chore(deps): bump the all group across 1 directory with 7 updates

[dependabot]

Bumps the all group with 7 updates in the / directory:

Package	From	To
fastapi	0.128.5	0.131.0
isort	7.0.0	8.0.0
mkdocs-material	9.7.1	9.7.2
poethepoet	0.41.0	0.42.0
pytest	8.4.2	9.0.2
uvicorn	0.40.0	0.41.0
ruff	0.15.0	0.15.2

Updates fastapi from 0.128.5 to 0.131.0

Release notes

Sourced from fastapi's releases.

0.131.0

Breaking Changes

• 🗑️ Deprecate ORJSONResponse and UJSONResponse. PR #14964 by @​tiangolo.

0.130.0

Features

• ✨ Serialize JSON response with Pydantic (in Rust), when there's a Pydantic return type or response model. PR #14962 by @​tiangolo.
  • This results in 2x (or more) performance increase for JSON responses.
  • New docs: Custom Response - JSON Performance.

0.129.2

Internal

• ⬆️ Upgrade pytest. PR #14959 by @​tiangolo.
• 👷 Fix CI, do not attempt to publish fastapi-slim. PR #14958 by @​tiangolo.
• ➖ Drop support for fastapi-slim, no more versions will be released, use only "fastapi[standard]" or fastapi. PR #14957 by @​tiangolo.
• 🔧 Update pyproject.toml, remove unneeded lines. PR #14956 by @​tiangolo.

0.129.1

Fixes

• ♻️ Fix JSON Schema for bytes, use "contentMediaType": "application/octet-stream" instead of "format": "binary". PR #14953 by @​tiangolo.

Docs

• 🔨 Add Kapa.ai widget (AI chatbot). PR #14938 by @​tiangolo.
• 🔥 Remove Python 3.9 specific files, no longer needed after updating translations. PR #14931 by @​tiangolo.
• 📝 Update docs for JWT to prevent timing attacks. PR #14908 by @​tiangolo.

Translations

• ✏️ Fix several typos in ru translations. PR #14934 by @​argoarsiks.
• 🌐 Update translations for ko (update-all and add-missing). PR #14923 by @​YuriiMotov.
• 🌐 Update translations for uk (add-missing). PR #14922 by @​YuriiMotov.
• 🌐 Update translations for zh-hant (update-all and add-missing). PR #14921 by @​YuriiMotov.
• 🌐 Update translations for fr (update-all and add-missing). PR #14920 by @​YuriiMotov.
• 🌐 Update translations for de (update-all) . PR #14910 by @​YuriiMotov.
• 🌐 Update translations for ja (update-all). PR #14916 by @​YuriiMotov.
• 🌐 Update translations for pt (update-all). PR #14912 by @​YuriiMotov.
• 🌐 Update translations for es (update-all and add-missing). PR #14911 by @​YuriiMotov.
• 🌐 Update translations for zh (update-all). PR #14917 by @​YuriiMotov.
• 🌐 Update translations for uk (update-all). PR #14914 by @​YuriiMotov.
• 🌐 Update translations for tr (update-all). PR #14913 by @​YuriiMotov.
• 🌐 Update translations for ru (update-outdated). PR #14909 by @​YuriiMotov.

Internal

• 👷 Always run tests on push to master branch and when run by scheduler. PR #14940 by @​YuriiMotov.

... (truncated)

Commits

• b423b73 🔖 Release version 0.131.0
• 70e8558 📝 Update release notes
• 48e9835 🗑️ Deprecate ORJSONResponse and UJSONResponse (#14964)
• 2e62fb1 📝 Update release notes
• eb544e7 🔖 Release version 0.130.0
• bc06e42 📝 Update release notes
• 590a5e5 ✨ Serialize JSON response with Pydantic (in Rust), when there's a Pydantic re...
• 1e78a36 🔖 Release version 0.129.2
• f921de6 📝 Update release notes
• 4ab8138 ⬆️ Upgrade pytest (#14959)
• Additional commits viewable in compare view

Updates isort from 7.0.0 to 8.0.0

Release notes

Sourced from isort's releases.

8.0.0

Changes

• Update CHANGELOG for version 8.0.0 (#2460) @​DanielNoord
• Fix edge case of __future__ import. (#2458) @​skv0zsneg
• Fix the Plone profile to be compatible with black (#2457) @​ale-rt
• typo fix (#2450) @​jsta
• Remove the setuptools plugin (#2427) @​DanielNoord
• Turn some warnings into errors in test suite (#2449) @​DanielNoord
• chore: replace black with ruff in clean.sh (#2448) @​joao-faria-dev
• feat!: remove old finders flag and legacy finder logic (#2446) @​joao-faria-dev
• Fix whitespace insensitive check triggering on tabs (#2437) @​robsdedude
• Fix line separator detection not considering form feed as white space (#2436) @​robsdedude
• Fix #1964: lines_before_import sometimes ignored (#1965) @​robsdedude
• Remove reference to 3.9 in README (#2434) @​DanielNoord

🚀 Features

• Ensure multiprocessing.Pool is always closed and joined (#2442) @​DanielNoord

👷 Continuous Integration

• Simplify CI by putting similar steps into a single action file (#2444) @​DanielNoord

📦 Dependencies

• Bump actions/checkout from 5 to 6 in the github-actions group (#2451) @dependabot[bot]
• Bump astral-sh/setup-uv from 6 to 7 in the github-actions group (#2441) @dependabot[bot]

Changelog

Sourced from isort's changelog.

8.0.0 February 19 2026

• Removed --old-finders and --magic-placement flags and old_finders configuration option. The legacy finder logic that relied on environment introspection has been removed (#2445) @​joao-faria-dev
• Update the plone profile to not clash with black (#2456) @​ale-rt

6.1.0 October 1 2025

• Add python 3.14 classifier and badge (#2409) @​staticdev
• Drop use of non-standard pkg_resources API (#2405) @​dvarrazzo

6.0.1 Febuary 26 2025

• Add OSError handling in find_imports_in_file (#2331) @​kobarity

6.0.0 January 27 2025

• Remove support for Python 3.8 (#2327) @​DanielNoord
• Python 3.13 support (#2306) @​mayty
• Speed up exists_case_sensitive calls (#2264) @​correctmost
• Ensure that split_on_trailing_comma works with as imports (#2340) @​DanielNoord
• Black profile: enable magic comma (#2236) @​MrMino
• Update line_length and single_line_exclusions in google profile (#2149) @​jagapiou
• Allow --diff to be used with --jobs (#2302) @​mnakama
• Fix wemake profile to have correct character limit (#2241) @​sobolevn
• Fix sort_reexports code mangling (#2283) @​Helveg
• Fix correct group by package tokenization (#2136) @​glasnt

5.13.2 December 13 2023

• Apply the bracket fix from issue #471 only for use_parentheses=True (#2184) @​bp72
• Confine pre-commit to stages (#2213) @​davidculley
• Fixed colors extras (#2212) @​staticdev

5.13.1 December 11 2023

• Fixed integration tests (#2208) @​bp72
• Fixed normalizing imports from more than one level of parent modules (issue/2152) (#2191) @​bp72
• Remove optional dependencies without extras (#2207) @​staticdev

5.13.0 December 9 2023

• Cleanup deprecated extras (#2089) @​staticdev
• Fixed #1989: settings lookup when working in stream based mode
• Fixed 80 line length for wemake linter (#2183) @​skatromb
• Add support for Python 3.12 (#2175) @​hugovk
• Fixed: add newest version to pre-commit docs (#2190) @​AzulGarza
• Fixed assertions in test_git_hook (#2196) @​mgorny
• Removed check for include_trailing_comma for the Hanging Indent wrap mode (#2192) @​bp72
• Use the standard library tomllib on sufficiently new python (#2202) @​eli-schwartz
• Update pre-commit.md version number (#2197) @​nicobako

... (truncated)

Commits

• 3459bde Merge pull request #2460 from PyCQA/DanielNoord-patch-1
• 6e70bb6 Update CHANGELOG for version 8.0.0
• b0f2dab Merge pull request #2458 from skv0zsneg/issue/1882
• 313797b Fix lint.
• 7d3a6f5 Add ignore for cyclomatic complexity check.
• 6b9f895 Remove debug prints.
• 45f2497 Add tests for edge case future imports handler.
• fe57bfd Add edge case future imports handler.
• e8c127b Merge pull request #2457 from ale-rt/ale/2456/fix-plone-profile
• 293c201 Fix the Plone profile to be compatible with black
• Additional commits viewable in compare view

Updates mkdocs-material from 9.7.1 to 9.7.2

Release notes

Sourced from mkdocs-material's releases.

mkdocs-material-9.7.2

[!WARNING]

Material for MkDocs is in maintenance mode

Going forward, the Material for MkDocs team focuses on Zensical, a next-gen static site generator built from first principles. We will provide critical bug fixes and security updates for Material for MkDocs until November 2026.

Read the full announcement on our blog

Changes

• Opened up version ranges of optional dependencies for forward-compatibility
• Added warning to mkdocs build about impending MkDocs 2.0 incompatibility (doesn't affect strict mode)

Changelog

Sourced from mkdocs-material's changelog.

mkdocs-material-9.7.2 (2026-02-18)

• Opened up version ranges of optional dependencies for forward-compatibility
• Added warning to 'mkdocs build' about impending MkDocs 2.0 incompatibility

mkdocs-material-9.7.1 (2025-12-18)

• Updated requests to 2.30+ to mitigate CVE in urllib
• Fixed privacy plugin not picking up protocol-relative URLs
• Fixed #8542: false positives and negatives captured in privacy plugin

mkdocs-material-9.7.0 (2025-11-11)

⚠️ Material for MkDocs is now in maintenance mode

This is the last release of Material for MkDocs that will receive new features. Going forward, the Material for MkDocs team focuses on Zensical, a next-gen static site generator built from first principles. We will provide critical bug fixes and security updates for Material for MkDocs for 12 months at least.

Read the full announcement on our blog: https://squidfunk.github.io/mkdocs-material/blog/2025/11/05/zensical/

This release includes all features that were previously exclusive to the Insiders edition. These features are now freely available to everyone.

Note on deprecated plugins: The projects and typeset plugins are included in this release, but must be considered deprecated. Both plugins proved unsustainable to maintain and represent architectural dead ends. They are provided as-is without ongoing support.

Changes:

• Added support for pinned blog posts and author profiles
• Added support for customizing pagination for blog index pages
• Added support for customizing blog category sort order
• Added support for staying on page when switching languages
• Added support for disabling tags in table of contents
• Added support for nested tags and shadow tags
• Added support for footnote tooltips
• Added support for instant previews
• Added support for instant prefetching
• Added support for custom social card layouts
• Added support for custom social card background images
• Added support for selectable rangs in code blocks
• Added support for custom selectors for code annotations
• Added support for configurable log level in privacy plugin
• Added support for processing of external links in privacy plugin
• Added support for automatic image optimization via optimize plugin
• Added support for navigation paths (breadcrumbs)

... (truncated)

Commits

• e21a119 Updated changelog
• d5654b5 Prepare 9.7.2 release
• b18af2f Opened up version ranges in optional dependencies
• 39cdfbd Added social card for blog post
• 09ee7b1 Added blog post on MkDocs 2.0 (#8564)
• 0d11a2d Documentation (#8560)
• 8fc61b5 Updated dependencies
• 3f0eaca Documentation
• eaba2dc Re-enable publishing
• See full diff in compare view

Updates poethepoet from 0.41.0 to 0.42.0

Release notes

Sourced from poethepoet's releases.

0.42.0

Enhancements

• Better zsh completion caaching with max hits per cache and proper TTL before refresh by @​nat-n in nat-n/poethepoet#360
• Officially Support Python 3.14 by @​gruebel in nat-n/poethepoet#362
• Add completion script for PowerShell by @​NSPC911 in nat-n/poethepoet#358

[!IMPORTANT] You must follow the instructions to (re)install the completion script for your preferred shell environment to benefit from the enhancements for zsh or PowerShell

New Contributors

• @​gruebel made their first contribution in nat-n/poethepoet#362
• @​NSPC911 made their first contribution in nat-n/poethepoet#358

Full Changelog: nat-n/poethepoet@v0.41.0...v0.42.0

Commits

• b1589da Bump version to 0.42.0
• 0646d44 feat: powershell completions (#358)
• 56293a4 chore: support Python 3.14 (#362)
• 804c675 Add cache TTL and max hits to zsh completion caching (#360)
• See full diff in compare view

Updates pytest from 8.4.2 to 9.0.2

Release notes

Sourced from pytest's releases.

9.0.2

pytest 9.0.2 (2025-12-06)

Bug fixes

• #13896: The terminal progress feature added in pytest 9.0.0 has been disabled by default, except on Windows, due to compatibility issues with some terminal emulators.

  You may enable it again by passing -p terminalprogress. We may enable it by default again once compatibility improves in the future.

  Additionally, when the environment variable TERM is dumb, the escape codes are no longer emitted, even if the plugin is enabled.

• #13904: Fixed the TOML type of the tmp_path_retention_count settings in the API reference from number to string.

• #13946: The private config.inicfg attribute was changed in a breaking manner in pytest 9.0.0. Due to its usage in the ecosystem, it is now restored to working order using a compatibility shim. It will be deprecated in pytest 9.1 and removed in pytest 10.

• #13965: Fixed quadratic-time behavior when handling unittest subtests in Python 3.10.

Improved documentation

• #4492: The API Reference now contains cross-reference-able documentation of pytest's command-line flags <command-line-flags>.

9.0.1

pytest 9.0.1 (2025-11-12)

Bug fixes

• #13895: Restore support for skipping tests via raise unittest.SkipTest.
• #13896: The terminal progress plugin added in pytest 9.0 is now automatically disabled when iTerm2 is detected, it generated desktop notifications instead of the desired functionality.
• #13904: Fixed the TOML type of the verbosity settings in the API reference from number to string.
• #13910: Fixed UserWarning: Do not expect file_or_dir on some earlier Python 3.12 and 3.13 point versions.

Packaging updates and notes for downstreams

• #13933: The tox configuration has been adjusted to make sure the desired version string can be passed into its package_env through the SETUPTOOLS_SCM_PRETEND_VERSION_FOR_PYTEST environment variable as a part of the release process -- by webknjaz.

Contributor-facing changes

• #13891, #13942: The CI/CD part of the release automation is now capable of creating GitHub Releases without having a Git checkout on disk -- by bluetech and webknjaz.
• #13933: The tox configuration has been adjusted to make sure the desired version string can be passed into its package_env through the SETUPTOOLS_SCM_PRETEND_VERSION_FOR_PYTEST environment variable as a part of the release process -- by webknjaz.

... (truncated)

Commits

• 3d10b51 Prepare release version 9.0.2
• 188750b Merge pull request #14030 from pytest-dev/patchback/backports/9.0.x/1e4b01d1f...
• b7d7bef Merge pull request #14014 from bluetech/compat-note
• bd08e85 Merge pull request #14013 from pytest-dev/patchback/backports/9.0.x/922b60377...
• bc78386 Add CLI options reference documentation (#13930)
• 5a4e398 Fix docs typo (#14005) (#14008)
• d7ae6df Merge pull request #14006 from pytest-dev/maintenance/update-plugin-list-tmpl...
• 556f6a2 pre-commit: fix rst-lint after new release (#13999) (#14001)
• c60fbe6 Fix quadratic-time behavior when handling unittest subtests in Python 3.10 ...
• 73d9b01 Merge pull request #13995 from nicoddemus/patchback/backports/9.0.x/1b5200c0f...
• Additional commits viewable in compare view

Updates uvicorn from 0.40.0 to 0.41.0

Release notes

Sourced from uvicorn's releases.

Version 0.41.0

Added

• Add --limit-max-requests-jitter to stagger worker restarts (#2707)
• Add socket path to scope["server"] (#2561)

Changed

• Rename LifespanOn.error_occured to error_occurred (#2776)

Fixed

• Ignore permission denied errors in watchfiles reloader (#2817)
• Ensure lifespan shutdown runs when should_exit is set during startup (#2812)
• Reduce the log level of 'request limit exceeded' messages (#2788)

---

New Contributors

• @​t-kawasumi made their first contribution in Kludex/uvicorn#2776
• @​fardyn made their first contribution in Kludex/uvicorn#2800
• @​ewie made their first contribution in Kludex/uvicorn#2807
• @​shevron made their first contribution in Kludex/uvicorn#2788
• @​jonashaag made their first contribution in Kludex/uvicorn#2707

---

Full Changelog: Kludex/uvicorn@0.40.0...0.41.0

Changelog

Sourced from uvicorn's changelog.

0.41.0 (February 16, 2026)

Added

• Add --limit-max-requests-jitter to stagger worker restarts (#2707)
• Add socket path to scope["server"] (#2561)

Changed

• Rename LifespanOn.error_occured to error_occurred (#2776)

Fixed

• Ignore permission denied errors in watchfiles reloader (#2817)
• Ensure lifespan shutdown runs when should_exit is set during startup (#2812)
• Reduce the log level of 'request limit exceeded' messages (#2788)

Commits

• 9283c0f Version 0.41.0 (#2821)
• a01a33e Add --limit-max-requests-jitter to stagger worker restarts (#2707)
• 2ce65bd Ignore permission denied errors in watchfiles reloader (#2817)
• 654f2ed Ensure lifespan shutdown runs when should_exit is set during startup (#2812)
• a03d9f6 Reduce the log level of 'request limit exceeded' messages (#2788)
• e377de4 Add socket path to scope["server"] (#2561)
• 0779f7f Poll for readiness in test_multiprocess_health_check and run_server (#2816)
• 7e9ce2c Poll for PID changes in test_multiprocess_sighup instead of fixed sleep (#2...
• 99f0d87 Fix grep warning in scripts/sync-version (#2807)
• 7ae2e63 chore(deps): bump the python-packages group with 18 updates (#2801)
• Additional commits viewable in compare view

Updates ruff from 0.15.0 to 0.15.2

Release notes

Sourced from ruff's releases.

0.15.2

Release Notes

Released on 2026-02-19.

Preview features

• Expand the default rule set (#23385)

  In preview, Ruff now enables a significantly expanded default rule set of 412 rules, up from the stable default set of 59 rules. The new rules are mostly a superset of the stable defaults, with the exception of these rules, which are removed from the preview defaults:

  • multiple-imports-on-one-line (E401)
  • module-import-not-at-top-of-file (E402)
  • module-import-not-at-top-of-file (E701)
  • multiple-statements-on-one-line-semicolon (E702)
  • useless-semicolon (E703)
  • none-comparison (E711)
  • true-false-comparison (E712)
  • not-in-test (E713)
  • not-is-test (E714)
  • type-comparison (E721)
  • lambda-assignment (E731)
  • ambiguous-variable-name (E741)
  • ambiguous-class-name (E742)
  • ambiguous-function-name (E743)
  • undefined-local-with-import-star (F403)
  • undefined-local-with-import-star-usage (F405)
  • undefined-local-with-nested-import-star-usage (F406)
  • forward-annotation-syntax-error (F722)

  If you use preview and prefer the old defaults, you can restore them with configuration like:

  # ruff.toml
  [lint]
  select = ["E4", "E7", "E9", "F"]
  pyproject.toml
  [tool.ruff.lint]
  select = ["E4", "E7", "E9", "F"]

  If you do give them a try, feel free to share your feedback in the GitHub discussion!

• [flake8-pyi] Also check string annotations (PYI041) (#19023)

Bug fixes

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.2

Released on 2026-02-19.

Preview features

• Expand the default rule set (#23385)

  In preview, Ruff now enables a significantly expanded default rule set of 412 rules, up from the stable default set of 59 rules. The new rules are mostly a superset of the stable defaults, with the exception of these rules, which are removed from the preview defaults:

  • multiple-imports-on-one-line (E401)
  • module-import-not-at-top-of-file (E402)
  • module-import-not-at-top-of-file (E701)
  • multiple-statements-on-one-line-semicolon (E702)
  • useless-semicolon (E703)
  • none-comparison (E711)
  • true-false-comparison (E712)
  • not-in-test (E713)
  • not-is-test (E714)
  • type-comparison (E721)
  • lambda-assignment (E731)
  • ambiguous-variable-name (E741)
  • ambiguous-class-name (E742)
  • ambiguous-function-name (E743)
  • undefined-local-with-import-star (F403)
  • undefined-local-with-import-star-usage (F405)
  • undefined-local-with-nested-import-star-usage (F406)
  • forward-annotation-syntax-error (F722)

  If you use preview and prefer the old defaults, you can restore them with configuration like:

  # ruff.toml
  [lint]
  select = ["E4", "E7", "E9", "F"]
  pyproject.toml
  [tool.ruff.lint]
  select = ["E4", "E7", "E9", "F"]

  If you do give them a try, feel free to share your feedback in the GitHub discussion!

... (truncated)

Commits

• 9d18ee9 Hard code workflow name and cancel-in-progress only for PRs (#23431)
• 7cc15f0 Bump 0.15.2 (#23430)
• d1b5443 Add extension mapping to configuration file options (#23384)
• 222574a Expand the default rule set (#23385)
• 1465b5d [flake8-async] Fix in_async_context logic (#23426)
• 410902f [pyupgrade] Fix handling of typing.{io,re} (UP035) (#23131)
• 729610a [ty] Fall back to ambiguous for large control flow graphs (#23399)
• 1425c18 [ty] Add code folding support
• 97acaae [ty] Fix stack overflow for self-referential TypeOf in annotations (#23407)
• 1f380c8 [ty] Update tests reveal_type and Never (#23418)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions