build(deps): bump the minor-and-patch group with 13 updates

[dependabot]

Bumps the minor-and-patch group with 13 updates:

Package	From	To
click	8.1.7	8.1.8
deepdiff	8.0.1	8.1.1
mypy	1.13.0	1.14.0
pyupgrade	3.19.0	3.19.1
safety	3.2.13	3.2.14
authlib	1.3.2	1.4.0
filelock	3.12.4	3.16.1
jinja2	3.1.4	3.1.5
marshmallow	3.23.1	3.23.2
numpy	2.2.0	2.2.1
orderly-set	5.2.2	5.2.3
psutil	6.0.0	6.1.1
urllib3	2.2.3	2.3.0

Updates click from 8.1.7 to 8.1.8

Release notes

Sourced from click's releases.

8.1.8

This is the Click 8.1.8 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/click/8.1.8/ Changes: https://click.palletsprojects.com/en/stable/changes/#version-8-1-8 Milestone https://github.com/pallets/click/milestones/23?closed=1

• Fix an issue with type hints for click.open_file(). #2717
• Fix issue where error message for invalid click.Path displays on multiple lines. #2697
• Fixed issue that prevented a default value of "" from being displayed in the help for an option. #2500
• The test runner handles stripping color consistently on Windows. #2705
• Show correct value for flag default when using default_map. #2632
• Fix click.echo(color=...) passing color to coloroma so it can be forced on Windows. #2606.
• More robust bash version check, fixing problem on Windows with git-bash. #2638
• Cache the help option generated by the help_option_names setting to respect its eagerness. #2811
• Replace uses of os.system with subprocess.Popen. #1476
• Exceptions generated during a command will use the context's color setting when being displayed. #2193
• Error message when defining option with invalid name is more descriptive. #2452
• Refactor code generating default --help option to deduplicate code. #2563
• Test CLIRunner resets patched _compat.should_strip_ansi. #2732

Changelog

Sourced from click's changelog.

Version 8.1.8

Unreleased

• Fix an issue with type hints for click.open_file(). :issue:2717
• Fix issue where error message for invalid click.Path displays on multiple lines. :issue:2697
• Fixed issue that prevented a default value of "" from being displayed in the help for an option. :issue:2500
• The test runner handles stripping color consistently on Windows. :issue:2705
• Show correct value for flag default when using default_map. :issue:2632
• Fix click.echo(color=...) passing color to coloroma so it can be forced on Windows. :issue:2606.

Commits

• 934813e release version 8.1.8
• c23223b Add links to third-party projects enhancing Click (#2815)
• 822d4fd Add links to third-party projects
• 8e7bed0 Break up arguments section (#2586)
• 3241541 Remove some typing hints.
• bed0377 remove test pypi
• 6534590 update dev dependencies
• b1e392e fix typos
• fdc6b02 Fix missing reset in isolation function (#2733)
• ffd43e9 Fixed missing reset on _compat.should_strip_ansi.
• Additional commits viewable in compare view

Updates deepdiff from 8.0.1 to 8.1.1

Release notes

Sourced from deepdiff's releases.

8.1.1

Adding Python 3.13 to setup.py

8.1.0

• Removing deprecated lines from setup.py
• Added prefix option to pretty()
• Fixes hashing of numpy boolean values.
• Fixes slots comparison when the attribute doesn't exist.
• Relaxing orderly-set reqs
• Added Python 3.13 support
• Only lower if clean_key is instance of str #504
• Fixes issue where the key deep_distance is not returned when both compared items are equal #510
• Fixes exclude_paths fails to work in certain cases
• exclude_paths fails to work #509
• Fixes to_json() method chokes on standard json.dumps() kwargs such as sort_keys
• to_dict() method chokes on standard json.dumps() kwargs #490
• Fixes accessing the affected_root_keys property on the diff object returned by DeepDiff fails when one of the dicts is empty
• Fixes accessing the affected_root_keys property on the diff object returned by DeepDiff fails when one of the dicts is empty #508

Commits

• c718369 Bump version: 8.1.0 → 8.1.1
• 189633a adding py 3.13 to setup.py
• e7d10fe updating docs
• d8b3e2b fixing docs
• c6f6ad0 adding setuptools to dev reqs
• 34f4f37 Bump version: 8.0.1 → 8.1.0
• 9c8968f Merge pull request #483 from seperman/dev
• d2d3806 fixing types to be compatible for python 3.8
• 737bb5a updating docs
• c464e04 fixes accessing the affected_root_keys property on the diff object returned b...
• Additional commits viewable in compare view

Updates mypy from 1.13.0 to 1.14.0

Changelog

Sourced from mypy's changelog.

Mypy Release Notes

Next release

...

Mypy 1.14

We’ve just uploaded mypy 1.14 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features and bug fixes. You can install it as follows:

python3 -m pip install -U mypy

You can read the full documentation for this release on Read the Docs.

Change to Enum Membership Semantics

As per the updated typing specification for enums, enum members must be left unannotated.

class Pet(Enum):
    CAT = 1  # Member attribute
    DOG = 2  # Member attribute
# New error: Enum members must be left unannotated
WOLF: int = 3
species: str  # Considered a non-member attribute

In particular, the specification change can result in issues in type stubs (.pyi files), since historically it was common to leave the value absent:

# In a type stub (.pyi file)
class Pet(Enum):
# Change in semantics: previously considered members,
# now non-member attributes
CAT: int
DOG: int
# Mypy will now issue a warning if it detects this
# situation in type stubs:
# > Detected enum "Pet" in a type stub with zero
# > members. There is a chance this is due to a recent
# > change in the semantics of enum membership. If so,
# > use `member = value` to mark an enum member,

</tr></table>

... (truncated)

Commits

• 6f37859 Remove +dev from version for release 1.14
• 5a6a754 Minor updates to 1.14 changelog (#18310)
• 9772d48 Update changelog for release 1.14 (#18301)
• 92473c8 Warn about --follow-untyped-imports (#18249)
• e6ce8be PEP 702 (@​deprecated): descriptors (#18090)
• 5082a22 [mypyc] Document optimized bytes ops and additional str ops (#18242)
• ee19ea7 [mypyc] Add primitives and specialization for ord() (#18240)
• cc45bec [mypyc] Make exception type check in assertRaises test helper precise (#18241)
• f51090d Make "deprecated" Note a standard Error, disabled by default (#18192)
• 242873a Implement flag to allow typechecking of untyped modules (#17712)
• Additional commits viewable in compare view

Updates pyupgrade from 3.19.0 to 3.19.1

Commits

• ce40a16 v3.19.1
• 2f55fde Merge pull request #994 from asottile/fstring-find-call
• 832a3a0 fix search for .encode(...) call with 3.12+ f-string tokens
• 7dc1fb3 Merge pull request #993 from asottile/upgrade-gha
• 3f8ae67 upgrade gha
• 67705a4 Merge pull request #992 from asottile/typo-module-name
• b36f0ad fix typo in module name
• ead7440 Merge pull request #985 from asottile/pre-commit-ci-update-config
• 8f6385c [pre-commit.ci] pre-commit autoupdate
• dea830d Merge pull request #974 from asottile/pre-commit-ci-update-config
• Additional commits viewable in compare view

Updates safety from 3.2.13 to 3.2.14

Changelog

Sourced from safety's changelog.

[3.2.14] - 2024-12-20

• Add fun-mode (#649)
• Package version upgrade for psutil and filelock (#652)
• Package version upgrade for typer (#654)
• Package version upgrade for pydantic (#655)
• Add "--use-server-matching" arguement (#640)
• Bugfix for safety "NoneType is not iterable" error (#657)

Commits

• 9d3acde Merge pull request #659 from pyupio/chore/update-version
• b946758 chore/release-version-3.2.14
• 0286ec6 feat/add dev team membership for contributor action
• 433edbe Addressed review feedback
• 97f457b Fix for NoneType is not iterable
• ee97021 fix/sync pydantic version with safety_schemas
• 3aa78a6 chore/set minimum version for typer and update
• c3ff352 chore/update filelock and psutil version
• 0f1e147 feature/workflow checks if contributor is a collaborator
• cbea8fc feature/workflow_dispatch to test contributors code
• Additional commits viewable in compare view

Updates authlib from 1.3.2 to 1.4.0

Changelog

Sourced from authlib's changelog.

Version 1.4.0

Released on Dec 20, 2024

• Fix id_token decoding when kid is null. :pr:659
• Support for Python 3.13. :pr:682
• Force login if the prompt parameter value is login. :pr:637
• Support for httpx 0.28, :pr:695

Breaking changes:

• Stop support for Python 3.8. :pr:682

Commits

• eb34edf chore: release 1.4.0
• bc55003 Merge pull request #695 from MeggyCal/master
• 1d10ff3 Support httpx 0.28
• 27fb1fd docs: remove starlette.config.Config from docs via #612
• 5a0ca3c Updated notes on using a cache instance when initializing OAuth. (#693)
• fbdbbd6 Merge pull request #691 from iSOLveIT/master
• d36dc38 Fixed typos and grammatical errors in the flask_client docs.
• 639ca66 doc: changelog for contributions since version 1.3.2
• 858f7d9 Merge pull request #637 from frankie567/fix/oidc-guess-prompt
• 1cba980 doc: improve RFC9068 examples in documentation
• Additional commits viewable in compare view

Updates filelock from 3.12.4 to 3.16.1

Release notes

Sourced from filelock's releases.

3.16.1

What's Changed

• CI improvements by @​gaborbernat in tox-dev/filelock#362

Full Changelog: tox-dev/filelock@3.16.0...3.16.1

3.16.0

What's Changed

• Test Python 3.13 by @​hugovk in tox-dev/filelock#352
• Add 3.13 to CI by @​gaborbernat in tox-dev/filelock#359

Full Changelog: tox-dev/filelock@3.15.4...3.16.0

3.15.4

What's Changed

• Pass file_lock as positional argument by @​kwist-sgr in tox-dev/filelock#347

Full Changelog: tox-dev/filelock@3.15.3...3.15.4

3.15.3

What's Changed

• Add test for virtualenv stability by @​gaborbernat in tox-dev/filelock#344
• Fix TypeError: _CountedFileLock.__init__() got an unexpected keyword argument 'timeout' by @​kwist-sgr in tox-dev/filelock#345

Full Changelog: tox-dev/filelock@3.15.2...3.15.3

3.15.2

What's Changed

• Use a metaclass to implement the singleton pattern by @​kwist-sgr in tox-dev/filelock#340

New Contributors

• @​kwist-sgr made their first contribution in tox-dev/filelock#340

Full Changelog: tox-dev/filelock@3.15.1...3.15.2

3.15.1

... (truncated)

Commits

• c2c43e4 CI improvements (#362)
• 4e98731 [pre-commit.ci] pre-commit autoupdate (#361)
• e6865be [pre-commit.ci] pre-commit autoupdate (#360)
• 0acea4f Add 3.13 to CI (#359)
• 4dc2a8f Bump pypa/gh-action-pypi-publish from 1.9.0 to 1.10.1 (#356)
• 7397dd7 [pre-commit.ci] pre-commit autoupdate (#354)
• 067b651 Bump actions/download-artifact from 3 to 4.1.7 in /.github/workflows (#357)
• 85760d7 Test Python 3.13 (#352)
• 4104f3e [pre-commit.ci] pre-commit autoupdate (#348)
• 9a979df Pass file_lock as positional argument (#347)
• Additional commits viewable in compare view

Updates jinja2 from 3.1.4 to 3.1.5

Release notes

Sourced from jinja2's releases.

3.1.5

This is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/Jinja2/3.1.5/ Changes: https://jinja.palletsprojects.com/changes/#version-3-1-5 Milestone: https://github.com/pallets/jinja/milestone/16?closed=1

• The sandboxed environment handles indirect calls to str.format, such as by passing a stored reference to a filter that calls its argument. GHSA-q2x7-8rv6-6q7h
• Escape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. #1792, GHSA-gmj6-6f8f-6699
• Sandbox does not allow clear and pop on known mutable sequence types. #2032
• Calling sync render for an async template uses asyncio.run. #1952
• Avoid unclosed auto_aiter warnings. #1960
• Return an aclose-able AsyncGenerator from Template.generate_async. #1960
• Avoid leaving root_render_func() unclosed in Template.generate_async. #1960
• Avoid leaving async generators unclosed in blocks, includes and extends. #1960
• The runtime uses the correct concat function for the current environment when calling block references. #1701
• Make |unique async-aware, allowing it to be used after another async-aware filter. #1781
• |int filter handles OverflowError from scientific notation. #1921
• Make compiling deterministic for tuple unpacking in a {% set ... %} call. #2021
• Fix dunder protocol (copy/pickle/etc) interaction with Undefined objects. #2025
• Fix copy/pickle support for the internal missing object. #2027
• Environment.overlay(enable_async) is applied correctly. #2061
• The error message from FileSystemLoader includes the paths that were searched. #1661
• PackageLoader shows a clearer error message when the package does not contain the templates directory. #1705
• Improve annotations for methods returning copies. #1880
• urlize does not add mailto: to values like @a@b. #1870
• Tests decorated with @pass_context can be used with the |select filter. #1624
• Using set for multiple assignment (a, b = 1, 2) does not fail when the target is a namespace attribute. #1413
• Using set in all branches of {% if %}{% elif %}{% else %} blocks does not cause the variable to be considered initially undefined. #1253

Changelog

Sourced from jinja2's changelog.

Version 3.1.5

Released 2024-12-21

• The sandboxed environment handles indirect calls to str.format, such as by passing a stored reference to a filter that calls its argument. :ghsa:q2x7-8rv6-6q7h
• Escape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. :issue:1792, :ghsa:gmj6-6f8f-6699
• Sandbox does not allow clear and pop on known mutable sequence types. :issue:2032
• Calling sync render for an async template uses asyncio.run. :pr:1952
• Avoid unclosed auto_aiter warnings. :pr:1960
• Return an aclose-able AsyncGenerator from Template.generate_async. :pr:1960
• Avoid leaving root_render_func() unclosed in Template.generate_async. :pr:1960
• Avoid leaving async generators unclosed in blocks, includes and extends. :pr:1960
• The runtime uses the correct concat function for the current environment when calling block references. :issue:1701
• Make |unique async-aware, allowing it to be used after another async-aware filter. :issue:1781
• |int filter handles OverflowError from scientific notation. :issue:1921
• Make compiling deterministic for tuple unpacking in a {% set ... %} call. :issue:2021
• Fix dunder protocol (copy/pickle/etc) interaction with Undefined objects. :issue:2025
• Fix copy/pickle support for the internal missing object. :issue:2027
• Environment.overlay(enable_async) is applied correctly. :pr:2061
• The error message from FileSystemLoader includes the paths that were searched. :issue:1661
• PackageLoader shows a clearer error message when the package does not contain the templates directory. :issue:1705
• Improve annotations for methods returning copies. :pr:1880
• urlize does not add mailto: to values like @a@b. :pr:1870
• Tests decorated with @pass_context`` can be used with the ``|select`` filter. :issue:1624`
• Using set for multiple assignment (a, b = 1, 2) does not fail when the target is a namespace attribute. :issue:1413
• Using set in all branches of {% if %}{% elif %}{% else %} blocks does not cause the variable to be considered initially undefined. :issue:1253

Commits

• 877f6e5 release version 3.1.5
• 8d58859 remove test pypi
• eda8fe8 update dev dependencies
• c8fdce1 Fix bug involving calling set on a template parameter within all branches of ...
• 66587ce Fix bug where set would sometimes fail within if
• fbc3a69 Add support for namespaces in tuple parsing (#1664)
• b8f4831 more comments about nsref assignment
• ee83219 Add support for namespaces in tuple assignment
• 1d55cdd Triple quotes in docs (#2064)
• 8a8eafc edit block assignment section
• Additional commits viewable in compare view

Updates marshmallow from 3.23.1 to 3.23.2

Changelog

Sourced from marshmallow's changelog.

3.23.2 (2024-12-18)

---

Bug fixes:

• Improve type hint formatting for Field, Nested, and Function fields to resolve PyCharm warnings (:issue:2268). Thanks :user:Fares-Abubaker for reporting and fixing.

Commits

• 90931f0 Update changelog
• 19bc97b Improve type hint formatting for Field, Nested and Function fields to resolve...
• 6654eaf Remove Fern sponsor message
• 9716fc6 [pre-commit.ci] pre-commit autoupdate
• See full diff in compare view

Updates numpy from 2.2.0 to 2.2.1

Release notes

Sourced from numpy's releases.

2.2.1 (DEC 21, 2024)

NumPy 2.2.1 Release Notes

NumPy 2.2.1 is a patch release following 2.2.0. It fixes bugs found after the 2.2.0 release and has several maintenance pins to work around upstream changes.

There was some breakage in downstream projects following the 2.2.0 release due to updates to NumPy typing. Because of problems due to MyPy defects, we recommend using basedpyright for type checking, it can be installed from PyPI. The Pylance extension for Visual Studio Code is also based on Pyright. Problems that persist when using basedpyright should be reported as issues on the NumPy github site.

This release supports Python 3.10-3.13.

Contributors

A total of 9 people contributed to this release. People with a "+" by their names contributed a patch for the first time.

• Charles Harris
• Joren Hammudoglu
• Matti Picus
• Nathan Goldbaum
• Peter Hawkins
• Simon Altrogge
• Thomas A Caswell
• Warren Weckesser
• Yang Wang +

Pull requests merged

A total of 12 pull requests were merged for this release.

• #27935: MAINT: Prepare 2.2.x for further development
• #27950: TEST: cleanups
• #27958: BUG: fix use-after-free error in npy_hashtable.cpp (#27955)
• #27959: BLD: add missing include
• #27982: BUG:fix compile error libatomic link test to meson.build
• #27990: TYP: Fix falsely rejected value types in ndarray.__setitem__
• #27991: MAINT: Don't wrap #include <Python.h> with extern "C"
• #27993: BUG: Fix segfault in stringdtype lexsort
• #28006: MAINT: random: Tweak module code in mtrand.pyx to fix a Cython...
• #28007: BUG: Cython API was missing NPY_UINTP.
• #28021: CI: pin scipy-doctest to 1.5.1
• #28044: TYP: allow None in operand sequence of nditer

Checksums

... (truncated)

Commits

• 7469245 Merge pull request #28047 from charris/prepare-2.2.1
• acb051e REL: Prepare for the NumPy 2.2.1 release [wheel build]
• 28a091a Merge pull request #28044 from charris/backport-28039
• 723605b TST: Add test for allowing None in operand sequence passed to nditer
• 554739e TYP: allow None in operand sequence of nditer
• 31bc4c8 Merge pull request #28021 from charris/backport-28020
• 32f52a3 CI: pin scipy-doctest to 1.5.1 (#28020)
• 6219aeb Merge pull request #28007 from charris/backport-28005
• eb7071c Merge pull request #28006 from charris/backport-28003
• 4f82c32 BUG: Cython API was missing NPY_UINTP.
• Additional commits viewable in compare view

Updates orderly-set from 5.2.2 to 5.2.3

Commits

• See full diff in compare view

Updates psutil from 6.0.0 to 6.1.1

Changelog

Sourced from psutil's changelog.

6.1.1

2024-12-19

Enhancements

• 2471_: use Vulture CLI tool to detect dead code.

Bug fixes

• 2418_, [Linux]: fix race condition in case /proc/PID/stat does not exist, but /proc/PID does, resulting in FileNotFoundError.
• 2470_, [Linux]: users()_ may return "localhost" instead of the actual IP address of the user logged in.

6.1.0

2024-10-17

Enhancements

• 2366_, [Windows]: drastically speedup process_iter(). We now determine process unique identity by using process "fast" create time method. This will considerably speedup those apps which use process_iter() only once, e.g. to look for a process with a certain name.
• 2446_: use pytest instead of unittest.
• 2448_: add make install-sysdeps target to install the necessary system dependencies (python-dev, gcc, etc.) on all supported UNIX flavors.
• 2449_: add make install-pydeps-test and make install-pydeps-dev targets. They can be used to install dependencies meant for running tests and for local development. They can also be installed via pip install .[test] and pip install .[dev].
• 2456_: allow to run tests via python3 -m psutil.tests even if pytest module is not installed. This is useful for production environments that don't have pytest installed, but still want to be able to test psutil installation.

Bug fixes

• 2427_: psutil (segfault) on import in the free-threaded (no GIL) version of Python 3.13. (patch by Sam Gross)
• 2455_, [Linux]: IndexError may occur when reading /proc/pid/stat and field 40 (blkio_ticks) is missing.
• 2457_, [AIX]: significantly improve the speed of Process.open_files()_ for some edge cases.
• 2460_, [OpenBSD]: Process.num_fds()_ and Process.open_files()_ may fail with NoSuchProcess_ for PID 0. Instead, we now return "null" values (0 and [] respectively).

Commits

• 58552f6 Merge branch 'master' of github.com:giampaolo/psutil
• 4ba6ad0 ruff: enable PLR5501 (Use elif instead of else then if, to reduce inden...
• 1a63407 use a set literal when testing for membership
• 8162905 disable flafy test + pre-release
• 1f3458b try to fix some flaky tests 2
• c0e1eb1 try to fix some flaky tests 2
• 45934bb try to fix some flaky tests
• 560c524 chore: bump cibuildwheel to 2.22.0, move to macos-13 (#2479)
• b5ea67e fix winmake.py test-parallel
• 13a336b fix #2418 / Linux: fix race condition
• Additional commits viewable in compare view

Updates urllib3 from 2.2.3 to 2.3.0

Release notes

Sourced from urllib3's releases.

2.3.0

🚀 urllib3 is fundraising for HTTP/2 support

urllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support for 2023. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects please consider contributing financially to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.

Thank you for your support.

Features

• Added HTTPResponse.shutdown() to stop any ongoing or future reads for a specific response. It calls shutdown(SHUT_RD) on the underlying socket. This feature was sponsored by LaunchDarkly. (urllib3/urllib3#2868)
• Added support for JavaScript Promise Integration on Emscripten. This enables more efficient WebAssembly requests and streaming, and makes it possible to use in Node.js if you launch it as node --experimental-wasm-stack-switching. (urllib3/urllib3#3400)
• Added the proxy_is_tunneling property to HTTPConnection and HTTPSConnection. (urllib3/urllib3#3285)
• Added pickling support to NewConnectionError and NameResolutionError. (urllib3/urllib3#3480)

Bugfixes

• Fixed an issue in debug logs where the HTTP version was rendering as "HTTP/11" instead of "HTTP/1.1". (urllib3/urllib3#3489)

Deprecations and Removals

• Removed support for Python 3.8. (urllib3/urllib3#3492)

Full Changelog: urllib3/urllib3@2.2.3...2.3.0

Changelog

Sourced from urllib3's changelog.

2.3.0 (2024-12-22)

Features

• Added HTTPResponse.shutdown() to stop any ongoing or future reads for a specific response. It calls shutdown(SHUT_RD) on the underlying socket. This feature was sponsored by LaunchDarkly <https://opencollective.com/urllib3/contributions/815307>. ([#2868](https://github.com/urllib3/urllib3/issues/2868) <https://github.com/urllib3/urllib3/issues/2868>)
• Added support for JavaScript Promise Integration on Emscripten. This enables more efficient WebAssembly requests and streaming, and makes it possible to use in Node.js if you launch it as node --experimental-wasm-stack-switching. ([#3400](https://github.com/urllib3/urllib3/issues/3400) <https://github.com/urllib3/urllib3/issues/3400>__)
• Added the proxy_is_tunneling property to HTTPConnection and HTTPSConnection. ([#3285](https://github.com/urllib3/urllib3/issues/3285) <https://github.com/urllib3/urllib3/issues/3285>__)
• Added pickling support to NewConnectionError and NameResolutionError. ([#3480](https://github.com/urllib3/urllib3/issues/3480) <https://github.com/urllib3/urllib3/issues/3480>__)

Bugfixes

• Fixed an issue in debug logs where the HTTP version was rendering as "HTTP/11" instead of "HTTP/1.1". ([#3489](https://github.com/urllib3/urllib3/issues/3489) <https://github.com/urllib3/urllib3/issues/3489>__)

Deprecations and Removals

• Removed support for Python 3.8. ([#3492](https://github.com/urllib3/urllib3/issues/3492) <https://github.com/urllib3/urllib3/issues/3492>__)

Commits

• 2f68c53 Release 2.3.0
• f7bcf69 Add HTTPResponse.shutdown() to stop blocking reads (#3527)
• e942249 Update .readthedocs.yml addressing a deprecation (#3534)
• 905549d Upgrade Python pre-commit tools (#3529)
• 716d834 Fix PyPI publish with Core metadata 2.4 (#3531)
• 7ab935c Address zizmor issues
• 181357e Bump Quart to fix CI (#3524)
• 0e7e0df Start testing with Python 3.14
• d67d09b Bump mypy version
• 20032ec Drop unneeded dependency pins and a warning filter
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions