build(deps): bump the python group across 1 directory with 9 updates

[dependabot]

Bumps the python group with 9 updates in the / directory:

Package	From	To
requests	2.32.3	2.32.4
zipp	3.21.0	3.23.0
coverage	7.8.0	7.9.0
pytest	8.3.5	8.4.0
pytest-cov	6.1.1	6.2.1
pytest-mock	3.14.0	3.14.1
types-requests	2.32.0.20250328	2.32.4.20250611
types-setuptools	80.4.0.20250511	80.9.0.20250529
mypy	1.15.0	1.16.0

Updates requests from 2.32.3 to 2.32.4

Release notes

Sourced from requests's releases.

v2.32.4

2.32.4 (2025-06-10)

Security

• CVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted environment will retrieve credentials for the wrong hostname/machine from a netrc file. (#6965)

Improvements

• Numerous documentation improvements

Deprecations

• Added support for pypy 3.11 for Linux and macOS. (#6926)
• Dropped support for pypy 3.9 following its end of support. (#6926)

Changelog

Sourced from requests's changelog.

2.32.4 (2025-06-10)

Security

• CVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted environment will retrieve credentials for the wrong hostname/machine from a netrc file.

Improvements

• Numerous documentation improvements

Deprecations

• Added support for pypy 3.11 for Linux and macOS.
• Dropped support for pypy 3.9 following its end of support.

Commits

• 021dc72 Polish up release tooling for last manual release
• 821770e Bump version and add release notes for v2.32.4
• 59f8aa2 Add netrc file search information to authentication documentation (#6876)
• 5b4b64c Add more tests to prevent regression of CVE 2024 47081
• 7bc4587 Add new test to check netrc auth leak (#6962)
• 96ba401 Only use hostname to do netrc lookup instead of netloc
• 7341690 Merge pull request #6951 from tswast/patch-1
• 6716d7c remove links
• a7e1c74 Update docs/conf.py
• c799b81 docs: fix dead links to kenreitz.org
• Additional commits viewable in compare view

Updates zipp from 3.21.0 to 3.23.0

Changelog

Sourced from zipp's changelog.

v3.23.0

Features

• Add a compatibility shim for Python 3.13 and earlier. (#145)

v3.22.0

Features

• Backported simplified tests from python/cpython#123424. (#142)

Bugfixes

• Fixed .name, .stem, and other basename-based properties on Windows when working with a zipfile on disk. (#133)

Commits

• ccb4111 Finalize
• 5b5725d Merge pull request #146 from jaraco/debt/backport-gh-133337
• c1dca82 Remove unused dependency.
• 717d770 Add a compatibility shim for Python 3.13 and earlier.
• d860de4 gh-133306: Use \z instead of \Z in regular expressions in the stdlib (GH-133337)
• 30fe7ce Finalize
• fe1690b Remove duplicate changelog.
• 91bb1b6 Merge pull request #140 from barneygale/fix-133
• f49ec30 Add news fragment.
• 309ecd3 Re-use self.filename
• Additional commits viewable in compare view

Updates coverage from 7.8.0 to 7.9.0

Changelog

Sourced from coverage's changelog.

Version 7.9.0 — 2025-06-11

• Added a [run] core configuration setting to specify the measurement core, which was previously only available through the COVERAGE_CORE environment variable. Finishes issue 1746_.

• Fixed incorrect rendering of f-strings with doubled braces, closing issue 1980_.

• If the C tracer core can't be imported, a warning ("no-ctracer") is issued with the reason.

• The C tracer core extension module now conforms to PEP 489, closing issue 1977. Thanks, Adam Turner <pull 1978_>_.

• Fixed a "ValueError: min() arg is an empty sequence" error caused by strange empty modules, found by oss-fuzz_.

.. _issue 1746: nedbat/coveragepy#1746 .. _issue 1977: nedbat/coveragepy#1977 .. _pull 1978: nedbat/coveragepy#1978 .. _issue 1980: nedbat/coveragepy#1980 .. _PEP 489: https://peps.python.org/pep-0489 .. _oss-fuzz: https://google.github.io/oss-fuzz/

.. _changes_7-8-2:

Version 7.8.2 — 2025-05-23

• Wheels are provided for Windows ARM64 on Python 3.11, 3.12, and 3.13. Thanks, Finn Womack <pull 1972_>_.

.. _issue 1971: nedbat/coveragepy#1971 .. _pull 1972: nedbat/coveragepy#1972

.. _changes_7-8-1:

Version 7.8.1 — 2025-05-21

• A number of EncodingWarnings were fixed that could appear if you've enabled PYTHONWARNDEFAULTENCODING, fixing issue 1966. Thanks, Henry Schreiner <pull 1967_>.

• Fixed a race condition when using sys.monitoring with free-threading Python, closing issue 1970_.

... (truncated)

Commits

• 452d86f docs: sample HTML for 7.9.0
• a670927 docs: prep for 7.9.0
• 3b0cb87 build: windows 3.14 is fixed
• bc8602d fix: issue a warning if the C tracer can't be imported
• d81a5f8 fix: prevent ValueError for bizarre empty modules
• 9f94c87 fix: properly render double braces in f-strings. #1980
• 1958c3f refactor: no need for a version check since we run mypy on late python now
• 8891312 docs: updated cog checksums
• 3ae5add chore: make upgrade (cog 3.5.0)
• 52407da refactor: mypy==1.16.0 had some complaints
• Additional commits viewable in compare view

Updates pytest from 8.3.5 to 8.4.0

Release notes

Sourced from pytest's releases.

8.4.0

pytest 8.4.0 (2025-06-02)

Removals and backward incompatible breaking changes

• #11372: Async tests will now fail, instead of warning+skipping, if you don't have any suitable plugin installed.

• #12346: Tests will now fail, instead of raising a warning, if they return any value other than None.

• #12874: We dropped support for Python 3.8 following its end of life (2024-10-07).

• #12960: Test functions containing a yield now cause an explicit error. They have not been run since pytest 4.0, and were previously marked as an expected failure and deprecation warning.

  See the docs <yield tests deprecated>{.interpreted-text role="ref"} for more information.

Deprecations (removal in next major release)

• #10839: Requesting an asynchronous fixture without a [pytest_fixture_setup]{.title-ref} hook that resolves it will now give a DeprecationWarning. This most commonly happens if a sync test requests an async fixture. This should have no effect on a majority of users with async tests or fixtures using async pytest plugins, but may affect non-standard hook setups or autouse=True. For guidance on how to work around this warning see sync-test-async-fixture{.interpreted-text role="ref"}.

New features

• #11538: Added pytest.RaisesGroup{.interpreted-text role="class"} as an equivalent to pytest.raises{.interpreted-text role="func"} for expecting ExceptionGroup{.interpreted-text role="exc"}. Also adds pytest.RaisesExc{.interpreted-text role="class"} which is now the logic behind pytest.raises{.interpreted-text role="func"} and used as parameter to pytest.RaisesGroup{.interpreted-text role="class"}. RaisesGroup includes the ability to specify multiple different expected exceptions, the structure of nested exception groups, and flags for emulating except* <except_star>{.interpreted-text role="ref"}. See assert-matching-exception-groups{.interpreted-text role="ref"} and docstrings for more information.

• #12081: Added capteesys{.interpreted-text role="fixture"} to capture AND pass output to next handler set by --capture=.

• #12504: pytest.mark.xfail{.interpreted-text role="func"} now accepts pytest.RaisesGroup{.interpreted-text role="class"} for the raises parameter when you expect an exception group. You can also pass a pytest.RaisesExc{.interpreted-text role="class"} if you e.g. want to make use of the check parameter.

• #12713: New [--force-short-summary]{.title-ref} option to force condensed summary output regardless of verbosity level.

  This lets users still see condensed summary output of failures for quick reference in log files from job outputs, being especially useful if non-condensed output is very verbose.

• #12749: pytest traditionally collects classes/functions in the test module namespace even if they are imported from another file.

  For example:

  # contents of src/domain.py
  class Testament: ...
  contents of tests/test_testament.py
  from domain import Testament
  def test_testament(): ...

  In this scenario with the default options, pytest will collect the class [Testament]{.title-ref} from [tests/test_testament.py]{.title-ref} because it starts with [Test]{.title-ref}, even though in this case it is a production class being imported in the test module namespace.

  This behavior can now be prevented by setting the new collect_imported_tests{.interpreted-text role="confval"} configuration option to false, which will make pytest collect classes/functions from test files only if they are defined in that file.

... (truncated)

Commits

• 315b3ae Prepare release version 8.4.0
• 1498ba3 Merge pull request #13467 from pytest-dev/towncrier-create
• e4389ac Remove resultlog from the docs (#13465)
• 64b2301 scripts/release: add missing build to towncrier call
• 4c205cf testing/plugins_integration: update Django (#13463)
• 4dcbcc9 Merge pull request #13458 from pytest-dev/dup-param-error
• 5293016 Merge pull request #13459 from pytest-dev/pyright-minor-fixes
• 7a48181 Add pyright configuration
• 9fc6db9 pytester: avoid confusing x self parameter
• 9aa198b mark/expression: fix self -> cls
• Additional commits viewable in compare view

Updates pytest-cov from 6.1.1 to 6.2.1

Changelog

Sourced from pytest-cov's changelog.

6.2.1 (2025-06-12)

• Added a version requirement for pytest's pluggy dependency (1.2.0, released 2023-06-21) that has the required new-style hookwrapper API.

• Removed deprecated license classifier (packaging).

• Disabled coverage warnings in two more situations where they have no value:

  • "module-not-measured" in workers
  • "already-imported" in subprocesses

6.2.0 (2025-06-11)

• The plugin now adds 3 rules in the filter warnings configuration to prevent common coverage warnings being raised as obscure errors::

  default:unclosed database in <sqlite3.Connection object at:ResourceWarning once::PytestCovWarning once::CoverageWarning

  This fixes most of the bad interactions that are occurring on pytest 8.4 with filterwarnings=error.

  The plugin will check if there already matching rules for the 3 categories (ResourceWarning, PytestCovWarning, CoverageWarning) and message (unclosed database in <sqlite3.Connection object at) before adding the filters.

  This means you can have this in your pytest configuration for complete oblivion (not recommended, if that is not clear)::

  filterwarnings = [ "error", "ignore:unclosed database in <sqlite3.Connection object at:ResourceWarning", "ignore::PytestCovWarning", "ignore::CoverageWarning", ]

Commits

• 55dbe43 Bump version: 6.2.0 → 6.2.1
• d17e9b7 Update changelog.
• 8964ab7 Add a note for this warning disable.
• e932e41 Prevent unimported warnings @ pytest-xdist workers
• 573379b Bring pytest-cov's suprocess management in line with coverage's process_start...
• f1884e8 Fix xdist pin.
• 512c669 Added minium version requirements for pluggin (for new-style hookwrappers). P...
• 629ba64 Remove deprecated license classifier.
• dca5723 Bump version: 6.1.1 → 6.2.0
• f69166a Also trigger the sqlite warning.
• Additional commits viewable in compare view

Updates pytest-mock from 3.14.0 to 3.14.1

Release notes

Sourced from pytest-mock's releases.

v3.14.1

• #503: Python 3.14 is now officially supported.

Changelog

Sourced from pytest-mock's changelog.

3.14.1 (2025-08-26)

• [#503](https://github.com/pytest-dev/pytest-mock/issues/503) <https://github.com/pytest-dev/pytest-mock/pull/503>_: Python 3.14 is now officially supported.

Commits

• 34dd61a Release 3.14.1
• 299adb9 Add support for Python 3.14 (#503)
• f5fcef7 [pre-commit.ci] pre-commit autoupdate (#504)
• bae64d8 [pre-commit.ci] pre-commit autoupdate (#502)
• 824f334 [pre-commit.ci] pre-commit autoupdate (#501)
• db1add6 [pre-commit.ci] pre-commit autoupdate (#500)
• 48ac874 [pre-commit.ci] pre-commit autoupdate (#499)
• fe7ad9a [pre-commit.ci] pre-commit autoupdate (#498)
• 7857e60 [pre-commit.ci] pre-commit autoupdate (#497)
• a8b97ea [pre-commit.ci] pre-commit autoupdate (#496)
• Additional commits viewable in compare view

Updates types-requests from 2.32.0.20250328 to 2.32.4.20250611

Commits

• See full diff in compare view

Updates types-setuptools from 80.4.0.20250511 to 80.9.0.20250529

Commits

• See full diff in compare view

Updates mypy from 1.15.0 to 1.16.0

Changelog

Sourced from mypy's changelog.

Mypy Release Notes

Next Release

Remove Support for targeting Python 3.8

Mypy now requires --python-version 3.9 or greater. Support for only Python 3.8 is fully removed now. Given an unsupported version, mypy will default to the oldest supported one, currently 3.9.

This change is necessary because typeshed stopped supporting Python 3.8 after it reached its End of Life in October 2024.

Contributed by Marc Mueller (PR 19157, PR 19162).

Initial Support for Python 3.14

Mypy is now tested on 3.14 and mypyc works with 3.14.0b3 and later. Mypyc compiled wheels of mypy itself will be available for new versions after 3.14.0rc1 is released.

Note that not all new features might be supported just yet.

Contributed by Marc Mueller (PR 19164)

Deprecated Flag: --force-uppercase-builtins

Mypy only supports Python 3.9+. The --force-uppercase-builtins flag is now deprecated and a no-op. It will be removed in a future version.

Contributed by Marc Mueller (PR 19176)

Mypy 1.16

We’ve just uploaded mypy 1.16 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features and bug fixes. You can install it as follows:

python3 -m pip install -U mypy

You can read the full documentation for this release on Read the Docs.

Different Property Getter and Setter Types

Mypy now supports using different types for a property getter and setter:

class A:
    _value: int
@property

</tr></table>

... (truncated)

Commits

• 9e72e96 Update version to 1.16.0
• 8fe719f Add changelog for 1.16 (#19138)
• 2a036e7 Revert "Infer correct types with overloads of Type[Guard | Is] (#19161)
• b6da4fc Allow enum members to have type objects as values (#19160)
• 334469f [mypyc] Improve documentation of native and non-native classes (#19154)
• a499d9f Document --allow-redefinition-new (#19153)
• 96525a2 Merge commit '9e45dadcf6d8dbab36f83d9df94a706c0b4f9207' into release-1.16
• 9e45dad Clear more data in TypeChecker.reset() instead of asserting (#19087)
• 772cd0c Add --strict-bytes to --strict (#19049)
• 0b65f21 Admit that Final variables are never redefined (#19083)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 76.92%. Comparing base (6b6e8df) to head (54f1639).

Additional details and impacted files

@@           Coverage Diff           @@
##           master    #1296   +/-   ##
=======================================
  Coverage   76.92%   76.92%           
=======================================
  Files          20       20           
  Lines        1309     1309           
=======================================
  Hits         1007     1007           
  Misses        302      302           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.