pip: bump the pip-updates group across 1 directory with 9 updates

[dependabot]

Updates the requirements on anyio, cffi, cryptography, fastapi, pycparser, pydantic, uvicorn, ruff and black to permit the latest version.
Updates anyio from 4.10.0 to 4.11.0

Release notes

Sourced from anyio's releases.

4.11.0

• Added support for cancellation reasons (the reason parameter to CancelScope.cancel()) (#975)
• Bumped the minimum version of Trio to v0.31.0
• Added the ability to enter the event loop from foreign (non-worker) threads by passing the return value of anyio.lowlevel.current_token() to anyio.from_thread.run() and anyio.from_thread.run_sync() as the token keyword argument (#256)
• Added pytest option (anyio_mode = "auto") to make the pytest plugin automatically handle all async tests (#971)
• Added the anyio.Condition.wait_for() method for feature parity with asyncio (#974)
• Changed the default type argument of anyio.abc.TaskStatus from Any to None (#964)
• Fixed TCP listener behavior to guarantee the same ephemeral port is used for all socket listeners when local_port=0 (#857; PR by @​11kkw and @​agronholm)
• Fixed inconsistency between Trio and asyncio where a TCP stream that previously raised a BrokenResourceError on send() would still raise BrokenResourceError after the stream was closed on asyncio, but ClosedResourceError on Trio. They now both raise a ClosedResourceError in this scenario. (#671)

Changelog

Sourced from anyio's changelog.

Version history

This library adheres to Semantic Versioning 2.0 <http://semver.org/>_.

4.11.0

• Added support for cancellation reasons (the reason parameter to CancelScope.cancel()) ([#975](https://github.com/agronholm/anyio/issues/975) <https://github.com/agronholm/anyio/pull/975>_)
• Bumped the minimum version of Trio to v0.31.0
• Added the ability to enter the event loop from foreign (non-worker) threads by passing the return value of anyio.lowlevel.current_token() to anyio.from_thread.run() and anyio.from_thread.run_sync() as the token keyword argument ([#256](https://github.com/agronholm/anyio/issues/256) <https://github.com/agronholm/anyio/issues/256>_)
• Added pytest option (anyio_mode = "auto") to make the pytest plugin automatically handle all async tests ([#971](https://github.com/agronholm/anyio/issues/971) <https://github.com/agronholm/anyio/pull/971>_)
• Added the anyio.Condition.wait_for() method for feature parity with asyncio ([#974](https://github.com/agronholm/anyio/issues/974) <https://github.com/agronholm/anyio/pull/974>_)
• Changed the default type argument of anyio.abc.TaskStatus from Any to None ([#964](https://github.com/agronholm/anyio/issues/964) <https://github.com/agronholm/anyio/pull/964>_)
• Fixed TCP listener behavior to guarantee the same ephemeral port is used for all socket listeners when local_port=0 ([#857](https://github.com/agronholm/anyio/issues/857) <https://github.com/agronholm/anyio/issues/857>_; PR by @​11kkw and @​agronholm)
• Fixed inconsistency between Trio and asyncio where a TCP stream that previously raised a BrokenResourceError on send() would still raise BrokenResourceError after the stream was closed on asyncio, but ClosedResourceError on Trio. They now both raise a ClosedResourceError in this scenario. ([#671](https://github.com/agronholm/anyio/issues/671) <https://github.com/agronholm/anyio/issues/671>_)

4.10.0

• Added the feed_data() method to the BufferedByteReceiveStream class, allowing users to inject data directly into the buffer

• Added various class methods to wrap existing sockets as listeners or socket streams:

  • SocketListener.from_socket()
  • SocketStream.from_socket()
  • UNIXSocketStream.from_socket()
  • UDPSocket.from_socket()
  • ConnectedUDPSocket.from_socket()
  • UNIXDatagramSocket.from_socket()
  • ConnectedUNIXDatagramSocket.from_socket()

• Added a hierarchy of connectable stream classes for transparently connecting to various remote or local endpoints for exchanging bytes or objects

• Added context manager mix-in classes (anyio.ContextManagerMixin and anyio.AsyncContextManagerMixin) to help write classes that embed other context managers, particularly cancel scopes or task groups ([#905](https://github.com/agronholm/anyio/issues/905) <https://github.com/agronholm/anyio/pull/905>_; PR by @​agronholm and

... (truncated)

Commits

• 08737af Bumped up the version
• 8bb9fe0 Fixed the inconsistent exception on sending to a closed TCP stream (#980)
• 9637093 [pre-commit.ci] pre-commit autoupdate (#981)
• f1bc6ee Fixed changelog entry formatting
• 0b58964 Mentioned the sub-interpreter support in the README
• 1ed112c Ensure same port is used for IPv4/IPv6 when creating TCP listener with local_...
• aceeee0 Re-enabled coverage reporting on macOS
• 6b890dc Reworded a changelog entry and added PR links to others
• 944257d Updated pre-commit modules
• 087975f Fixed a documentation style (#976)
• Additional commits viewable in compare view

Updates cffi from 1.17.1 to 2.0.0

Release notes

Sourced from cffi's releases.

v2.0.0

What's Changed

• Add Python 3.14 support.
• Add CPython free-threaded support (3.14t+ only) - huge thanks to the folks at Quansight Labs for all the work to get this one sorted!
• Drop Python <= 3.8 support.
• Fix order dependency affecting nested type size calculation (#148).

Full Changelog: python-cffi/cffi@v1.17.1...v2.0.0

v2.0.0b1

What's Changed

• Add Python 3.14 support.
• Add CPython free-threaded support (3.14t+ only).
• Drop Python <= 3.8 support.
• Fix order dependency affecting nested type size calculation (#148).

Full Changelog: python-cffi/cffi@v1.17.1...v2.0.0b1

Commits

• 6366c01 release 2.0.0 (#196)
• 95c8476 2.0.0 post beta backports (#195)
• 195cbda Release 2.0.0b1 (#183)
• b4bbe79 fix version test to support beta
• 7ed073d Add support for the free-threaded build (#178)
• 67a170d Change the license from MIT to MIT-no-attribution, which is the same without ...
• 92645ec Add Python 3.14 support/testing (#177)
• 2b81170 doc: update test commands in Section Testing/development tips (#158)
• 25172b8 doc: update year (#153)
• b57a92c issue 147: force-compute nested structs before parent structs. Occurs mainly...
• Additional commits viewable in compare view

Updates cryptography from 45.0.7 to 46.0.1

Changelog

Sourced from cryptography's changelog.

46.0.1 - 2025-09-16

* Fixed an issue where users installing via ``pip`` on Python 3.14 development
  versions would not properly install a dependency.
* Fixed an issue building the free-threaded macOS 3.14 wheels.
.. _v46-0-0:
46.0.0 - 2025-09-16

• BACKWARDS INCOMPATIBLE: Support for Python 3.7 has been removed.
• Support for OpenSSL < 3.0 is deprecated and will be removed in the next release.
• Support for x86_64 macOS (including publishing wheels) is deprecated and will be removed in two releases. We will switch to publishing an arm64 only wheel for macOS.
• Support for 32-bit Windows (including publishing wheels) is deprecated and will be removed in two releases. Users should move to a 64-bit Python installation.
• Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.3.
• We now build ppc64le manylinux wheels and publish them to PyPI.
• We now build win_arm64 (Windows on Arm) wheels and publish them to PyPI.
• Added support for free-threaded Python 3.14.
• Removed the deprecated get_attribute_for_oid method on :class:~cryptography.x509.CertificateSigningRequest. Users should use :meth:~cryptography.x509.Attributes.get_attribute_for_oid instead.
• Removed the deprecated CAST5, SEED, IDEA, and Blowfish classes from the cipher module. These are still available in :doc:/hazmat/decrepit/index.
• In X.509, when performing a PSS signature with a SHA-3 hash, it is now encoded with the official NIST SHA3 OID.

.. _v45-0-7:

Commits

• e735cfc release 46.0.1 (#13450)
• 4e457ff Explicitly specify python in mac uv build invocation (#13447)
• 2726efd Depend on CFFI 2.0.0 or newer on Python > 3.8 (#13448)
• 6223062 release 46.0.0 (#13446)
• 563c491 Update comment for pyopenssl-release tag (#13445)
• d2f6f7f Bump downstream dependencies in CI (#13439)
• e7ab02b we'll ship this with 3.5.3 why not (#13442)
• 0b68a4b Another pair of bump dependencies fix (#13444)
• e076d08 Attempt to fix commit message for bump downstreams (#13440)
• 6835ce8 Put correct version bounds for pyenchant in pins (#13441)
• Additional commits viewable in compare view

Updates fastapi from 0.116.1 to 0.117.1

Release notes

Sourced from fastapi's releases.

0.117.1

Fixes

• 🐛 Fix validation error when File is declared after Form parameter. PR #11194 by @​thomasleveil.

0.117.0

Features

• ✨ Allow None as return type for bodiless responses. PR #9425 by @​hofrob.
• ✨ Allow array values for OpenAPI schema type field. PR #13639 by @​sammasak.
• ✨ Add OpenAPI external_docs parameter to FastAPI. PR #13713 by @​cmtoro.

Fixes

• ⚡️ Fix default_factory for response model field with Pydantic V1. PR #9704 by @​vvanglro.
• 🐛 Fix inconsistent processing of model docstring formfeed char with Pydantic V1. PR #6039 by @​MaxwellPayne.
• 🐛 Fix jsonable_encoder alters json_encoders of Pydantic v1 objects. PR #4972 by @​aboubacs.
• 🐛 Reenable allow_arbitrary_types when only 1 argument is used on the API endpoint. PR #13694 by @​rmawatson.
• 🐛 Fix inspect.getcoroutinefunction() can break testing with unittest.mock.patch(). PR #14022 by @​secrett2633.

Refactors

• ♻️ Create dependency-cache dict in solve_dependencies only if None (don't re-create if empty). PR #13689 by @​bokshitsky.
• ✅ Enable test case for duplicated headers in test_tutorial/test_header_params/test_tutorial003.py. PR #13864 by @​Amogha-ark.
• 📌 Pin httpx to >=0.23.0,<1.0.0. PR #14086 by @​YuriiMotov.

Docs

• 📝 Add note about Cookies and JavaScript on tutorial/cookie-params.md. PR #13510 by @​Kludex.
• 📝 Remove outdated formatting from path-params-numeric-validations.md for languages en, es and uk.. PR #14059 by @​svlandeg.
• 📝 Fix and Improve English Documentation. PR #14048 by @​nilslindemann.

Translations

• 📝 Update prompts and German translation. PR #14015 by @​nilslindemann.

Internal

• ✅ Simplify tests for response_model. PR #14062 by @​dynamicy.
• 🚨 Install pydantic.mypy plugin. PR #14081 by @​svlandeg.
• ✅ Add LLM test file. PR #14049 by @​nilslindemann.
• 🔨 Update translations script. PR #13968 by @​YuriiMotov.
• 🛠️ Update docs.py generate-readme command to remove permalinks from headers. PR #14055 by @​YuriiMotov.
• ⬆️ Update mypy to 1.14.1. PR #12970 by @​tamird.

0.116.2

Upgrades

• ⬆️ Upgrade Starlette supported version range to >=0.40.0,<0.49.0. PR #14077 by @​musicinmybrain.

... (truncated)

Commits

• 784f06c 🔖 Release version 0.117.1
• b5c0589 📝 Update release notes
• 44fc676 🐛 Fix validation error when File is declared after Form parameter (#11194)
• a840010 📝 Update release notes
• 382d083 🔖 Release version 0.117.0
• a7f2dbe 📝 Update release notes
• f1e6f97 ⚡️ Fix default_factory for response model field with Pydantic V1 (#9704)
• b01d5c9 📝 Update release notes
• b51ec36 ✨ Allow None as return type for bodiless responses (#9425)
• 0bdc3ca 📝 Update release notes
• Additional commits viewable in compare view

Updates pycparser from 2.22 to 2.23

Release notes

Sourced from pycparser's releases.

release_v2.23

What's Changed

• Allow abstract declarator "static" (GH issue #539) by @​gperciva in eliben/pycparser#545
• Add support for Python 3.13 by @​hugovk in eliben/pycparser#550
• Add dirent and socket typedefs. by @​MegaManSec in eliben/pycparser#558
• Support for labels with no statement by @​ignatirabo in eliben/pycparser#562
• Accept empty 'case' or 'default' labels by @​ignatirabo in eliben/pycparser#564
• fix: preserve parentheses for statement exprs by @​zawan-ila in eliben/pycparser#566
• fix: hex float types by @​zawan-ila in eliben/pycparser#567
• Explicit error for comments, with README link by @​cellularmitosis in eliben/pycparser#569
• showemptyattrs option on Node.show() by @​cellularmitosis in eliben/pycparser#570
• Add fake typedefs for GNU Extension 128-bit integers. by @​dj-wednesday in eliben/pycparser#577
• Typedef for __kernel_sa_family_t in linux/socket.h by @​crosser in eliben/pycparser#578

New Contributors

• @​gperciva made their first contribution in eliben/pycparser#545
• @​MegaManSec made their first contribution in eliben/pycparser#558
• @​ignatirabo made their first contribution in eliben/pycparser#562
• @​zawan-ila made their first contribution in eliben/pycparser#566
• @​cellularmitosis made their first contribution in eliben/pycparser#569
• @​dj-wednesday made their first contribution in eliben/pycparser#577
• @​crosser made their first contribution in eliben/pycparser#578

Full Changelog: eliben/pycparser@release_v2.22...release_v2.23

Commits

• 5b60167 Prepare for release 2.23
• 7b24736 Typedef for __kernel_sa_family_t in _fake_typedefs.h (#578)
• 90184f1 Add fake typedefs for GNU Extension 128-bit integers. (#577)
• f04fdcd showemptyattrs option on Node.show() (#570)
• 156eae7 Explicit error for comments, with README link (#569)
• 2215299 fix: hex float types (#567)
• 037bd31 fix: preserve parentheses for statement exprs (#566)
• 9cecc09 Accept empty 'case' or 'default' labels (#564)
• 7ae671d Support for labels with no statement (#562)
• 42b5423 Add dirent and socket typedefs. (#558)
• Additional commits viewable in compare view

Updates pydantic from 2.11.7 to 2.11.9

Release notes

Sourced from pydantic's releases.

v2.11.9 2025-09-13

What's Changed

Fixes

• Backport v1.10.23 changes by @​Viicos

Full Changelog: pydantic/pydantic@v2.11.8...v2.11.9

v2.11.8 2025-09-13

v2.11.8 (2025-09-13)

What's Changed

Fixes

• Fix mypy plugin for mypy 1.18 by @​cdce8p in #12209

Full Changelog: pydantic/pydantic@v2.11.7...v2.11.8

Changelog

Sourced from pydantic's changelog.

v2.11.9 (2025-09-13)

GitHub release

What's Changed

Fixes

• Backport v1.10.23 changes by @​Viicos

v2.11.8 (2025-09-13)

GitHub release

What's Changed

Fixes

• Fix mypy plugin for mypy 1.18 by @​cdce8p in #12209

Commits

• 9231095 Prepare release v2.11.9
• f003a89 Backport v1.10.23 changes
• 96b81dd Prepare release v2.11.8
• 966f377 Fix mypy v2 plugin for upcoming 1.18 mypy release
• See full diff in compare view

Updates uvicorn from 0.35.0 to 0.37.0

Release notes

Sourced from uvicorn's releases.

Version 0.37.0

What's Changed

• Add --timeout-worker-healthcheck setting by @​Kludex in Kludex/uvicorn#2711
• Add os.PathLike[str] type to ssl_ca_certs by @​rnv812 in Kludex/uvicorn#2676

New Contributors

• @​LincolnPuzey made their first contribution in Kludex/uvicorn#2669
• @​rnv812 made their first contribution in Kludex/uvicorn#2676

Full Changelog: Kludex/uvicorn@0.36.1...0.37.0

Version 0.36.1

What's Changed

• Raise an exception when calling removed Config.setup_event_loop() by @​Kludex in Kludex/uvicorn#2709

Full Changelog: Kludex/uvicorn@0.36.0...0.36.1

Version 0.36.0

Added

• Support custom IOLOOPs by @​gnir-work in Kludex/uvicorn#2435
• Allow to provide importable string in --http, --ws and --loop by @​Kludex in Kludex/uvicorn#2658

---

New Contributors

• @​gnir-work made their first contribution in Kludex/uvicorn#2435
• @​musicinmybrain made their first contribution in Kludex/uvicorn#2659
• @​secrett2633 made their first contribution in Kludex/uvicorn#2684

Full Changelog: Kludex/uvicorn@0.35.0...0.36.0

Changelog

Sourced from uvicorn's changelog.

0.37.0 (September 23, 2025)

Added

• Add --timeout-worker-healthcheck option (#2711)
• Add os.PathLike[str] type to ssl_ca_certs (#2676)

0.36.1 (September 23, 2025)

Fixed

• Raise an exception when calling removed Config.setup_event_loop() (#2709)

0.36.0 (September 20, 2025)

Added

• Support custom IOLOOPs (#2435)
• Allow to provide importable string in --http, --ws and --loop (#2658)

Commits

• 4098bca Version 0.37.0 (#2712)
• 8c057fa Add os.PathLike[str] type to ssl_ca_certs (#2676)
• bbe119e Add note about --timeout-keep-alive being measured in seconds (#2669)
• 2744f14 Add --timeout-worker-healthcheck setting (#2711)
• 1dfb0bd Version 0.36.1 (#2710)
• 3d0d46a Raise an exception when calling removed Config.setup_event_loop() (#2709)
• ad9e5b9 docs: redirect uvicorn.org to uvicorn.dev (#2705)
• 0e3b18c Version 0.36.0 (#2704)
• f84661d chore: drop mention to scripts/publish (#2696)
• dcd7e6c docs: replace uvicorn.org by uvicorn.dev (#2703)
• Additional commits viewable in compare view

Updates ruff to 0.13.1

Release notes

Sourced from ruff's releases.

0.13.1

Release Notes

Released on 2025-09-18.

Preview features

• [flake8-simplify] Detect unnecessary None default for additional key expression types (SIM910) (#20343)
• [flake8-use-pathlib] Add fix for PTH123 (#20169)
• [flake8-use-pathlib] Fix PTH101, PTH104, PTH105, PTH121 fixes (#20143)
• [flake8-use-pathlib] Make PTH111 fix unsafe because it can change behavior (#20215)
• [pycodestyle] Fix E301 to only trigger for functions immediately within a class (#19768)
• [refurb] Mark single-item-membership-test fix as always unsafe (FURB171) (#20279)

Bug fixes

• Handle t-strings for token-based rules and suppression comments (#20357)
• [flake8-bandit] Fix truthiness: dict-only ** displays not truthy for shell (S602, S604, S609) (#20177)
• [flake8-simplify] Fix diagnostic to show correct method name for str.rsplit calls (SIM905) (#20459)
• [flynt] Use triple quotes for joined raw strings with newlines (FLY002) (#20197)
• [pyupgrade] Fix false positive when class name is shadowed by local variable (UP008) (#20427)
• [pyupgrade] Prevent infinite loop with I002 and UP026 (#20327)
• [ruff] Recognize t-strings, generators, and lambdas in invalid-index-type (RUF016) (#20213)

Rule changes

• [RUF102] Respect rule redirects in invalid rule code detection (#20245)
• [flake8-bugbear] Mark the fix for unreliable-callable-check as always unsafe (B004) (#20318)
• [ruff] Allow dataclass attribute value instantiation from nested frozen dataclass (RUF009) (#20352)

CLI

• Add fixes to output-format=sarif (#20300)
• Treat panics as fatal diagnostics, sort panics last (#20258)

Documentation

• [ruff] Add analyze.string-imports-min-dots to settings (#20375)
• Update README.md with Albumentations new repository URL (#20415)

Other changes

• Bump MSRV to Rust 1.88 (#20470)
• Enable inline noqa for multiline strings in playground (#20442)

Contributors

• @​chirizxc
• @​danparizher
• @​IDrokin117

... (truncated)

Changelog

Sourced from ruff's changelog.

0.13.1

Released on 2025-09-18.

Preview features

• [flake8-simplify] Detect unnecessary None default for additional key expression types (SIM910) (#20343)
• [flake8-use-pathlib] Add fix for PTH123 (#20169)
• [flake8-use-pathlib] Fix PTH101, PTH104, PTH105, PTH121 fixes (#20143)
• [flake8-use-pathlib] Make PTH111 fix unsafe because it can change behavior (#20215)
• [pycodestyle] Fix E301 to only trigger for functions immediately within a class (#19768)
• [refurb] Mark single-item-membership-test fix as always unsafe (FURB171) (#20279)

Bug fixes

• Handle t-strings for token-based rules and suppression comments (#20357)
• [flake8-bandit] Fix truthiness: dict-only ** displays not truthy for shell (S602, S604, S609) (#20177)
• [flake8-simplify] Fix diagnostic to show correct method name for str.rsplit calls (SIM905) (#20459)
• [flynt] Use triple quotes for joined raw strings with newlines (FLY002) (#20197)
• [pyupgrade] Fix false positive when class name is shadowed by local variable (UP008) (#20427)
• [pyupgrade] Prevent infinite loop with I002 and UP026 (#20327)
• [ruff] Recognize t-strings, generators, and lambdas in invalid-index-type (RUF016) (#20213)

Rule changes

• [RUF102] Respect rule redirects in invalid rule code detection (#20245)
• [flake8-bugbear] Mark the fix for unreliable-callable-check as always unsafe (B004) (#20318)
• [ruff] Allow dataclass attribute value instantiation from nested frozen dataclass (RUF009) (#20352)

CLI

• Add fixes to output-format=sarif (#20300)
• Treat panics as fatal diagnostics, sort panics last (#20258)

Documentation

• [ruff] Add analyze.string-imports-min-dots to settings (#20375)
• Update README.md with Albumentations new repository URL (#20415)

Other changes

• Bump MSRV to Rust 1.88 (#20470)
• Enable inline noqa for multiline strings in playground (#20442)

Contributors

• @​chirizxc
• @​danparizher
• @​IDrokin117
• @​amyreese

... (truncated)

Commits

• 706be0a Add pyproject.toml to rooster config version_files and bump to 0.13.1 (#2...
• 7b40428 Bump 0.13.1 (#20473)
• b9b5755 Upgrade to the latest rooster version and include contributors in CHANGELOG (...
• b4b5d67 [flynt] Use triple quotes for joined raw strings with newlines (FLY002) (...
• 0b60584 Bump MSRV to Rust 1.88 (#20470)
• 821b2f8 [refurb] Mark single-item-membership-test fix as always unsafe (FURB171...
• 1758f26 Update rust toolchain to 1.90 (#20469)
• 2502ff7 [ty] Make TypeIs invariant in its type argument (#20428)
• 144373f [flake8-use-pathlib] Fix PTH101, PTH104, PTH105, PTH121 fixes (#20143)
• 91995aa [pyupgrade] Fix false positive when class name is shadowed by local variabl...
• Additional commits viewable in compare view

Updates black to 25.9.0

Release notes

Sourced from black's releases.

25.9.0

Highlights

• Remove support for pre-python 3.7 await/async as soft keywords/variable names (#4676)

Stable style

• Fix crash while formatting a long del statement containing tuples (#4628)
• Fix crash while formatting expressions using the walrus operator in complex with statements (#4630)
• Handle # fmt: skip followed by a comment at the end of file (#4635)
• Fix crash when a tuple appears in the as clause of a with statement (#4634)
• Fix crash when tuple is used as a context manager inside a with statement (#4646)
• Fix crash when formatting a \ followed by a \r followed by a comment (#4663)
• Fix crash on a \\r\n (#4673)
• Fix crash on await ... (where ... is a literal Ellipsis) (#4676)
• Fix crash on parenthesized expression inside a type parameter bound (#4684)
• Fix crash when using line ranges excluding indented single line decorated items (#4670)

Preview style

• Fix a bug where one-liner functions/conditionals marked with # fmt: skip would still be formatted (#4552)
• Improve multiline_string_handling with ternaries and dictionaries (#4657)
• Fix a bug where string_processing would not split f-strings directly after expressions (#4680)
• Wrap the in clause of comprehensions across lines if necessary (#4699)
• Remove parentheses around multiple exception types in except and except* without as. (#4720)
• Add \r style newlines to the potential newlines to normalize file newlines both from and to (#4710)

Parser

• Rewrite tokenizer to improve performance and compliance (#4536)
• Fix bug where certain unusual expressions (e.g., lambdas) were not accepted in type parameter bounds and defaults. (#4602)

Performance

• Avoid using an extra process when running with only one worker (#4734)

Integrations

• Fix the version check in the vim file to reject Python 3.8 (#4567)
• Enhance GitHub Action psf/black to read Black version from an additional section in pyproject.toml: [project.dependency-groups] (#4606)
• Build gallery docker image with python3-slim and reduce image size (#4686)

... (truncated)

Changelog

Sourced from black's changelog.

25.9.0

Highlights

• Remove support for pre-python 3.7 await/async as soft keywords/variable names (#4676)

Stable style

• Fix crash while formatting a long del statement containing tuples (#4628)
• Fix crash while formatting expressions using the walrus operator in complex with statements (#4630)
• Handle # fmt: skip followed by a comment at the end of file (#4635)
• Fix crash when a tuple appears in the as clause of a with statement (#4634)
• Fix crash when tuple is used as a context manager inside a with statement (#4646)
• Fix crash when formatting a \ followed by a \r followed by a comment (#4663)
• Fix crash on a \\r\n (#4673)
• Fix crash on await ... (where ... is a literal Ellipsis) (#4676)
• Fix crash on parenthesized expression inside a type parameter bound (#4684)
• Fix crash when using line ranges excluding indented single line decorated items (#4670)

Preview style

• Fix a bug where one-liner functions/conditionals marked with # fmt: skip would still be formatted (#4552)
• Improve multiline_string_handling with ternaries and dictionaries (#4657)
• Fix a bug where string_processing would not split f-strings directly after expressions (#4680)
• Wrap the in clause of comprehensions across lines if necessary (#4699)
• Remove parentheses around multiple exception types in except and except* without as. (#4720)
• Add \r style newlines to the potential newlines to normalize file newlines both from and to (#4710)

Parser

• Rewrite tokenizer to improve performance and compliance (#4536)
• Fix bug where certain unusual expressions (e.g., lambdas) were not accepted in type parameter bounds and defaults. (#4602)

Performance

• Avoid using an extra process when running with only one worker (#4734)

Integrations

• Fix the version check in the vim file to reject Python 3.8 (#4567)
• Enhance GitHub Action psf/black to read Black version from an additional section in pyproject.toml: [project.dependency-groups] (#4606)

... (truncated)

Commits

• af0ba72 Prepare docs for release 25.9.0 (#4751)
• ffc01a0 Fix schema generation error caused by new click version (#4750)
• 626b32f Add normalizing for \r style newlines (#4710)
• 57a4612 Fix mypy type issue (#4745)
• 4f6ad7c Wrap the in clause of comprehensions across lines if necessary (#4699)
• 24f5169 ci: Run diff-shades on unstable instead of preview (#4741)
• 4d55e60 Bump actions/setup-python from 5 to 6 (#4744)
• 0cf39ef Improve the performance of get_string_prefix (#4742)
• 1f779de Fix line ranges decorator edge case (#4670)
• 203fd6b Optimize Line string method (#4739)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

[//...

Description has been truncated

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.