chore(deps): bump the python-dependencies group across 1 directory with 7 updates

[dependabot]

Bumps the python-dependencies group with 7 updates in the / directory:

Package	From	To
alembic	1.17.1	1.17.2
pydantic-settings	2.11.0	2.12.0
newrelic	11.0.1	11.1.0
click	8.3.0	8.3.1
ruff	0.14.3	0.14.5
bandit	1.8.6	1.9.1
pre-commit	4.3.0	4.4.0

Updates alembic from 1.17.1 to 1.17.2

Release notes

Sourced from alembic's releases.

1.17.2

Released: November 14, 2025

feature

• [feature] [operations] Added Operations.implementation_for.replace parameter to Operations.implementation_for(), allowing replacement of existing operation implementations. This allows for existing operations such as CreateTableOp to be extended directly. Pull request courtesy justanothercatgirl.

  References: #1750

bug

• [bug] [mssql] Fixed issue in SQL Server dialect where the DROP that's automatically emitted for existing default constraints during an ALTER COLUMN needs to take place before not just the modification of the column's default, but also before the column's type is changed.

  References: #1744

Commits

• See full diff in compare view

Updates pydantic-settings from 2.11.0 to 2.12.0

Release notes

Sourced from pydantic-settings's releases.

v2.12.0

What's Changed

• Support for enum kebab case. by @​kschwab in pydantic/pydantic-settings#686
• Apply source order: init > env > dotenv > secrets > defaults and pres… by @​chbndrhnns in pydantic/pydantic-settings#688
• Add NestedSecretsSettings source by @​makukha in pydantic/pydantic-settings#690
• Strip non-explicit default values. by @​kschwab in pydantic/pydantic-settings#692
• Coerce env vars if strict is True. by @​kschwab in pydantic/pydantic-settings#693
• Restore init kwarg names before returning final state dictionary. by @​kschwab in pydantic/pydantic-settings#700
• Drop Python3.9 support by @​hramezani in pydantic/pydantic-settings#699
• Adapt test_protected_namespace_defaults for dev. Pydantic by @​musicinmybrain in pydantic/pydantic-settings#637
• Add Python 3.14 by @​hramezani in pydantic/pydantic-settings#704
• Prepare release 2.12 by @​hramezani in pydantic/pydantic-settings#705

New Contributors

• @​chbndrhnns made their first contribution in pydantic/pydantic-settings#688

Full Changelog: pydantic/pydantic-settings@v2.11.0...v2.12.0

Commits

• 584983d Prepare release 2.12 (#705)
• 6b4d87e Add Python 3.14 (#704)
• 02de5b6 Adapt test_protected_namespace_defaults for dev. Pydantic (#637)
• 4239ea4 Drop Python3.9 support (#699)
• 5008c69 Restore init kwarg names before returning final state dictionary. (#700)
• 4433101 Coerce env vars if strict is True. (#693)
• 4d2ebfd Strip non-explicit default values. (#692)
• 4a6ffca Add NestedSecretsSettings source (#690)
• 7a6e96e Apply source order: init > env > dotenv > secrets > defaults and pres… (#688)
• 68563ed Support for enum kebab case. (#686)
• See full diff in compare view

Updates newrelic from 11.0.1 to 11.1.0

Release notes

Sourced from newrelic's releases.

v11.1.0

Notes

This release of the Python agent adds Python 3.14 support, new environment variables for attribute filter settings, support for async generators in transaction decorators, additional models in AWS Bedrock, and new methods in AWS Kinesis. This release also fixes a bug in aiomysql which caused RecursionError when using ConnectionPool where it was wrapped multiple times, a bug where properties were not properly passed in kombu's producer, and an error when shutdown_agent is called from within the harvest thread.

Install the agent using easy_install/pip/distribute via the Python Package Index, using conda via the Conda-Forge Package Index, or download it directly from the New Relic download site.

Features

• Add support for Python 3.14

  • Add support for Python 3.14.

• Add environment variables for attribute filters settings

  • The following settings now have the option to be set through environment variables:

    Configuration Setting	Environment variable
    attributes.enabled	NEW_RELIC_ATTRIBUTES_ENABLED
    attributes.exclude	NEW_RELIC_ATTRIBUTES_EXCLUDE
    attributes.include	NEW_RELIC_ATTRIBUTES_INCLUDE
    browser_monitoring.attributes.enabled	NEW_RELIC_BROWSER_MONITORING_ATTRIBUTES_ENABLED
    browser_monitoring.attributes.exclude	NEW_RELIC_BROWSER_MONITORING_ATTRIBUTES_EXCLUDE
    browser_monitoring.attributes.include	NEW_RELIC_BROWSER_MONITORING_ATTRIBUTES_INCLUDE
    error_collector.attributes.enabled	NEW_RELIC_ERROR_COLLECTOR_ATTRIBUTES_ENABLED
    error_collector.attributes.exclude	NEW_RELIC_ERROR_COLLECTOR_ATTRIBUTES_EXCLUDE
    error_collector.attributes.include	NEW_RELIC_ERROR_COLLECTOR_ATTRIBUTES_INCLUDE
    span_events.attributes.enabled	NEW_RELIC_SPAN_EVENTS_ATTRIBUTES_ENABLED
    span_events.attributes.exclude	NEW_RELIC_SPAN_EVENTS_ATTRIBUTES_EXCLUDE
    span_events.attributes.include	NEW_RELIC_SPAN_EVENTS_ATTRIBUTES_INCLUDE
    transaction_events.attributes.enabled	NEW_RELIC_TRANSACTION_EVENTS_ATTRIBUTES_ENABLED
    transaction_events.attributes.exclude	NEW_RELIC_TRANSACTION_EVENTS_ATTRIBUTES_EXCLUDE
    transaction_events.attributes.include	NEW_RELIC_TRANSACTION_EVENTS_ATTRIBUTES_INCLUDE
    transaction_segments.attributes.enabled	NEW_RELIC_TRANSACTION_SEGMENTS_ATTRIBUTES_ENABLED
    transaction_segments.attributes.exclude	NEW_RELIC_TRANSACTION_SEGMENTS_ATTRIBUTES_EXCLUDE
    transaction_segments.attributes.include	NEW_RELIC_TRANSACTION_SEGMENTS_ATTRIBUTES_INCLUDE
    transaction_tracer.attributes.enabled	NEW_RELIC_TRANSACTION_TRACER_ATTRIBUTES_ENABLED
    transaction_tracer.attributes.exclude	NEW_RELIC_TRANSACTION_TRACER_ATTRIBUTES_EXCLUDE
    transaction_tracer.attributes.include	NEW_RELIC_TRANSACTION_TRACER_ATTRIBUTES_INCLUDE

• Add support for async generators in transaction decorators

  • Previously, transaction decorators did not support being wrapped around async generators. This support has been added, and async generator transactions will now automatically measure event loop wait time and other statistics.

• Add support for additional models in AWS Bedrock instrumentation

  • Updates AWS Bedrock instrumentation through botocore and aiobotocore to support the following additional models

    • Claude Sonnet 3+ models

... (truncated)

Commits

• 68252f0 Update version of cibuildwheel to latest (#1570)
• 8c91a74 Enable environment variables for attribute filters (#1558)
• 8577eb7 Add additional trace points for AWS Kinesis (#1569)
• 4cb31b1 Revert "Fix notice_error logic for non-iterable exceptions. (#1564)" (#1568)
• b9d9d3b Fix notice_error logic for non-iterable exceptions. (#1564)
• 2dd463d Region aware/ Claude 3+ bedrock support (#1561)
• 3ed4a12 Bump github/codeql-action in the github_actions group (#1566)
• 953f379 Add free-threaded Python to CI (#1562)
• d1e7b60 Add instrumentation for new kinesis method (#1557)
• f9ab47b Bump the github_actions group with 4 updates (#1555)
• Additional commits viewable in compare view

Updates click from 8.3.0 to 8.3.1

Release notes

Sourced from click's releases.

8.3.1

This is the Click 8.3.1 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/click/8.3.1/ Changes: https://click.palletsprojects.com/page/changes/#version-8-3-1 Milestone: https://github.com/pallets/click/milestone/28

• Don't discard pager arguments by correctly using subprocess.Popen. #3039 #3055
• Replace Sentinel.UNSET default values by None as they're passed through the Context.invoke() method. #3066 #3065 #3068
• Fix conversion of Sentinel.UNSET happening too early, which caused incorrect behavior for multiple parameters using the same name. #3071 #3079
• Fix rendering when prompt and confirm parameter prompt_suffix is empty. #3019 #3021
• When Sentinel.UNSET is found during parsing, it will skip calls to type_cast_value. #3069 #3090
• Hide Sentinel.UNSET values as None when looking up for other parameters through the context inside parameter callbacks. #3136 #3137

Changelog

Sourced from click's changelog.

Version 8.3.1

Released 2025-11-15

• Don't discard pager arguments by correctly using subprocess.Popen. :issue:3039 :pr:3055
• Replace Sentinel.UNSET default values by None as they're passed through the Context.invoke() method. :issue:3066 :issue:3065 :pr:3068
• Fix conversion of Sentinel.UNSET happening too early, which caused incorrect behavior for multiple parameters using the same name. :issue:3071 :pr:3079
• Hide Sentinel.UNSET values as None when looking up for other parameters through the context inside parameter callbacks. :issue:3136 :pr:3137
• Fix rendering when prompt and confirm parameter prompt_suffix is empty. :issue:3019 :pr:3021
• When Sentinel.UNSET is found during parsing, it will skip calls to type_cast_value. :issue:3069 :pr:3090

Commits

• 1d038f2 release version 8.3.1
• 03f3889 Fix Ruff UP038 warning (#3141)
• 3867781 Fix Ruff UP038 warning
• b91bb95 Provide altered context to callbacks to hide UNSET values as None (#3137)
• 437e1e3 Temporarily provide a fake context to the callback to hide UNSET values as ...
• ea70da4 Don't test using a file in docs/ (#3102)
• e27b307 Make uv run --all-extras pyright --verifytypes click pass (#3072)
• a92c573 Fix test_edit to work with BSD sed (#3129)
• bd131e1 Fix test_edit to work with BSD sed
• 0b5c6b7 Add Best practices section (#3127)
• Additional commits viewable in compare view

Updates ruff from 0.14.3 to 0.14.5

Release notes

Sourced from ruff's releases.

0.14.5

Release Notes

Released on 2025-11-13.

Preview features

• [flake8-simplify] Apply SIM113 when index variable is of type int (#21395)
• [pydoclint] Fix false positive when Sphinx directives follow a "Raises" section (DOC502) (#20535)
• [pydoclint] Support NumPy-style comma-separated parameters (DOC102) (#20972)
• [refurb] Auto-fix annotated assignments (FURB101) (#21278)
• [ruff] Ignore str() when not used for simple conversion (RUF065) (#21330)

Bug fixes

• Fix syntax error false positive on alternative match patterns (#21362)
• [flake8-simplify] Fix false positive for iterable initializers with generator arguments (SIM222) (#21187)
• [pyupgrade] Fix false positive on relative imports from local .builtins module (UP029) (#21309)
• [pyupgrade] Consistently set the deprecated tag (UP035) (#21396)

Rule changes

• [refurb] Detect empty f-strings (FURB105) (#21348)

CLI

• Add option to provide a reason to --add-noqa (#21294)
• Add upstream linter URL to ruff linter --output-format=json (#21316)
• Add color to --help (#21337)

Documentation

• Add a new "Opening a PR" section to the contribution guide (#21298)
• Added the PyScripter IDE to the list of "Who is using Ruff?" (#21402)
• Update PyCharm setup instructions (#21409)
• [flake8-annotations] Add link to allow-star-arg-any option (ANN401) (#21326)

Other changes

• [configuration] Improve error message when line-length exceeds u16::MAX (#21329)

Contributors

• @​njhearp
• @​11happy
• @​hugovk
• @​Gankra
• @​ntBre
• @​pyscripter
• @​danparizher

... (truncated)

Changelog

Sourced from ruff's changelog.

0.14.5

Released on 2025-11-13.

Preview features

• [flake8-simplify] Apply SIM113 when index variable is of type int (#21395)
• [pydoclint] Fix false positive when Sphinx directives follow a "Raises" section (DOC502) (#20535)
• [pydoclint] Support NumPy-style comma-separated parameters (DOC102) (#20972)
• [refurb] Auto-fix annotated assignments (FURB101) (#21278)
• [ruff] Ignore str() when not used for simple conversion (RUF065) (#21330)

Bug fixes

• Fix syntax error false positive on alternative match patterns (#21362)
• [flake8-simplify] Fix false positive for iterable initializers with generator arguments (SIM222) (#21187)
• [pyupgrade] Fix false positive on relative imports from local .builtins module (UP029) (#21309)
• [pyupgrade] Consistently set the deprecated tag (UP035) (#21396)

Rule changes

• [refurb] Detect empty f-strings (FURB105) (#21348)

CLI

• Add option to provide a reason to --add-noqa (#21294)
• Add upstream linter URL to ruff linter --output-format=json (#21316)
• Add color to --help (#21337)

Documentation

• Add a new "Opening a PR" section to the contribution guide (#21298)
• Added the PyScripter IDE to the list of "Who is using Ruff?" (#21402)
• Update PyCharm setup instructions (#21409)
• [flake8-annotations] Add link to allow-star-arg-any option (ANN401) (#21326)

Other changes

• [configuration] Improve error message when line-length exceeds u16::MAX (#21329)

Contributors

• @​njhearp
• @​11happy
• @​hugovk
• @​Gankra
• @​ntBre
• @​pyscripter
• @​danparizher
• @​MichaReiser

... (truncated)

Commits

• 87dafb8 Bump 0.14.5 (#21435)
• 9e80e5a [ty] Support type[…] and Type[…] in implicit type aliases (#21421)
• f9cc26a [ty] Respect notebook cell boundaries when adding an auto import (#21322)
• d49c326 Update PyCharm setup instructions (#21409)
• e70fccb [ty] Improve LSP test server logging (#21432)
• 90b32f3 [ty] Ensure annotation/type expressions in stub files are always deferred (#2...
• 99694b6 Use profiling profile for cargo test(linux, release) (#21429)
• 67e54ff [ty] Fix panic for cyclic star imports (#21428)
• a01b0d7 [ty] Press 'enter' to rerun all mdtests (#21427)
• 04ab917 [ty] Further improve subscript assignment diagnostics (#21411)
• Additional commits viewable in compare view

Updates bandit from 1.8.6 to 1.9.1

Release notes

Sourced from bandit's releases.

1.9.1

What's Changed

• More Python version related fixes by @​ericwb in PyCQA/bandit#1327

Full Changelog: PyCQA/bandit@1.9.0...1.9.1

1.9.0

What's Changed

• Add instructions for Maintainers to create/publish a release by @​ericwb in PyCQA/bandit#1275
• Bump sigstore/cosign-installer from 3.9.1 to 3.9.2 by @​dependabot[bot] in PyCQA/bandit#1289
• Bump docker/login-action from 3.4.0 to 3.5.0 by @​dependabot[bot] in PyCQA/bandit#1290
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci[bot] in PyCQA/bandit#1291
• Bump actions/checkout from 4 to 5 by @​dependabot[bot] in PyCQA/bandit#1292
• Replace deprecated datetime.datetime.utcnow() by @​purplezimmermann in PyCQA/bandit#1295
• Bump actions/setup-python from 5 to 6 by @​dependabot[bot] in PyCQA/bandit#1296
• Bump sigstore/cosign-installer from 3.9.2 to 3.10.0 by @​dependabot[bot] in PyCQA/bandit#1298
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci[bot] in PyCQA/bandit#1303
• Fix typos by @​Shortfinga in PyCQA/bandit#1305
• Bump docker/login-action from 3.5.0 to 3.6.0 by @​dependabot[bot] in PyCQA/bandit#1306
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci[bot] in PyCQA/bandit#1315
• Bump sigstore/cosign-installer from 3.10.0 to 4.0.0 by @​dependabot[bot] in PyCQA/bandit#1317
• Support of Python 3.14 by @​ericwb in PyCQA/bandit#1323
• Drop support of end-of-life Python 3.9 by @​ericwb in PyCQA/bandit#1325
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci[bot] in PyCQA/bandit#1324

New Contributors

• @​purplezimmermann made their first contribution in PyCQA/bandit#1295
• @​Shortfinga made their first contribution in PyCQA/bandit#1305

Full Changelog: PyCQA/bandit@1.8.6...1.9.0

Commits

• a255dfa More Python version related fixes (#1327)
• 3f07bb0 [pre-commit.ci] pre-commit autoupdate (#1324)
• c8c3fb8 Drop support of end-of-life Python 3.9 (#1325)
• 5c30350 Support of Python 3.14 (#1323)
• e1ffdf6 Bump sigstore/cosign-installer from 3.10.0 to 4.0.0 (#1317)
• 176d4ca [pre-commit.ci] pre-commit autoupdate (#1315)
• 2fc3e9c Bump docker/login-action from 3.5.0 to 3.6.0 (#1306)
• 6a68546 Fix typos (#1305)
• 966be3c [pre-commit.ci] pre-commit autoupdate (#1303)
• a990c75 Bump sigstore/cosign-installer from 3.9.2 to 3.10.0 (#1298)
• Additional commits viewable in compare view

Updates pre-commit from 4.3.0 to 4.4.0

Release notes

Sourced from pre-commit's releases.

pre-commit v4.4.0

Features

• Add --fail-fast option to pre-commit run.
  • #3528 PR by @​JulianMaurin.
• Upgrade ruby-build / rbenv.
  • #3566 PR by @​asottile.
  • #3565 issue by @​MRigal.
• Add language: unsupported / language: unsupported_script as aliases for language: system / language: script (which will eventually be deprecated).
  • #3577 PR by @​asottile.
• Add support docker-in-docker detection for cgroups v2.
  • #3535 PR by @​br-rhrbacek.
  • #3360 issue by @​JasonAlt.

Fixes

• Handle when docker gives SecurityOptions: null.
  • #3537 PR by @​asottile.
  • #3514 issue by @​jenstroeger.
• Fix error context for invalid stages in .pre-commit-config.yaml.
  • #3576 PR by @​asottile.

Changelog

Sourced from pre-commit's changelog.

4.4.0 - 2025-11-08

Features

• Add --fail-fast option to pre-commit run.
  • #3528 PR by @​JulianMaurin.
• Upgrade ruby-build / rbenv.
  • #3566 PR by @​asottile.
  • #3565 issue by @​MRigal.
• Add language: unsupported / language: unsupported_script as aliases for language: system / language: script (which will eventually be deprecated).
  • #3577 PR by @​asottile.
• Add support docker-in-docker detection for cgroups v2.
  • #3535 PR by @​br-rhrbacek.
  • #3360 issue by @​JasonAlt.

Fixes

• Handle when docker gives SecurityOptions: null.
  • #3537 PR by @​asottile.
  • #3514 issue by @​jenstroeger.
• Fix error context for invalid stages in .pre-commit-config.yaml.
  • #3576 PR by @​asottile.

Commits

• 17cf886 v4.4.0
• cb63a5c Merge pull request #3535 from br-rhrbacek/fix-cgroups
• f80801d Fix docker-in-docker detection for cgroups v2
• 9143fc3 Merge pull request #3577 from pre-commit/language-unsupported
• 725acc9 rename system and script languages to unsupported / unsupported_script
• 3815e2e Merge pull request #3576 from pre-commit/fix-stages-config-error
• aa2961c fix missing context in error for stages
• 46297f7 Merge pull request #3575 from pre-commit/rm-python3-hooks-repo
• 95eec75 rm python3_hooks_repo
• 5e4b354 Merge pull request #3574 from pre-commit/rm-hook-with-spaces-test
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.