [flake8-bugbear] Fix B028 to allow stacklevel to be explicitly assigned as a positional argument (#14868)
• [flake8-bugbear] Skip B028 if warnings.warn is called with *args or **kwargs (#14870)
• [flake8-comprehensions] Skip iterables with named expressions in unnecessary-map (C417) (#14827)
• [flake8-pyi] Also remove self and cls's annotation (PYI034) (#14801)
• [flake8-pytest-style] Fix pytest-parametrize-names-wrong-type (PT006) to edit both argnames and argvalues if both of them are single-element tuples/lists (#14699)
• [perflint] Improve autofix for PERF401 (#14369)
• [pylint] Fix PLW1508 false positive for default string created via a mult operation (#14841)

Contributors

• @​AlexWaygood
• @​BurntSushi
• @​DimitriPapadopoulos
• @​Glyphack
• @​InSyncWithFoo
• @​Lee-W
• @​MichaReiser
• @​UnknownPlatypus
• @​carljm
• @​cclauss
• @​dcreager
• @​dhruvmanila
• @​dylwil3

... (truncated)

Changelog

Sourced from ruff's changelog.

0.8.3

Preview features

• Fix fstring formatting removing overlong implicit concatenated string in expression part (#14811)
• [airflow] Add fix to remove deprecated keyword arguments (AIR302) (#14887)
• [airflow]: Extend rule to include deprecated names for Airflow 3.0 (AIR302) (#14765 and #14804)
• [flake8-bugbear] Improve error messages for except* (B025, B029, B030, B904) (#14815)
• [flake8-bugbear] itertools.batched() without explicit strict (B911) (#14408)
• [flake8-use-pathlib] Dotless suffix passed to Path.with_suffix() (PTH210) (#14779)
• [pylint] Include parentheses and multiple comparators in check for boolean-chained-comparison (PLR1716) (#14781)
• [ruff] Do not simplify round() calls (RUF046) (#14832)
• [ruff] Don't emit used-dummy-variable on function parameters (RUF052) (#14818)
• [ruff] Implement if-key-in-dict-del (RUF051) (#14553)
• [ruff] Mark autofix for RUF052 as always unsafe (#14824)
• [ruff] Teach autofix for used-dummy-variable about TypeVars etc. (RUF052) (#14819)

Rule changes

• [flake8-bugbear] Offer unsafe autofix for no-explicit-stacklevel (B028) (#14829)
• [flake8-pyi] Skip all type definitions in string-or-bytes-too-long (PYI053) (#14797)
• [pyupgrade] Do not report when a UTF-8 comment is followed by a non-UTF-8 one (UP009) (#14728)
• [pyupgrade] Mark fixes for convert-typed-dict-functional-to-class and convert-named-tuple-functional-to-class as unsafe if they will remove comments (UP013, UP014) (#14842)

Bug fixes

• Raise syntax error for mixing except and except* (#14895)
• [flake8-bugbear] Fix B028 to allow stacklevel to be explicitly assigned as a positional argument (#14868)
• [flake8-bugbear] Skip B028 if warnings.warn is called with *args or **kwargs (#14870)
• [flake8-comprehensions] Skip iterables with named expressions in unnecessary-map (C417) (#14827)
• [flake8-pyi] Also remove self and cls's annotation (PYI034) (#14801)
• [flake8-pytest-style] Fix pytest-parametrize-names-wrong-type (PT006) to edit both argnames and argvalues if both of them are single-element tuples/lists (#14699)
• [perflint] Improve autofix for PERF401 (#14369)
• [pylint] Fix PLW1508 false positive for default string created via a mult operation (#14841)

0.8.2

Preview features

• [airflow] Avoid deprecated values (AIR302) (#14582)
• [airflow] Extend removed names for AIR302 (#14734)
• [ruff] Extend unnecessary-regular-expression to non-literal strings (RUF055) (#14679)
• [ruff] Implement used-dummy-variable (RUF052) (#14611)
• [ruff] Implement unnecessary-cast-to-int (RUF046) (#14697)

Rule changes

• [airflow] Check AIR001 from builtin or providers operators module (#14631)
• [flake8-pytest-style] Remove @ in pytest.mark.parametrize rule messages (#14770)
• [pandas-vet] Skip rules if the panda module hasn't been seen (#14671)

... (truncated)

Commits

• 53f2d72 Revert certain double quotes from workflow shell script (#14939)
• 3629cbf Use double quotes consistently for shell scripts (#14938)
• 37f4338 Bump version to 0.8.3 (#14937)
• 45b565c [red-knot] Any cannot be parameterized (#14933)
• 82faa9b Add tests demonstrating f-strings with debug expressions in replacements that...
• 2eac00c [perflint] fix invalid hoist in perf401 (#14369)
• 033ecf5 Also have zizmor check for low-severity security issues (#14893)
• 5509a3d Add LSP settings example for Zed editor (#14894)
• e4885a2 [red-knot] Understand typing.Tuple (#14927)
• a7e5e42 [red-knot] Make attributes.md test future-proof (#14923)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.