Skip to content

chore(deps): bump the production-dependencies group across 1 directory with 9 updates#143

Open
dependabot[bot] wants to merge 1 commit intostagingfrom
dependabot/pip/staging/production-dependencies-0c9b388de7
Open

chore(deps): bump the production-dependencies group across 1 directory with 9 updates#143
dependabot[bot] wants to merge 1 commit intostagingfrom
dependabot/pip/staging/production-dependencies-0c9b388de7

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 13, 2026

Bumps the production-dependencies group with 9 updates in the / directory:

Package From To
fastapi 0.132.0 0.135.3
grpcio 1.78.1 1.80.0
grpcio-testing 1.78.1 1.80.0
grpcio-tools 1.78.1 1.80.0
phonenumbers 9.0.24 9.0.28
requests 2.32.5 2.33.1
sentry-sdk 2.53.0 2.58.0
twilio 9.10.2 9.10.4
pytest 9.0.2 9.0.3

Updates fastapi from 0.132.0 to 0.135.3

Release notes

Sourced from fastapi's releases.

0.135.3

Features

Docs

  • ✏️ Fix typo for client_secret in OAuth2 form docstrings. PR #14946 by @​bysiber.

Internal

0.135.2

Upgrades

  • ⬆️ Increase lower bound to pydantic >=2.9.0. and fix the test suite. PR #15139 by @​svlandeg.

Docs

Translations

... (truncated)

Commits

Updates grpcio from 1.78.1 to 1.80.0

Release notes

Sourced from grpcio's releases.

Release v1.80.0

This is release 1.80.0 (glimmering) of gRPC Core.

For gRPC documentation, see grpc.io. For previous releases, see Releases.

This release contains refinements, improvements, and bug fixes, with highlights listed below.

Core

  • [ssl] Implement TLS private key signer in Python. (#41701)
  • [TLS Credentials]: Private Key Offload Implementation. (#41606)
  • Fix max sockaddr struct size on OpenBSD. (#40454)
  • [core] Enable EventEngine for Python by default, and EventEngine fork support in Python and Ruby. (#41432)
  • [TLS Credentials]: Create InMemoryCertificateProvider to update certificates independently. (#41484)
  • [Ruby] Build/test ruby 4.0 and build native gems with Ruby 4.0 support. (#41324)
  • [EventEngine] Remove an incorrect std::move in DNSServiceResolver constructor. (#41502)
  • [RR and WRR] enable change to connect from a random index. (#41472)
  • [xds] Implement gRFC A101. (#41051)

C++

  • [C++] Add SNI override option to C++ channel credentials options API. (#41460)

C#

  • [C# tools] Option to append Async to server side method names #39010. (#39797)

Objective-C

  • [Fix][Compiler] Plugins fall back to the edition 2023 for older protobuf. (#41357)

PHP

  • [PHP] Disable php infinite recursion check for callback from Core to PHP. (#41835)
  • [PHP] Fix runtime error with PHp8.5 alpha because zend_exception_get_defaul…. (#40337)

Python

  • [Python] Fix GRPC_TRACE not working when absl log initialized in cython. (#41814)
  • Revert "[Python] Align GRPC_ENABLE_FORK_SUPPORT env defaults in core and python (#41455)". (#41769)
  • [Python] Fix AsyncIO Server maximum_concurrent_rpcs enforcement preventing negative active_rpcs count. (#41532)
  • [Python] Docs: correct grpc.Compression references. (#41705)
  • [Python] [Typeguard] Part 4 - Add Typeguard to AIO stack in tests . (#40226)

... (truncated)

Commits
  • f5e2d6e [Release] Bump version to 1.80.0 (on v1.80.x branch) (#41857)
  • 938cfec [subchannel connection scaling] fix when we reset backoff (#41935)
  • 91778be [Backport][v1.80.x][Python] New _create method for aio.Metadata (#41888)
  • f10b9f2 [bzlmod] upgrade rules_swift to avoid BCR CI breakage on Windows with bazel 7...
  • be4c1c5 [subchannel] fix crash in connection scaling code (#41853)
  • a71df73 [Release] Bump version to 1.80.0-pre1 (on v1.80.x branch) (#41844)
  • 3ca09e4 [Python] Fix GRPC_TRACE and add test to check the GRPC_TRACE logs print (#41814)
  • 260c6fd [PHP] Disable php infinite recursion check for callback from Core to PHP (#41...
  • 50957c5 [Flakiness] Delete flaky iomgr fd_conservation_posix_test and create an Event...
  • e1e1d0a [Bzlmod] Turn off bzlmod for PSM python tests. (#41810)
  • Additional commits viewable in compare view

Updates grpcio-testing from 1.78.1 to 1.80.0

Updates grpcio-tools from 1.78.1 to 1.80.0

Release notes

Sourced from grpcio-tools's releases.

Release v1.80.0

This is release 1.80.0 (glimmering) of gRPC Core.

For gRPC documentation, see grpc.io. For previous releases, see Releases.

This release contains refinements, improvements, and bug fixes, with highlights listed below.

Core

  • [ssl] Implement TLS private key signer in Python. (#41701)
  • [TLS Credentials]: Private Key Offload Implementation. (#41606)
  • Fix max sockaddr struct size on OpenBSD. (#40454)
  • [core] Enable EventEngine for Python by default, and EventEngine fork support in Python and Ruby. (#41432)
  • [TLS Credentials]: Create InMemoryCertificateProvider to update certificates independently. (#41484)
  • [Ruby] Build/test ruby 4.0 and build native gems with Ruby 4.0 support. (#41324)
  • [EventEngine] Remove an incorrect std::move in DNSServiceResolver constructor. (#41502)
  • [RR and WRR] enable change to connect from a random index. (#41472)
  • [xds] Implement gRFC A101. (#41051)

C++

  • [C++] Add SNI override option to C++ channel credentials options API. (#41460)

C#

  • [C# tools] Option to append Async to server side method names #39010. (#39797)

Objective-C

  • [Fix][Compiler] Plugins fall back to the edition 2023 for older protobuf. (#41357)

PHP

  • [PHP] Disable php infinite recursion check for callback from Core to PHP. (#41835)
  • [PHP] Fix runtime error with PHp8.5 alpha because zend_exception_get_defaul…. (#40337)

Python

  • [Python] Fix GRPC_TRACE not working when absl log initialized in cython. (#41814)
  • Revert "[Python] Align GRPC_ENABLE_FORK_SUPPORT env defaults in core and python (#41455)". (#41769)
  • [Python] Fix AsyncIO Server maximum_concurrent_rpcs enforcement preventing negative active_rpcs count. (#41532)
  • [Python] Docs: correct grpc.Compression references. (#41705)
  • [Python] [Typeguard] Part 4 - Add Typeguard to AIO stack in tests . (#40226)

... (truncated)

Commits
  • f5e2d6e [Release] Bump version to 1.80.0 (on v1.80.x branch) (#41857)
  • a71df73 [Release] Bump version to 1.80.0-pre1 (on v1.80.x branch) (#41844)
  • 1299baa [Python] Add language features to exported proto files (#41501)
  • 522dbbb [Release] Bump version to 1.79.0-dev (on master branch) (#41291)
  • See full diff in compare view

Updates phonenumbers from 9.0.24 to 9.0.28

Commits
  • 6e7a12a Prep for 9.0.28 release
  • ff287ef Merge code changes from upstream 9.0.28
  • 665a4a7 Generated files for metadata
  • 57d319d Merge metadata changes from upstream 9.0.28
  • 3b082bf Prep for 9.0.27 release
  • c496532 Generated files for metadata
  • ee29e85 Merge metadata changes from upstream 9.0.27
  • 07e2c75 Prep for 9.0.26 release
  • 55522da Generated files for metadata
  • 8ca762b Merge metadata changes from upstream 9.0.26
  • Additional commits viewable in compare view

Updates requests from 2.32.5 to 2.33.1

Release notes

Sourced from requests's releases.

v2.33.1

2.33.1 (2026-03-30)

Bugfixes

  • Fixed test cleanup for CVE-2026-25645 to avoid leaving unnecessary files in the tmp directory. (#7305)
  • Fixed Content-Type header parsing for malformed values. (#7309)
  • Improved error consistency for malformed header values. (#7308)

New Contributors

Full Changelog: https://github.com/psf/requests/blob/main/HISTORY.md#2331-2026-03-30

v2.33.0

2.33.0 (2026-03-25)

Announcements

  • 📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at #7271. Give it a try, and report any gaps or feedback you may have in the issue. 📣

Security

  • CVE-2026-25645 requests.utils.extract_zipped_paths now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.

Improvements

  • Migrated to a PEP 517 build system using setuptools. (#7012)

Bugfixes

  • Fixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+. (#7205)

Deprecations

  • Dropped support for Python 3.9 following its end of support. (#7196)

Documentation

  • Various typo fixes and doc improvements.

New Contributors

Full Changelog: https://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25

Changelog

Sourced from requests's changelog.

2.33.1 (2026-03-30)

Bugfixes

  • Fixed test cleanup for CVE-2026-25645 to avoid leaving unnecessary files in the tmp directory. (#7305)
  • Fixed Content-Type header parsing for malformed values. (#7309)
  • Improved error consistency for malformed header values. (#7308)

2.33.0 (2026-03-25)

Announcements

  • 📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at #7271. Give it a try, and report any gaps or feedback you may have in the issue. 📣

Security

  • CVE-2026-25645 requests.utils.extract_zipped_paths now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.

Improvements

  • Migrated to a PEP 517 build system using setuptools. (#7012)

Bugfixes

  • Fixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+. (#7205)

Deprecations

  • Dropped support for Python 3.9 following its end of support. (#7196)

Documentation

  • Various typo fixes and doc improvements.
Commits

Updates sentry-sdk from 2.53.0 to 2.58.0

Release notes

Sourced from sentry-sdk's releases.

2.58.0

New Features ✨

Bug Fixes 🐛

Anthropic

Pydantic Ai

Other

Internal Changes 🔧

Litellm

Other

Other

... (truncated)

Changelog

Sourced from sentry-sdk's changelog.

2.58.0

New Features ✨

Bug Fixes 🐛

Anthropic

Pydantic Ai

Other

Internal Changes 🔧

Litellm

Other

Other

... (truncated)

Commits
  • ce445d9 release: 2.58.0
  • c0c0e9c feat(litellm): Add async callbacks (#5969)
  • ea74b63 test(litellm): Replace mocks with httpx types in rate-limit test (#5975)
  • 06ed1bc test(litellm): Replace mocks with httpx types in embedding tests (#5970)
  • 66ef2e6 test(litellm): Replace mocks with httpx types in nonstreaming `completion()...
  • 96ebbf6 fix(litellm): Avoid double span exits when streaming (#5933)
  • 7e22b5d build(deps): bump actions/github-script from 8.0.0 to 9.0.0 (#5979)
  • 35151a9 build(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 (#5980)
  • d1c5b53 build(deps): bump actions/create-github-app-token from 3.0.0 to 3.1.1 (#5981)
  • e255aaf build(deps): bump getsentry/testing-ai-sdk-integrations from 6b1f51ec8af03e19...
  • Additional commits viewable in compare view

Updates twilio from 9.10.2 to 9.10.4

Release notes

Sourced from twilio's releases.

9.10.4

Release Notes

Data-ingress

  • API Changes

  • 2026-03-23

  • Added stage-us1 to supportedRealms for all endpoints

  • 2026-03-20

  • Content updates:
  • Removed estimatedCompletionTime from LongRunningOperationResponse
  • Moved operationId from LongRunningOperationResponse to headers

  • 2026-03-18

  • Added 1 new path(s):
  • /v1/ControlPlane/Operations/{OperationId} (GetControlPlaneOperationStatus)

  • 2026-03-11

  • Minor updates (formatting, metadata)

  • 2026-03-11

  • Minor updates (formatting, metadata)

  • 2026-03-11

  • Minor updates (formatting, metadata)

  • 2026-03-11

  • Minor updates (formatting, metadata)

  • 2026-03-11

  • Minor updates (formatting, metadata)

  • 2026-03-05

  • Initial release with 10 paths and 22 operations

Memory

  • 2026-03-19

  • Added 1 new path(s):
  • /v1/ControlPlane/Operations/{operationId} (FetchOperation)

  • 2026-03-11

  • Minor updates (formatting, metadata)

Docs

9.10.3

Release Notes

Twiml

  • Rename recording_configuration to recording_configuration_id attribute in <Conference>, <Dial>, <Record> verbs and <Recording> noun

Ace

  • ACE Signals API Changes

  • 2026-02-18

  • Initial release: POST /signals, GET/POST /signals/{signal_id}/results, GET /health
  • Enables OneAdmin integration for synchronous signal ingestion and policy result polling
  • Supports permission-based authorization for signal operations
  • Health endpoint available for monitoring without authentication

... (truncated)

Changelog

Sourced from twilio's changelog.

[2026-03-24] Version 9.10.4

Data-ingress

  • API Changes

  • 2026-03-23

  • Added stage-us1 to supportedRealms for all endpoints

  • 2026-03-20

  • Content updates:
  • Removed estimatedCompletionTime from LongRunningOperationResponse
  • Moved operationId from LongRunningOperationResponse to headers

  • 2026-03-18

  • Added 1 new path(s):
  • /v1/ControlPlane/Operations/{OperationId} (GetControlPlaneOperationStatus)

  • 2026-03-11

  • Minor updates (formatting, metadata)

  • 2026-03-11

  • Minor updates (formatting, metadata)

  • 2026-03-11

  • Minor updates (formatting, metadata)

  • 2026-03-11

  • Minor updates (formatting, metadata)

  • 2026-03-11

  • Minor updates (formatting, metadata)

  • 2026-03-05

  • Initial release with 10 paths and 22 operations

Memory

  • 2026-03-19

  • Added 1 new path(s):
  • /v1/ControlPlane/Operations/{operationId} (FetchOperation)

  • 2026-03-11

  • Minor updates (formatting, metadata)

[2026-03-10] Version 9.10.3

Twiml

  • Rename recording_configuration to recording_configuration_id attribute in <Conference>, <Dial>, <Record> verbs and <Recording> noun

Ace

  • ACE Signals API Changes

  • 2026-02-18

  • Initial release: POST /signals, GET/POST /signals/{signal_id}/results, GET /health
  • Enables OneAdmin integration for synchronous signal ingestion and policy result polling
  • Supports permission-based authorization for signal operations
  • Health endpoint available for monitoring without authentication

Api

  • Added optional parameter Confirmation to Payments create endpoint to enable payment confirmation prompt before gateway submission
  • Added optional parameter RequireMatchingInputs to Payments create endpoint for input confirmation in agent-assisted payment flows

... (truncated)

Commits
  • a3ea20d Release 9.10.4
  • 09318f2 [Librarian] Regenerated @ 6e3b90a45885c596ade6b11ff7100254b15c9403 c02f66cc96...
  • 2e9d66f Release 9.10.3
  • 7319870 [Librarian] Regenerated @ 6e3b90a45885c596ade6b11ff7100254b15c9403 b84ee26554...
  • See full diff in compare view

Updates pytest from 9.0.2 to 9.0.3

Release notes

Sourced from pytest's releases.

9.0.3

pytest 9.0.3 (2026-04-07)

Bug fixes

  • #12444: Fixed pytest.approx which now correctly takes into account ~collections.abc.Mapping keys order to compare them.

  • #13634: Blocking a conftest.py file using the -p no: option is now explicitly disallowed.

    Previously this resulted in an internal assertion failure during plugin loading.

    Pytest now raises a clear UsageError explaining that conftest files are not plugins and cannot be disabled via -p.

  • #13734: Fixed crash when a test raises an exceptiongroup with __tracebackhide__ = True.

  • #14195: Fixed an issue where non-string messages passed to unittest.TestCase.subTest() were not printed.

  • #14343: Fixed use of insecure temporary directory (CVE-2025-71176).

Improved documentation

  • #13388: Clarified documentation for -p vs PYTEST_PLUGINS plugin loading and fixed an incorrect -p example.
  • #13731: Clarified that capture fixtures (e.g. capsys and capfd) take precedence over the -s / --capture=no command-line options in Accessing captured output from a test function <accessing-captured-output>.
  • #14088: Clarified that the default pytest_collection hook sets session.items before it calls pytest_collection_finish, not after.
  • #14255: TOML integer log levels must be quoted: Updating reference documentation.

Contributor-facing changes

  • #12689: The test reports are now published to Codecov from GitHub Actions. The test statistics is visible on the web interface.

    -- by aleguy02

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the production-dependencies group across 1 director…
6e22dcc 
…y with 9 updates

Bumps the production-dependencies group with 9 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [fastapi](https://github.com/fastapi/fastapi) | `0.132.0` | `0.135.3` |
| [grpcio](https://github.com/grpc/grpc) | `1.78.1` | `1.80.0` |
| [grpcio-testing](https://grpc.io) | `1.78.1` | `1.80.0` |
| [grpcio-tools](https://github.com/grpc/grpc) | `1.78.1` | `1.80.0` |
| [phonenumbers](https://github.com/daviddrysdale/python-phonenumbers) | `9.0.24` | `9.0.28` |
| [requests](https://github.com/psf/requests) | `2.32.5` | `2.33.1` |
| [sentry-sdk](https://github.com/getsentry/sentry-python) | `2.53.0` | `2.58.0` |
| [twilio](https://github.com/twilio/twilio-python) | `9.10.2` | `9.10.4` |
| [pytest](https://github.com/pytest-dev/pytest) | `9.0.2` | `9.0.3` |



Updates `fastapi` from 0.132.0 to 0.135.3
- [Release notes](https://github.com/fastapi/fastapi/releases)
- [Commits](fastapi/fastapi@0.132.0...0.135.3)

Updates `grpcio` from 1.78.1 to 1.80.0
- [Release notes](https://github.com/grpc/grpc/releases)
- [Commits](grpc/grpc@v1.78.1...v1.80.0)

Updates `grpcio-testing` from 1.78.1 to 1.80.0

Updates `grpcio-tools` from 1.78.1 to 1.80.0
- [Release notes](https://github.com/grpc/grpc/releases)
- [Commits](grpc/grpc@v1.78.1...v1.80.0)

Updates `phonenumbers` from 9.0.24 to 9.0.28
- [Commits](daviddrysdale/python-phonenumbers@v9.0.24...v9.0.28)

Updates `requests` from 2.32.5 to 2.33.1
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](psf/requests@v2.32.5...v2.33.1)

Updates `sentry-sdk` from 2.53.0 to 2.58.0
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](getsentry/sentry-python@2.53.0...2.58.0)

Updates `twilio` from 9.10.2 to 9.10.4
- [Release notes](https://github.com/twilio/twilio-python/releases)
- [Changelog](https://github.com/twilio/twilio-python/blob/main/CHANGES.md)
- [Commits](twilio/twilio-python@9.10.2...9.10.4)

Updates `pytest` from 9.0.2 to 9.0.3
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](pytest-dev/pytest@9.0.2...9.0.3)

---
updated-dependencies:
- dependency-name: fastapi
  dependency-version: 0.135.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: grpcio
  dependency-version: 1.80.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: grpcio-testing
  dependency-version: 1.80.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: grpcio-tools
  dependency-version: 1.80.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: phonenumbers
  dependency-version: 9.0.28
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: requests
  dependency-version: 2.33.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: sentry-sdk
  dependency-version: 2.58.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: twilio
  dependency-version: 9.10.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: pytest
  dependency-version: 9.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Apr 13, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants