Bump the python-packages group with 6 updates

[dependabot]

Bumps the python-packages group with 6 updates:

Package	From	To
greenlet	3.3.2	3.4.0
uvicorn	0.42.0	0.44.0
faker	40.12.0	40.13.0
respx	0.22.0	0.23.1
gevent	25.9.1	26.4.0
ruff	0.15.9	0.15.10

Updates greenlet from 3.3.2 to 3.4.0

Changelog

Sourced from greenlet's changelog.

3.4.0 (2026-04-08)

• Publish binary wheels for RiscV 64.

• Fix multiple rare crash paths during interpreter shutdown.

  Note that this now relies on the atexit module, and introduces subtle API changes during interpreter shutdown (for example, getcurrent is no longer available once the atexit callback fires).

  See PR [#499](https://github.com/python-greenlet/greenlet/issues/499) <https://github.com/python-greenlet/greenlet/pull/499>_ by Nicolas Bouvrette.

• Address the results of an automated code audit performed by Daniel Diniz. This includes several minor correctness changes that theoretically could have been crashing bugs, but typically only in very rare circumstances.

  See PR 502 <https://github.com/python-greenlet/greenlet/pull/502>_.

• Fix several race conditions that could arise in free-threaded builds when using greenlet objects from multiple threads, some of which could lead to assertion failures or interpreter crashes.

  See issue 503 <https://github.com/python-greenlet/greenlet/issues/503>_, with thanks to Nitay Dariel and Daniel Diniz.

Commits

• df6734e Preparing release 3.4.0
• 0f86075 Merge pull request #504 from python-greenlet/freethreading-fixes
• 4596574 TLBC: crash appears to still happen on CI 3.14t ubuntu. Re-enable workaround.
• 2f4a1cf Make green_switch (python level greenlet.switch) and green_throw check for (p...
• a0c2a2a Fix unused variable warning when asserts are disabled.
• 8688581 gcc was complaining about an incomplete std::atomic type. make sure we includ...
• 449c760 Make MainGreenlet._thread_state atomic; we use it for cross thread checking a...
• f840e00 Add critical sections to greenlet attribute accessors.
• 6b281d3 test_contextvars: No need for the fallback case where contextvars isn't avail...
• f52615a Merge pull request #502 from python-greenlet/devdanzin-audit
• Additional commits viewable in compare view

Updates uvicorn from 0.42.0 to 0.44.0

Release notes

Sourced from uvicorn's releases.

Version 0.44.0

What's Changed

• Implement websocket keepalive pings for websockets-sansio by @​Kludex in Kludex/uvicorn#2888

Full Changelog: Kludex/uvicorn@0.43.0...0.44.0

Version 0.43.0

Changed

• Emit http.disconnect ASGI receive() event on server shutting down for streaming responses (#2829)
• Use native context parameter for create_task on Python 3.11+ (#2859)
• Drop cast in ASGI types (#2875)

---

Full Changelog: Kludex/uvicorn@0.42.0...0.43.0

Changelog

Sourced from uvicorn's changelog.

0.44.0 (April 6, 2026)

Added

• Implement websocket keepalive pings for websockets-sansio (#2888)

0.43.0 (April 3, 2026)

You can quit Uvicorn now. We heard you, @​pamelafox - all 47 of your Ctrl+C's (thanks for flagging it, and thanks to @​tiangolo for the fix 🙏). See the tweet.

Changed

• Emit http.disconnect ASGI receive() event on server shutting down for streaming responses (#2829)
• Use native context parameter for create_task on Python 3.11+ (#2859)
• Drop cast in ASGI types (#2875)

Commits

• edb54c4 Version 0.44.0 (#2890)
• 029be08 Implement websocket keepalive pings for websockets-sansio (#2888)
• 8d397c7 Version 0.43.0 (#2885)
• 587042d 🐛 Emit http.disconnect ASGI receive() event on server shutting down for s...
• c9a75fb chore(deps): bump the github-actions group with 3 updates (#2878)
• 84fd578 chore(deps): bump pygments from 2.19.2 to 2.20.0 (#2877)
• cd52d34 Use native context parameter for create_task on Python 3.11+ (#2859)
• 5211880 Drop cast in ASGI types (#2875)
• 1cb8e74 Add websocket 500 fallback header test (#2874)
• 28efbb2 chore(deps-dev): bump cryptography from 46.0.5 to 46.0.6 (#2873)
• Additional commits viewable in compare view

Updates faker from 40.12.0 to 40.13.0

Release notes

Sourced from faker's releases.

Release v40.13.0

See CHANGELOG.md.

Changelog

Sourced from faker's changelog.

v40.13.0 - 2026-04-06

• Fix: Ensure deterministic locale selection in multi-locale mode. Thanks @​just6660 and @​patakk.

Commits

• adb7c1a Bump version: 40.12.0 → 40.13.0
• eedde76 📝 Update CHANGELOG.md
• 6fa5e28 Follow-up to #2287: Add requested tests (#2358)
• ce98d84 Fix: Ensure deterministic locale selection in multi-locale mode (#2287)
• See full diff in compare view

Updates respx from 0.22.0 to 0.23.1

Release notes

Sourced from respx's releases.

Version 0.23.1

0.23.1 (8th April 2026)

Fixed

• Fix regression causing params pattern to stop working under some conditions, by doing a strict detection of ANY in multi items patterns (#313)

CI

• Update workflows actions (#310)

Version 0.23.0

0.23.0 (7th April 2026)

Fixed

• Fix data pattern with list value (#264)
• Fix and enhance incorrect documentations about iterable side effects (#287)
• Fix documentation typo, thanks @​markhobson (#298)
• Fix support for multiple slashes // in URL path by not using urljoin when prepending path, thanks @​lewiscollard and @​Skeen (#302)
• Type Route.respond json as Any to align with HTTPX, thanks @​JacobHayes (#284)
• Properly handle ANY in MuitiItems patterns (#289)

CI

• Fix test warnings (#267)
• Add Python 3.14 to test matrix, thanks @​carlosdorneles-mb (#300)
• Update nix flake, mypy target and workflows (#306, #282)

Changelog

Sourced from respx's changelog.

[0.23.1] - 2026-04-08

Fixed

• Fix regression causing params pattern to stop working under some conditions, by doing a strict detection of ANY in multi items patterns (#313)

CI

• Update workflows actions (#310)

[0.23.0] - 2026-04-07

Fixed

• Fix data pattern with list value (#264)
• Fix and enhance incorrect documentations about iterable side effects (#287)
• Fix documentation typo, thanks @​markhobson (#298)
• Fix support for multiple slashes // in URL path by not using urljoin when prepending path, thanks @​lewiscollard and @​Skeen (#302)
• Type Route.respond json as Any to align with HTTPX, thanks @​JacobHayes (#284)
• Properly handle ANY in MuitiItems patterns (#289)

CI

• Fix test warnings (#267)
• Add Python 3.14 to test matrix, thanks @​carlosdorneles-mb (#300)
• Update nix flake, mypy target and workflows (#306, #282)

Commits

• fc8b43b Release 0.23.1
• 1da5d2f Strict detection of ANY in multi items patterns (#313)
• 6f1bf70 Bump checkout and python actions (#310)
• 62aaeab Release 0.23.0
• d8edf3d Adjust badges
• b3a193d Add downloads badge to docs
• 9961e9b Handle multiple routes using MuitiItems pattern with ANY (#289)
• e51c2a6 Update Route.respond json type hint to Any to match HTTPX (#284)
• a499260 Bump less-action/reusables from 8 to 10 (#282)
• 7b44b51 Update nix flake and mypy target (#306)
• Additional commits viewable in compare view

Updates gevent from 25.9.1 to 26.4.0

Commits

• 2a096a9 Preparing release 26.4.0
• e80421d Merge pull request #2171 from gevent/ci-py-ver-updates
• 6cfa49b test__ssl.py: PROTOCOL_TLS deprecation fix
• e2ec5eb Fix deprecations about use of SSLContext without setting a protocol.
• 3890402 lint
• 26b5b7f psutil 6 deprecated .connections, use replacement .net_connections
• cbbd53e Clean up some warnings from leakcheck.
• 3840706 test__util is getting extra greenlets when combined with test__threadpool on ...
• 408aeeb test__select: libuv on recent versions of Python isn't producing the OSError ...
• 6b6ee4e Update python versions tested in CI.
• Additional commits viewable in compare view

Updates ruff from 0.15.9 to 0.15.10

Release notes

Sourced from ruff's releases.

0.15.10

Release Notes

Released on 2026-04-09.

Preview features

• [flake8-logging] Allow closures in except handlers (LOG004) (#24464)
• [flake8-self] Make SLF diagnostics robust to non-self-named variables (#24281)
• [flake8-simplify] Make the fix for collapsible-if safe in preview (SIM102) (#24371)

Bug fixes

• Avoid emitting multi-line f-string elements before Python 3.12 (#24377)
• Avoid syntax error from E502 fixes in f-strings and t-strings (#24410)
• Strip form feeds from indent passed to dedent_to (#24381)
• [pyupgrade] Fix panic caused by handling of octals (UP012) (#24390)
• Reject multi-line f-string elements before Python 3.12 (#24355)

Rule changes

• [ruff] Treat f-string interpolation as potential side effect (RUF019) (#24426)

Server

• Add support for custom file extensions (#24463)

Documentation

• Document adding fixes in CONTRIBUTING.md (#24393)
• Fix JSON typo in settings example (#24517)

Contributors

• @​charliermarsh
• @​dylwil3
• @​silverstein
• @​anishgirianish
• @​shizukushq
• @​zanieb
• @​AlexWaygood

Install ruff 0.15.10

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/ruff/releases/download/0.15.10/ruff-installer.sh | sh

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.10

Released on 2026-04-09.

Preview features

• [flake8-logging] Allow closures in except handlers (LOG004) (#24464)
• [flake8-self] Make SLF diagnostics robust to non-self-named variables (#24281)
• [flake8-simplify] Make the fix for collapsible-if safe in preview (SIM102) (#24371)

Bug fixes

• Avoid emitting multi-line f-string elements before Python 3.12 (#24377)
• Avoid syntax error from E502 fixes in f-strings and t-strings (#24410)
• Strip form feeds from indent passed to dedent_to (#24381)
• [pyupgrade] Fix panic caused by handling of octals (UP012) (#24390)
• Reject multi-line f-string elements before Python 3.12 (#24355)

Rule changes

• [ruff] Treat f-string interpolation as potential side effect (RUF019) (#24426)

Server

• Add support for custom file extensions (#24463)

Documentation

• Document adding fixes in CONTRIBUTING.md (#24393)
• Fix JSON typo in settings example (#24517)

Contributors

• @​charliermarsh
• @​dylwil3
• @​silverstein
• @​anishgirianish
• @​shizukushq
• @​zanieb
• @​AlexWaygood

Commits

• 252f761 Bump 0.15.10 (#24519)
• 37a1ec8 [ty] Fix assignability of intersections with bounded typevars (#24502)
• f518cc9 [ty] Allow partially stringified type[…] annotations (#24518)
• 16c4090 docs: fix JSON typo in settings example (#24517)
• 99d97bd [ty] Tighten up a few edge cases in Concatenate type-expression parsing (#2...
• 2714e34 [ty] Enable pull-diagnostics by default in E2E tests (#24516)
• d8bc700 LSP: Add support for custom extensions (#24463)
• a45f96d [ty] stop special-casing str constructor (#24514)
• 87a0f01 [ruff] Treat f-string interpolation as potential side effect in RUF019 (#24426)
• e9ba848 [ty] Fix excess subscript argument inference for non-generic types (#24354)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Coverage Report •

File	Stmts	Miss	Branch	BrPart	Cover	Missing
TOTAL	7995	995	1260	221	87%

report-only-changed-files is enabled. No files were changed during this commit :)