Renovate: all non-major dependencies

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence	Type	Update
aio_pika	==9.5.8 → ==9.6.2			project.dependencies	minor
astral-sh/ruff-pre-commit	v0.15.2 → v0.15.10			repository	patch
astral-sh/uv	0.10.4 → 0.11.6			uses-with	minor
astral-sh/uv-pre-commit	0.10.4 → 0.11.6			repository	minor
azure-identity	==1.25.2 → ==1.25.3			project.dependencies	patch
click (changelog)	==8.3.1 → ==8.3.2			project.dependencies	patch
codecov/codecov-action	v5.5.2 → v5.5.4			action	patch
dicom-validator	==0.7.3 → ==0.8.1			project.dependencies	minor
fastapi (changelog)	==0.129.0 → ==0.135.3			project.dependencies	minor
ghcr.io/astral-sh/uv	0.10.4 → 0.11.6			final	minor
hypothesis (changelog)	==6.151.9 → ==6.151.12			project.dependencies	patch
mypy (changelog)	==1.19.1 → ==1.20.0			dependency-groups	minor
nibabel	==5.3.3 → ==5.4.2			dependency-groups	minor
pre-commit/mirrors-mypy	v1.19.1 → v1.20.0			repository	minor
pytest-check	==2.6.2 → ==2.8.0			dependency-groups	minor
python-jsonschema/check-jsonschema	0.36.2 → 0.37.1			repository	minor
sqlalchemy (changelog)	==2.0.46 → ==2.0.49			project.dependencies	patch
uvicorn (changelog)	==0.41.0 → ==0.44.0			project.dependencies	minor

Note: The pre-commit manager in Renovate is not supported by the pre-commit maintainers or community. Please do not report any problems there, instead create a Discussion in the Renovate repository if you have any questions.

---

Release Notes

mosquito/aio-pika (aio_pika)

v9.6.2

Compare Source

What's Changed

• Include license file in built distributions via project.license-files by @​julia-thorn in #​698

New Contributors

• @​julia-thorn made their first contribution in #​698

Full Changelog: mosquito/aio-pika@9.6.1...9.6.2

v9.6.1

Compare Source

What's Changed

• Migrate documentation from RST to Markdown (MyST) by @​mosquito in #​697
• Tests for #​669 by @​mosquito in #​691

Full Changelog: mosquito/aio-pika@9.6.0...9.6.1

v9.6.0

Compare Source

• Fixed callback-based consumers not resuming after connection reconnection #​588
• Fixed queue iterators raising StopAsyncIteration on channel reconnection #​540
• Added close_called property to AbstractConnection and Connection to distinguish intentional vs. automatic connection closures
• Migrated build tooling from Poetry to UV
• Migrated linting from Pylama to Ruff
• Improved logging: split log.exception calls into error-level message and debug-level traceback #​693
• Removed testcontainers dependency from tests

astral-sh/ruff-pre-commit (astral-sh/ruff-pre-commit)

v0.15.10

Compare Source

See: https://github.com/astral-sh/ruff/releases/tag/0.15.10

v0.15.9

Compare Source

See: https://github.com/astral-sh/ruff/releases/tag/0.15.9

v0.15.8

Compare Source

See: https://github.com/astral-sh/ruff/releases/tag/0.15.8

v0.15.7

Compare Source

See: https://github.com/astral-sh/ruff/releases/tag/0.15.7

v0.15.6

Compare Source

See: https://github.com/astral-sh/ruff/releases/tag/0.15.6

v0.15.5

Compare Source

See: https://github.com/astral-sh/ruff/releases/tag/0.15.5

v0.15.4

Compare Source

See: https://github.com/astral-sh/ruff/releases/tag/0.15.4

v0.15.3

Compare Source

See: https://github.com/astral-sh/ruff/releases/tag/0.15.3

astral-sh/uv (astral-sh/uv)

v0.11.6

Compare Source

Released on 2026-04-09.

Bug fixes

• Do not remove files outside the venv on uninstall (#​18942)
• Validate and heal wheel RECORD during installation (#​18943)
• Avoid uv cache clean errors due to Win32 path normalization (#​18856)

v0.11.5

Compare Source

Released on 2026-04-08.

Python

• Add CPython 3.13.13, 3.14.4, and 3.15.0a8 (#​18908)

Enhancements

• Fix build_system.requires error message (#​18911)
• Remove trailing path separators in path normalization (#​18915)
• Improve error messages for unsupported or invalid TLS certificates (#​18924)

Preview features

• Add exclude-newer to [[tool.uv.index]] (#​18839)
• uv audit: add context/warnings for ignored vulnerabilities (#​18905)

Bug fixes

• Normalize persisted fork markers before lock equality checks (#​18612)
• Clear junction properly when uninstalling Python versions on Windows (#​18815)
• Report error cleanly instead of panicking on TLS certificate error (#​18904)

Documentation

• Remove the legacy PIP_COMPATIBILITY.md redirect file (#​18928)
• Fix uv init example-bare --bare examples (#​18822, #​18925)

v0.11.4

Compare Source

Released on 2026-04-07.

Python

• Add CPython 3.13.13, 3.14.4, and 3.15.0a8 (#​18908)

Enhancements

• Add support for --upgrade-group (#​18266)
• Merge repeated archive URL hashes by version ID (#​18841)
• Require all direct URL hash algorithms to match (#​18842)

Bug fixes

• Avoid panics in environment finding via cycle detection (#​18828)
• Enforce direct URL hashes for pyproject.toml dependencies (#​18786)
• Error on --locked and --frozen when script lockfile is missing (#​18832)
• Fix uv export extra resolution for workspace member and conflicting extras (#​18888)
• Include conflicts defined in virtual workspace root (#​18886)
• Recompute relative exclude-newer values during uv tree --outdated (#​18899)
• Respect --exclude-newer in uv tool list --outdated (#​18861)
• Sort by comparator to break specifier ties (#​18850)
• Store relative timestamps in tool receipts (#​18901)
• Track newly-activated extras when determining conflicts (#​18852)
• Patch Cargo.lock in uv-build source distributions (#​18831)

Documentation

• Clarify that --exclude-newer compares artifact upload times (#​18830)

v0.11.3

Compare Source

Released on 2026-04-01.

Enhancements

• Add progress bar for hashing phase in uv publish (#​18752)
• Add support for ROCm 7.2 (#​18730)
• Emit abi3t tags for every abi3 version (#​18777)
• Expand uv workspace metadata with dependency information from the lock (#​18356)
• Implement support for PEP 803 (#​18767)
• Pretty-print platform in built wheel errors (#​18738)
• Publish installers to /installers/uv/latest on the mirror (#​18725)
• Show free-threaded Python in built-wheel errors (#​18740)

Preview features

• Add --ignore and --ignore-until-fixed to uv audit (#​18737)

Bug fixes

• Bump simple API cache (#​18797)
• Don't drop blake2b hashes (#​18794)
• Handle broken range request implementations (#​18780)
• Remove powerpc64-unknown-linux-gnu from release build targets (#​18800)
• Respect dependency metadata overrides in uv pip check (#​18742)
• Support debug CPython ABI tags in environment compatibility (#​18739)

Documentation

• Document false opt-out for exclude-newer-package (#​18768, #​18803)

v0.11.2

Compare Source

Released on 2026-03-26.

Enhancements

• Add a dedicated Windows PE editing error (#​18710)
• Make uv self update fetch the manifest from the mirror first (#​18679)
• Use uv reqwest client for self update (#​17982)
• Show uv self update success and failure messages with --quiet (#​18645)

Preview features

• Evaluate extras and groups when determining auditable packages (#​18511)

Bug fixes

• Skip redundant project configuration parsing for uv run (#​17890)

v0.11.1

Compare Source

Released on 2026-03-24.

Bug fixes

• Add missing hash verification for riscv64gc-unknown-linux-musl (#​18686)
• Fallback to direct download when direct URL streaming is unsupported (#​18688)
• Revert treating 'Dynamic' values as case-insensitive (#​18692)
• Remove torchdata from list of packages to source from the PyTorch index (#​18703)
• Special-case == Python version request ranges (#​9697)

Documentation

• Cover --python <dir> in "Using arbitrary Python environments" (#​6457)
• Fix version annotations for PS_MODULE_PATH and UV_WORKING_DIR (#​18691)

v0.11.0

Compare Source

Released on 2026-03-23.

Breaking changes

This release includes changes to the networking stack used by uv. While we think that breakage will be rare, it is possible that these changes will result in the rejection of certificates previously trusted by uv so we have marked the change as breaking out of an abundance of caution.

The changes are largely driven by the upgrade of reqwest, which powers uv's HTTP clients, to v0.13 which included some breaking changes to TLS certificate verification.

The following changes are included:

• rustls-platform-verifier is used instead of rustls-native-certs and webpki for certificate verification

  This change should have no effect unless you are using the native-tls option to enable reading system certificates.

  rustls-platform-verifier delegates to the system for certificate validation (e.g., Security.framework on macOS) instead of eagerly loading certificates from the system and verifying them via webpki. The effects of this change will vary based on the operating system. In general, uv's certificate validation should now be more consistent with browsers and other native applications. However, this is the most likely cause of breaking changes in this release. Some previously failing certificate chains may succeed, and some previously accepted certificate chains may fail. In either case, we expect the validation to be more correct and welcome reports of regressions.

  In particular, because more responsibility for validating the certificate is transferred to your system's security library, some features like CA constraints or revocation of certificates via OCSP and CRLs may now be used.

  This change should improve performance when using system certificate on macOS, as uv no longer needs to load all certificates from the keychain at startup.

• aws-lc is used instead of ring for a cryptography backend

  There should not be breaking changes from this change. We expect this to expand support for certificate signature algorithms.

• --native-tls is deprecated in favor of a new --system-certs flag

  The --native-tls flag is still usable and has identical behavior to --system-certs.

  This change was made to reduce confusion about the TLS implementation uv uses. uv always uses rustls not native-tls.

• Building uv on x86-64 and i686 Windows requires NASM

  NASM is required by aws-lc. If not found on the system, a prebuilt blob provided by aws-lc-sys will be used.

  If you are not building uv from source, this change has no effect.

  See the CONTRIBUTING guide for details.

• Empty SSL_CERT_FILE values are ignored (for consistency with SSL_CERT_DIR)

See #​18550 for details.

Python

• Enable frame pointers for improved profiling on Linux x86-64 and aarch64

See the python-build-standalone release notes for details.

Enhancements

• Treat 'Dynamic' values as case-insensitive (#​18669)
• Use a dedicated error for invalid cache control headers (#​18657)
• Enable checksum verification in the generated installer script (#​18625)

Preview features

• Add --service-format and --service-url to uv audit (#​18571)

Performance

• Avoid holding flat index lock across indexes (#​18659)

Bug fixes

• Find the dynamic linker on the file system when sniffing binaries fails (#​18457)
• Fix export of conflicting workspace members with dependencies (#​18666)
• Respect installed settings in uv tool list --outdated (#​18586)
• Treat paths originating as PEP 508 URLs which contain expanded variables as relative (#​18680)
• Fix uv export for workspace member packages with conflicts (#​18635)
• Continue to alternative authentication providers when the pyx store has no token (#​18425)
• Use redacted URLs for log messages in cached client (#​18599)

Documentation

• Add details on Linux versions to the platform policy (#​18574)
• Clarify FLASH_ATTENTION_SKIP_CUDA_BUILD guidance for flash-attn installs (#​18473)
• Split the dependency bots page into two separate pages (#​18597)
• Split the alternative indexes page into separate pages (#​18607)

v0.10.12

Compare Source

Released on 2026-03-19.

Python

• Add pypy 3.11.15 (#​18468)
• Add support for using Python 3.6 interpreters (#​18454)

Enhancements

• Include uv's target triple in version report (#​18520)
• Allow comma separated values in --no-emit-package (#​18565)

Preview features

• Show uv audit in the CLI help (#​18540)

Bug fixes

• Improve reporting of managed interpreter symlinks in uv python list (#​18459)
• Preserve end-of-line comments on previous entries when removing dependencies (#​18557)
• Treat abi3 wheel Python version as a lower bound (#​18536)
• Detect hard-float support on aarch64 kernels running armv7 userspace (#​18530)

Documentation

• Add Python 3.15 to supported versions (#​18552)
• Adjust the PyPy note (#​18548)
• Move Pyodide to Tier 2 in the Python support policy (#​18561)
• Move Rust and Python version support out of the Platform support policy (#​18535)
• Update Docker guide with changes from uv-docker-example (#​18558)
• Update the Python version policy (#​18559)

v0.10.11

Compare Source

Released on 2026-03-16.

Enhancements

• Fetch Ruff release metadata from an Astral mirror (#​18358)
• Use PEP 639 license metadata for uv itself (#​16477)

Performance

• Improve distribution id performance (#​18486)

Bug fixes

• Allow --project to refer to a pyproject.toml directly and reduce to a warning on other files (#​18513)
• Disable SYSTEM_VERSION_COMPAT when querying interpreters on macOS (#​18452)
• Enforce available distributions for supported environments (#​18451)
• Fix uv sync --active recreating active environments when UV_PYTHON_INSTALL_DIR is relative (#​18398)

Documentation

• Add missing -o requirements.txt in uv pip compile example (#​12308)
• Link to organization security policy (#​18449)
• Link to the AI policy in the contributing guide (#​18448)

v0.10.10

Compare Source

Released on 2026-03-13.

Python

• Add CPython 3.15.0a7 (#​18403)

Enhancements

• Add --outdated flag to uv tool list (#​18318)
• Add riscv64 musl target to build-release-binaries workflow (#​18228)
• Fetch Ruff from an Astral mirror (#​18286)
• Improve error handling for platform detection in Python downloads (#​18453)
• Warn if --project directory does not exist (#​17714)
• Warn when workspace member scripts are skipped due to missing build system (#​18389)
• Update build backend versions used in uv init (#​18417)
• Log explicit config file path in verbose output (#​18353)
• Make uv cache clear an alias of uv cache clean (#​18420)
• Reject invalid classifiers, warn on license classifiers in uv_build (#​18419)

Preview features

• Add links to uv audit output (#​18392)
• Output/report formatting for uv audit (#​18193)
• Switch to batched OSV queries for uv audit (#​18394)

Bug fixes

• Avoid sharing version metadata across indexes (#​18373)
• Bump zlib-rs to 0.6.2 to fix panic on decompression of large wheels on Windows (#​18362)
• Filter out unsupported environment wheels (#​18445)
• Preserve absolute/relative paths in lockfiles (#​18176)
• Recreate Python environments under uv tool install --force (#​18399)
• Respect timestamp and other cache keys in cached environments (#​18396)
• Simplify selected extra markers in uv export (#​18433)
• Send pyx mint-token requests with a proper Content-Type (#​18334)
• Fix Windows operating system and version reporting (#​18383)

Documentation

• Update the platform support policy with a tier 3 section including freebsd and 32-bit windows (#​18345)

v0.10.9

Compare Source

Released on 2026-03-06.

Enhancements

• Add fbgemm-gpu, fbgemm-gpu-genai, torchrec, and torchtune to the PyTorch list (#​18338)
• Add torchcodec to PyTorch List (#​18336)
• Log the duration we took before erroring (#​18231)
• Warn when using uv_build settings without uv_build (#​15750)
• Add fallback to /usr/lib/os-release on Linux system lookup failure (#​18349)
• Use cargo auditable to include SBOM in uv builds (#​18276)

Configuration

• Add an environment variable for UV_VENV_RELOCATABLE (#​18331)

Performance

• Avoid toml Document overhead (#​18306)
• Use a single global workspace cache (#​18307)

Bug fixes

• Continue on trampoline job assignment failures (#​18291)
• Handle the hard link limit gracefully instead of failing (#​17699)
• Respect build constraints for workspace members (#​18350)
• Revalidate editables and other dependencies in scripts (#​18328)
• Support Python 3.13+ on Android (#​18301)
• Support cp3-none-any (#​17064)
• Skip tool environments with broken links to Python on Windows (#​17176)

Documentation

• Add documentation for common marker values (#​18327)
• Improve documentation on virtual dependencies (#​18346)

v0.10.8

Compare Source

Released on 2026-03-03.

Python

• Add CPython 3.10.20
• Add CPython 3.11.15
• Add CPython 3.12.13

Enhancements

• Add Docker images based on Docker Hardened Images (#​18247)
• Add resolver hint when --exclude-newer filters out all versions of a package (#​18217)
• Configure a real retry minimum delay of 1s (#​18201)
• Expand uv_build direct build compatibility (#​17902)
• Fetch CPython from an Astral mirror by default (#​18207)
• Download uv releases from an Astral mirror in installers by default (#​18191)
• Add SBOM attestations to Docker images (#​18252)
• Improve hint for installing meson-python when missing as build backend (#​15826)

Configuration

• Add UV_INIT_BARE environment variable for uv init (#​18210)

Bug fixes

• Prevent uv tool upgrade from installing excluded dependencies (#​18022)
• Promote authentication policy when saving tool receipts (#​18246)
• Respect exclusions in scripts (#​18269)
• Retain default-branch Git SHAs in pylock.toml files (#​18227)
• Skip installed Python check for URL dependencies (#​18211)
• Respect constraints during --upgrade (#​18226)
• Fix uv tree orphaned roots and premature deduplication (#​17212)

Documentation

• Mention cooldown and tweak inline script metadata in dependency bots documentation (#​18230)
• Move cache prune in GitLab to after_script (#​18206)

v0.10.7

Compare Source

Released on 2026-02-27.

Bug fixes

• Fix handling of junctions in Windows Containers on Windows (#​18192)

Enhancements

• Activate logging for middleware retries (#​18200)
• Upload uv releases to a mirror (#​18159)

v0.10.6

Compare Source

Released on 2026-02-24.

Bug fixes

• Apply lockfile marker normalization for fork markers (#​18116)
• Fix Python version selection for scripts with a requires-python conflicting with .python-version (#​18097)
• Preserve file permissions when using reflinks on Linux (#​18187)

Documentation

• Remove verbose documentation from optional dependencies help text (#​18180)

v0.10.5

Compare Source

Released on 2026-02-23.

Enhancements

• Add hint when named index is found in a parent config file (#​18087)
• Add warning for uv lock --frozen (#​17859)
• Attempt to use reflinks by default on Linux (#​18117)
• Fallback to hardlinks after reflink failure before copying (#​18104)
• Filter pylock.toml wheels by tags and requires-python (#​18081)
• Validate wheel filenames are normalized during uv publish (#​17783)
• Fix message when exclude-newer invalidates the lock file (#​18100)
• Change the missing files log level to debug (#​18075)

Performance

• Improve performance of repeated conflicts with an extra (#​18094)

Bug fixes

• Fix --no-emit-workspace with --all-packages on single-member workspaces (#​18098)
• Fix UV_NO_DEFAULT_GROUPS rejecting truthy values like 1 (#​18057)
• Fix iOS detection (#​17973)
• Propagate project-level conflicts to package extras (#​18096)
• Use a global build concurrency semaphore (#​18054)

Documentation

• Update documentation heading for environment variable files (#​18122)
• Fix comment about uv export formats (#​17900)
• Make it clear that Windows is supported in user- and system- level configuration docs (#​18106)

astral-sh/uv-pre-commit (astral-sh/uv-pre-commit)

v0.11.6

Compare Source

See: https://github.com/astral-sh/uv/releases/tag/0.11.6

v0.11.5

Compare Source

See: https://github.com/astral-sh/uv/releases/tag/0.11.5

v0.11.4

Compare Source

See: https://github.com/astral-sh/uv/releases/tag/0.11.4

v0.11.3

Compare Source

See: https://github.com/astral-sh/uv/releases/tag/0.11.3

v0.11.2

Compare Source

See: https://github.com/astral-sh/uv/releases/tag/0.11.2

v0.11.1

Compare Source

See: https://github.com/astral-sh/uv/releases/tag/0.11.1

v0.11.0

Compare Source

See: https://github.com/astral-sh/uv/releases/tag/0.11.0

v0.10.12

Compare Source

See: https://github.com/astral-sh/uv/releases/tag/0.10.12

v0.10.11

Compare Source

See: https://github.com/astral-sh/uv/releases/tag/0.10.11

v0.10.10

Compare Source

See: https://github.com/astral-sh/uv/releases/tag/0.10.10

v0.10.9

Compare Source

See: https://github.com/astral-sh/uv/releases/tag/0.10.9

v0.10.8

Compare Source

See: https://github.com/astral-sh/uv/releases/tag/0.10.8

v0.10.7

Compare Source

See: https://github.com/astral-sh/uv/releases/tag/0.10.7

v0.10.6

Compare Source

See: https://github.com/astral-sh/uv/releases/tag/0.10.6

v0.10.5

Compare Source

See: https://github.com/astral-sh/uv/releases/tag/0.10.5

Azure/azure-sdk-for-python (azure-identity)

v1.25.3

Compare Source

1.25.3 (2026-03-12)

Bugs Fixed

• Fixed an issue where an expired token could skip refresh when a recent token request was made, due to the retry delay taking precedence over expiration. (#​45496)

Other Changes

• Bumped minimum dependency on msal to >=1.35.1.

pallets/click (click)

v8.3.2

Compare Source

Released 2026-04-02

• Fix handling of flag_value when is_flag=False to allow such options to be
  used without an explicit value. :issue:3084 :pr:3152
• Hide Sentinel.UNSET values as None when using lookup_default().
  :issue:3136 :pr:3199 :pr:3202 :pr:3209 :pr:3212 :pr:3224
• Prevent _NamedTextIOWrapper from closing streams owned by StreamMixer.
  :issue:824 :issue:2991 :issue:2993 :issue:3110 :pr:3139 :pr:3140
• Add comprehensive tests for CliRunner stream lifecycle, covering
  logging interaction, multi-threaded safety, and sequential invocation
  isolation. Add high-iteration stress tests behind a stress marker
  with a dedicated CI job. :pr:3139
• Fix callable flag_value being instantiated when used as a default via
  default=True. :issue:3121 :pr:3201 :pr:3213 :pr:3225

codecov/codecov-action (codecov/codecov-action)

v5.5.4

Compare Source

This is a mirror of v5.5.2. v6 will be released which requires node24

What's Changed

• Revert "build(deps): bump actions/github-script from 7.0.1 to 8.0.0" by @​thomasrockhu-codecov in #​1926
• chore(release): 5.5.4 by @​thomasrockhu-codecov in #​1927

Full Changelog: codecov/codecov-action@v5.5.3...v5.5.4

v5.5.3

Compare Source

What's Changed

• build(deps): bump actions/github-script from 7.0.1 to 8.0.0 by @​dependabot[bot] in #​1874
• chore(release): bump to 5.5.3 by @​thomasrockhu-codecov in #​1922

Full Changelog: codecov/codecov-action@v5.5.2...v5.5.3

pydicom/dicom-validator (dicom-validator)

v0.8.1

Compare Source

Fixes bug in handling "shall not be present" condition.

Fixes

• tags with a non-fulfilled "shall not be present if" condition have been incorrectly
  shown as erroneous (see #​258)

Infrastructure

• updated the tests for current DICOM version 2026b

v0.8.0

Compare Source

Reworked result handling, allowed and documented using the validator programmatically.

Changes

• removed support for Python 3.9
• added typing to production code
• the result dictionary generated by IODValidator.validate() has changed to an instance
  of ValidationResult, and the log messages in the result have been replaced by error codes
• changed --revision to --edition to conform to DICOM vocabulary, deprecated
  --revision; also renamed revision to edition elsewhere in function names
• logging the errors has been decoupled from validation via an error handler argument
• do not count non-DICOM files as errors, if not using --force-read

Features

• added better support for using the validator programmatically
• added support for conditional enum values

Fixes

• tags not allowed in multi-frame functional groups have been listed
  as errors twice (see #​196)
• fixed handling of enum values for a specific tag
• fixed handling of multiple definitions for referenced enum values
• fixed handling of conditions in functional groups (see #​226)
• fixed crash when looking up tags in functional groups with lazily-decoded DICOM files
• fixed error count for functional groups

Documentation

• added initial documentation on ReadTheDocs, including API documentation

Infrastructure

• added Python 3.14 to the CI

fastapi/fastapi (fastapi)

v0.135.3

Compare Source

Features

• ✨ Add support for @app.vibe(). PR #​15280 by @​tiangolo.
  • New docs: Vibe Coding.

Docs

• ✏️ Fix typo for client_secret in OAuth2 form docstrings. PR #​14946 by @​bysiber.

Internal

• 👥 Update FastAPI People - Experts. PR #​15279 by @​tiangolo.
• ⬆ Bump orjson from 3.11.7 to 3.11.8. PR #​15276 by @​dependabot[bot].
• ⬆ Bump ruff from 0.15.0 to 0.15.8. PR #​15277 by @​dependabot[bot].
• 👥 Update FastAPI GitHub topic repositories. PR #​15274 by @​tiangolo.
• ⬆ Bump fastmcp from 2.14.5 to 3.2.0. PR #​15267 by @​dependabot[bot].
• 👥 Update FastAPI People - Contributors and Translators. PR #​15270 by @​tiangolo.
• ⬆ Bump requests from 2.32.5 to 2.33.0. PR #​15228 by @​dependabot[bot].
• 👷 Add ty check to lint.sh. PR #​15136 by @​svlandeg.

v0.135.2

Compare Source

Upgrades

• ⬆️ Increase lower bound to pydantic >=2.9.0. and fix the test suite. PR #​15139 by @​svlandeg.

Docs

• 📝 Add missing last release notes dates. PR #​15202 by @​tiangolo.
• 📝 Update docs for contributors and team members regarding translation PRs. PR #​15200 by @​YuriiMotov.
• 💄 Fix code blocks in reference docs overflowing table width. PR #​15094 by @​YuriiMotov.
• 📝 Fix duplicated words in docstrings. PR #​15116 by @​AhsanSheraz.
• 📝 Add docs for pyproject.toml with entrypoint. PR #​15075 by @​tiangolo.
• 📝 Update links in docs to no longer use the classes external-link and internal-link. PR #​15061 by @​tiangolo.
• 🔨 Add JS and CSS handling for automatic target=_blank for links in docs. PR #​15063 by @​tiangolo.
• 💄 Update styles for internal and external links in new tab. PR #​15058 by @​tiangolo.
• 📝 Add documentation for the FastAPI VS Code extension. PR #​15008 by @​savannahostrowski.
• 📝 Fix doctrings for max_digits and decimal_places. PR #​14944 by @​YuriiMotov.
• 📝 Add dates to release notes. PR #​15001 by @​YuriiMotov.

Translations

• 🌐 Update translations for zh (update-outdated). PR #​15177 by @​tiangolo.
• 🌐 Update tran

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • Between 12:00 AM and 03:59 AM, on day 1 of the month (* 0-3 1 * *)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

⚠️ Artifact update problem

Renovate failed to update artifacts related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: uv.lock

Command failed: uv lock --upgrade-package click
Using CPython 3.14.4 interpreter at: /opt/containerbase/tools/python/3.14.4/bin/python3
  × No solution found when resolving dependencies for split (markers:
  │ python_full_version == '3.11.*'):
  ╰─▶ Because dicom-validator==0.8.1 depends on pydicom>=3.0 and pixl-dcmd
      depends on dicom-validator==0.8.1, we can conclude that pixl-dcmd
      depends on pydicom>=3.0.
      And because pixl-dcmd depends on pydicom==2.4.4 and your workspace
      requires pixl-dcmd[dev], we can conclude that your workspace's
      requirements are unsatisfiable.

      hint: While the active Python version is 3.14, the resolution failed for
      other Python versions supported by your project. Consider limiting your
      project's supported Python versions using `requires-python`.

File name: uv.lock

Command failed: uv lock --upgrade-package azure-identity --upgrade-package fastapi --upgrade-package hypothesis --upgrade-package uvicorn
Using CPython 3.14.4 interpreter at: /opt/containerbase/tools/python/3.14.4/bin/python3
  × No solution found when resolving dependencies for split (markers:
  │ python_full_version == '3.11.*'):
  ╰─▶ Because dicom-validator==0.8.1 depends on pydicom>=3.0 and pixl-dcmd
      depends on dicom-validator==0.8.1, we can conclude that pixl-dcmd
      depends on pydicom>=3.0.
      And because pixl-dcmd depends on pydicom==2.4.4 and your workspace
      requires pixl-dcmd[dev], we can conclude that your workspace's
      requirements are unsatisfiable.

      hint: While the active Python version is 3.14, the resolution failed for
      other Python versions supported by your project. Consider limiting your
      project's supported Python versions using `requires-python`.

File name: uv.lock

Command failed: uv lock --upgrade-package aio-pika --upgrade-package azure-identity --upgrade-package fastapi --upgrade-package sqlalchemy
Using CPython 3.14.4 interpreter at: /opt/containerbase/tools/python/3.14.4/bin/python3
  × No solution found when resolving dependencies for split (markers:
  │ python_full_version == '3.11.*'):
  ╰─▶ Because dicom-validator==0.8.1 depends on pydicom>=3.0 and pixl-dcmd
      depends on dicom-validator==0.8.1, we can conclude that pixl-dcmd
      depends on pydicom>=3.0.
      And because pixl-dcmd depends on pydicom==2.4.4 and your workspace
      requires pixl-dcmd[dev], we can conclude that your workspace's
      requirements are unsatisfiable.

      hint: While the active Python version is 3.14, the resolution failed for
      other Python versions supported by your project. Consider limiting your
      project's supported Python versions using `requires-python`.

File name: uv.lock

Command failed: uv lock --upgrade-package dicom-validator
Using CPython 3.14.4 interpreter at: /opt/containerbase/tools/python/3.14.4/bin/python3
  × No solution found when resolving dependencies for split (markers:
  │ python_full_version == '3.11.*'):
  ╰─▶ Because dicom-validator==0.8.1 depends on pydicom>=3.0 and pixl-dcmd
      depends on dicom-validator==0.8.1, we can conclude that pixl-dcmd
      depends on pydicom>=3.0.
      And because pixl-dcmd depends on pydicom==2.4.4 and your workspace
      requires pixl-dcmd[dev], we can conclude that your workspace's
      requirements are unsatisfiable.

      hint: While the active Python version is 3.14, the resolution failed for
      other Python versions supported by your project. Consider limiting your
      project's supported Python versions using `requires-python`.

File name: uv.lock

Command failed: uv lock --upgrade-package uvicorn
Using CPython 3.14.4 interpreter at: /opt/containerbase/tools/python/3.14.4/bin/python3
  × No solution found when resolving dependencies for split (markers:
  │ python_full_version == '3.11.*'):
  ╰─▶ Because dicom-validator==0.8.1 depends on pydicom>=3.0 and pixl-dcmd
      depends on dicom-validator==0.8.1, we can conclude that pixl-dcmd
      depends on pydicom>=3.0.
      And because pixl-dcmd depends on pydicom==2.4.4 and your workspace
      requires pixl-dcmd[dev], we can conclude that your workspace's
      requirements are unsatisfiable.

      hint: While the active Python version is 3.14, the resolution failed for
      other Python versions supported by your project. Consider limiting your
      project's supported Python versions using `requires-python`.

File name: uv.lock

Command failed: uv lock --upgrade-package uvicorn
Using CPython 3.14.4 interpreter at: /opt/containerbase/tools/python/3.14.4/bin/python3
  × No solution found when resolving dependencies for split (markers:
  │ python_full_version == '3.11.*'):
  ╰─▶ Because dicom-validator==0.8.1 depends on pydicom>=3.0 and pixl-dcmd
      depends on dicom-validator==0.8.1, we can conclude that pixl-dcmd
      depends on pydicom>=3.0.
      And because pixl-dcmd depends on pydicom==2.4.4 and your workspace
      requires pixl-dcmd[dev], we can conclude that your workspace's
      requirements are unsatisfiable.

      hint: While the active Python version is 3.14, the resolution failed for
      other Python versions supported by your project. Consider limiting your
      project's supported Python versions using `requires-python`.

File name: uv.lock

Command failed: uv lock --upgrade-package mypy --upgrade-package nibabel --upgrade-package pytest-check
Using CPython 3.14.4 interpreter at: /opt/containerbase/tools/python/3.14.4/bin/python3
  × No solution found when resolving dependencies for split (markers:
  │ python_full_version == '3.11.*'):
  ╰─▶ Because dicom-validator==0.8.1 depends on pydicom>=3.0 and pixl-dcmd
      depends on dicom-validator==0.8.1, we can conclude that pixl-dcmd
      depends on pydicom>=3.0.
      And because pixl-dcmd depends on pydicom==2.4.4 and your workspace
      requires pixl-dcmd[dev], we can conclude that your workspace's
      requirements are unsatisfiable.

      hint: While the active Python version is 3.14, the resolution failed for
      other Python versions supported by your project. Consider limiting your
      project's supported Python versions using `requires-python`.

[milanmlft]

Can't bump pydicom to >=3.0.0 because xnat depends on pydicom<3.

[renovate]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 87.54%. Comparing base (5a9fd57) to head (c3623f3).

Additional details and impacted files

@@             Coverage Diff             @@
##             main     #625       +/-   ##
===========================================
+ Coverage   58.05%   87.54%   +29.49%     
===========================================
  Files          31       77       +46     
  Lines        1235     3694     +2459     
===========================================
+ Hits          717     3234     +2517     
+ Misses        518      460       -58     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.