chore(deps): bump the python-dependencies group across 1 directory with 15 updates

[dependabot]

Updates the requirements on httpx, pydantic, pydantic-settings, email-validator, pytest, pytest-asyncio, pytest-cov, pytest-httpx, python-dotenv, ruff, mypy, datamodel-code-generator, mkdocs, mkdocs-material and mkdocstrings to permit the latest version.
Updates httpx to 0.28.1

Release notes

Sourced from httpx's releases.

Version 0.28.1

0.28.1 (6th December, 2024)

• Fix SSL case where verify=False together with client side certificates.

Changelog

Sourced from httpx's changelog.

0.28.1 (6th December, 2024)

• Fix SSL case where verify=False together with client side certificates.

0.28.0 (28th November, 2024)

Be aware that the default JSON request bodies now use a more compact representation. This is generally considered a prefered style, tho may require updates to test suites.

The 0.28 release includes a limited set of deprecations...

Deprecations:

We are working towards a simplified SSL configuration API.

For users of the standard verify=True or verify=False cases, or verify=<ssl_context> case this should require no changes. The following cases have been deprecated...

• The verify argument as a string argument is now deprecated and will raise warnings.
• The cert argument is now deprecated and will raise warnings.

Our revised SSL documentation covers how to implement the same behaviour with a more constrained API.

The following changes are also included:

• The deprecated proxies argument has now been removed.
• The deprecated app argument has now been removed.
• JSON request bodies use a compact representation. (#3363)
• Review URL percent escape sets, based on WHATWG spec. (#3371, #3373)
• Ensure certifi and httpcore are only imported if required. (#3377)
• Treat socks5h as a valid proxy scheme. (#3178)
• Cleanup Request() method signature in line with client.request() and httpx.request(). (#3378)
• Bugfix: When passing params={}, always strictly update rather than merge with an existing querystring. (#3364)

0.27.2 (27th August, 2024)

Fixed

• Reintroduced supposedly-private URLTypes shortcut. (#2673)

0.27.1 (27th August, 2024)

Added

• Support for zstd content decoding using the python zstandard package is added. Installable using httpx[zstd]. (#3139)

Fixed

• Improved error messaging for InvalidURL exceptions. (#3250)
• Fix app type signature in ASGITransport. (#3109)

0.27.0 (21st February, 2024)

... (truncated)

Commits

• 26d48e0 Version 0.28.1 (#3445)
• 89599a9 Fix verify=False, cert=... case. (#3442)
• 8ecb86f Add test for request params behavior changes (#3364) (#3440)
• 0cb7e5a Bump the python-packages group with 11 updates (#3434)
• 15e21e9 Updating deprecated docstring Client() class (#3426)
• 80960fa Version 0.28.0. (#3419)
• a33c878 Fix extensions type annotation. (#3380)
• ce7e14d Error on verify as str. (#3418)
• 47f4a96 Handle empty zstd responses (#3412)
• 189fc4b Update CHANGELOG.md, fix typo(s) (#3406)
• Additional commits viewable in compare view

Updates pydantic to 2.13.3

Release notes

Sourced from pydantic's releases.

v2.13.3 2026-04-20

v2.13.3 (2026-04-20)

What's Changed

Fixes

• Handle AttributeError subclasses with from_attributes by @​Viicos in #13096

Full Changelog: pydantic/pydantic@v2.13.2...v2.13.3

Changelog

Sourced from pydantic's changelog.

v2.13.3 (2026-04-20)

GitHub release

What's Changed

Fixes

• Handle AttributeError subclasses with from_attributes by @​Viicos in #13096

v2.13.2 (2026-04-17)

GitHub release

What's Changed

Fixes

• Fix ValidationInfo.field_name missing with model_validate_json() by @​Viicos in #13084

v2.13.1 (2026-04-15)

GitHub release

What's Changed

Fixes

• Fix ValidationInfo.data missing with model_validate_json() by @​davidhewitt in #13079

v2.13.0 (2026-04-13)

GitHub release

The highlights of the v2.13 release are available in the blog post. Several minor changes (considered non-breaking changes according to our versioning policy) are also included in this release. Make sure to look into them before upgrading.

This release contains the updated pydantic.v1 namespace, matching version 1.10.26 which includes support for Python 3.14.

What's Changed

See the beta releases for all changes sinces 2.12.

New Features

• Allow default factories of private attributes to take validated model data by @​Viicos in #13013

Changes

... (truncated)

Commits

• 9e9a111 Fix backported test
• 1ec8c6a Prepare release v2.13.3
• fb4f204 Handle AttributeError subclasses with from_attributes
• ca3ddd1 Prepare release v2.13.2
• 000e823 Fix ValidationInfo.field_name missing with model_validate_json()
• d45d8be Prepare release 2.13.1
• 54aca60 Fix ValidationInfo.data missing with model_validate_json()
• 46bf4fa Fix Pydantic release workflow (#13067)
• 1b359ed Prepare release v2.13.0 (#13065)
• b1bf194 Fix model equality when using runtime extra configuration (#13062)
• Additional commits viewable in compare view

Updates pydantic-settings to 2.14.0

Release notes

Sourced from pydantic-settings's releases.

v2.14.0

What's Changed

• Fix parsing env vars into Optional Strict types by @​hramezani in pydantic/pydantic-settings#792
• Fix RecursionError with mutually recursive models in CLI by @​hramezani in pydantic/pydantic-settings#794
• Fix env_file from model_config ignored in CliApp.run() (#795) by @​hramezani in pydantic/pydantic-settings#796
• Update dependencies by @​hramezani in pydantic/pydantic-settings#798
• Add Dependabot configuration by @​hramezani in pydantic/pydantic-settings#801
• Bump samuelcolvin/check-python-version from 4.1 to 5 by @​dependabot[bot] in pydantic/pydantic-settings#802
• Bump actions/upload-artifact from 4 to 7 by @​dependabot[bot] in pydantic/pydantic-settings#803
• Bump actions/checkout from 4 to 6 by @​dependabot[bot] in pydantic/pydantic-settings#804
• Bump astral-sh/setup-uv from 5 to 7 by @​dependabot[bot] in pydantic/pydantic-settings#805
• Bump actions/setup-python from 5 to 6 by @​dependabot[bot] in pydantic/pydantic-settings#806
• Ignore chardet and group GitHub Actions in Dependabot by @​hramezani in pydantic/pydantic-settings#808
• Bump actions/download-artifact from 4 to 8 in the github-actions group by @​dependabot[bot] in pydantic/pydantic-settings#809
• Bump the python-packages group with 2 updates by @​dependabot[bot] in pydantic/pydantic-settings#810
• Support reading .env files from FIFOs (e.g. 1Password Environments) by @​JacobHayes in pydantic/pydantic-settings#776
• Fix AliasChoices ignored when changing provider priority by @​hramezani in pydantic/pydantic-settings#813
• fix: resolve KeyError in run_subcommand for underscore field names by @​bradykieffer in pydantic/pydantic-settings#799
• Bump the python-packages group with 3 updates by @​dependabot[bot] in pydantic/pydantic-settings#814
• Fix Literal[numeric Enum] coercion for CLI and env vars by @​m9810223 in pydantic/pydantic-settings#811
• Fix nested discriminated unions not discovered by env/CLI providers by @​hramezani in pydantic/pydantic-settings#816
• Bump the python-packages group with 3 updates by @​dependabot[bot] in pydantic/pydantic-settings#820
• CLI ensure env nested max split internally. by @​kschwab in pydantic/pydantic-settings#821
• Bump the python-packages group with 4 updates by @​dependabot[bot] in pydantic/pydantic-settings#824
• Migrate boto3-stubs to types-boto3 by @​hramezani in pydantic/pydantic-settings#831
• Fix CLI not recognizing field name with validate_by_name and AliasChoices by @​hramezani in pydantic/pydantic-settings#826
• Allow customisation of the dotevn setting source to filter variables by @​CaselIT in pydantic/pydantic-settings#832
• Bump the python-packages group with 3 updates by @​dependabot[bot] in pydantic/pydantic-settings#833
• Introduce yamlfmt by @​Viicos in pydantic/pydantic-settings#836
• Bump boto3 from 1.42.82 to 1.42.83 in the python-packages group by @​dependabot[bot] in pydantic/pydantic-settings#837
• Introduce zizmor by @​Viicos in pydantic/pydantic-settings#838
• Fix CliPositionalArg[list[CustomType]] crash for custom types by @​hramezani in pydantic/pydantic-settings#839
• Add note about Mypy plugin for BaseSettings.__init__() by @​Viicos in pydantic/pydantic-settings#842
• Fix cli_ignore_unknown_args=True not working on subcommands by @​hramezani in pydantic/pydantic-settings#844
• Bump the python-packages group with 4 updates by @​dependabot[bot] in pydantic/pydantic-settings#847
• Fix CLI descriptions lost under python -OO by falling back to json_schema_extra by @​hramezani in pydantic/pydantic-settings#843
• Prepare release 2.14.0 by @​hramezani in pydantic/pydantic-settings#848

New Contributors

• @​dependabot[bot] made their first contribution in pydantic/pydantic-settings#802
• @​JacobHayes made their first contribution in pydantic/pydantic-settings#776
• @​bradykieffer made their first contribution in pydantic/pydantic-settings#799
• @​CaselIT made their first contribution in pydantic/pydantic-settings#832

Full Changelog: pydantic/pydantic-settings@v2.13.1...v2.14.0

Commits

• 8916bee Prepare release 2.14.0 (#848)
• 39e551c Fix CLI descriptions lost under python -OO by falling back to `json_schema_...
• 9ed7f48 Bump the python-packages group with 4 updates (#847)
• 617c690 Fix cli_ignore_unknown_args=True not working on subcommands (#844)
• 577c05f Add note about Mypy plugin for BaseSettings.__init__() (#842)
• 2355bc5 Fix CliPositionalArg[list[CustomType]] crash for custom types (#839)
• 16bd6fd Introduce zizmor (#838)
• df8b239 Bump boto3 from 1.42.82 to 1.42.83 in the python-packages group (#837)
• c5401a2 Introduce yamlfmt (#836)
• 953e28e Bump the python-packages group with 3 updates (#833)
• Additional commits viewable in compare view

Updates email-validator to 2.3.0

Release notes

Sourced from email-validator's releases.

v2.3.0

• The package name is changed from using an underscore (email_validator) to a dash (email-validator) to match PyPi's normalized package name.
• The library no longer checks that the local part is at most 64 characters because a more careful reading of RFC 5321 indicates the limit is optional and such email addresses have been found in the wild. However the check can be restored using a new strict=True parameter, and the overall 254 character email address length limit is still in place.
• New EmailSyntaxError messages are used for some exiting syntax errors related to @-sign homoglyphs and invalid characters in internationalized domains.
• When using allow_display_name=True, display names are now returned with Unicode NFC normalization.
• TypeError is now raised if something other than str (or bytes) is passed as the email address.

Changelog

Sourced from email-validator's changelog.

2.3.0 (August 26, 2025)

• The package name is changed from using an underscore (email_validator) to a dash (email-validator) to match PyPi's normalized package name.
• The library no longer checks that the local part is at most 64 characters because a more careful reading of RFC 5321 indicates the limit is optional and such email addresses have been found in the wild. However the check can be restored using a new strict=True parameter, and the overall 254 character email address length limit is still in place.
• New EmailSyntaxError messages are used for some exiting syntax errors related to @-sign homoglyphs and invalid characters in internationalized domains.
• When using allow_display_name=True, display names are now returned with Unicode NFC normalization.
• TypeError is now raised if something other than str (or bytes) is passed as the email address.

2.2.0 (June 20, 2024)

• Email addresses with internationalized local parts could, with rare Unicode characters, be returned as valid but actually be invalid in their normalized form (returned in the normalized field). In particular, it is possible to get a normalized address with a ";" character, which is not valid and could change the interpretation of the address. Local parts now re-validated after Unicode NFC normalization to ensure that invalid characters cannot be injected into the normalized address and that characters with length-increasing NFC normalizations cannot cause a local part to exceed the maximum length after normalization. Thanks to khanh@calif.io from https://calif.io for reporting the issue.
• The length check for email addresses with internationalized local parts is now also applied to the original address string prior to Unicode NFC normalization, which may be longer and could exceed the maximum email address length, to protect callers who do not use the returned normalized address.
• Improved error message for IDNA domains that are too long or have invalid characters after Unicode normalization.
• A new option to parse My Name <address@domain> strings, i.e. a display name plus an email address in angle brackets, is now available. It is off by default.
• Improvements to Python typing.
• Some additional tests added.

2.1.2 (June 16, 2024)

• The domain name length limit is corrected from 255 to 253 IDNA ASCII characters. I misread the RFCs.
• When a domain name has no MX record but does have an A or AAAA record, if none of the IP addresses in the response are globally reachable (i.e. not Private-Use, Loopback, etc.), the response is treated as if there was no A/AAAA response and the email address will fail the deliverability check.
• When a domain name has no MX record but does have an A or AAAA record, the mx field in the object returned by validate_email incorrectly held the IP addresses rather than the domain itself.
• Fixes in tests.

2.1.1 (February 26, 2024)

• Fixed typo 'marking' instead of 'marketing' in case-insensitive mailbox name list.
• When DNS-based deliverability checks fail, in some cases exceptions are now thrown with raise ... from for better nested exception tracking.
• Fixed tests to work when no local resolver can be configured.
• This project is now licensed under the Unlicense (instead of CC0).
• Minor improvements to tests.
• Minor improvements to code style.

2.1.0 (October 22, 2023)

• Python 3.8+ is now required (support for Python 3.7 was dropped).
• The old email field on the returned ValidatedEmail object, which in the previous version was superseded by normalized, will now raise a deprecation warning if used. See https://stackoverflow.com/q/879173 for strategies to suppress the DeprecationWarning.
• A __version__ module attribute is added.
• The email address argument to validate_email is now marked as positional-only to better reflect the documented usage using the new Python 3.8 feature.

2.0.0 (April 15, 2023)

This is a major update to the library, but since email address specs haven't changed there should be no significant changes to which email addresses are considered valid or invalid with default options. There are new options for accepting unusual email addresses that were previously always rejected, some changes to how DNS errors are handled, many changes in error message text, and major internal improvements including the addition of type annotations. Python 3.7+ is now required. Details follow:

... (truncated)

Commits

• 030a63a Version 2.3.0
• e943a0f Raise TypeError when an invalid argument is passed for email, closes #155
• f90d256 Remove local part length check unless new strict flag is given, fixes #158
• 98800ba Add explicit checks for internationalized domain name characters invalid unde...
• 936aead Fix final syntax checks on normalized internationalized domains checking the ...
• 8043de4 NFC-normalize display names per UTS #39
• bc08faa Add one-off error messages for full-width-at and small-commercial-at which ar...
• a1c90ab Split exceptions_types.py into exceptions.py and types.py
• dbcf07c Change package name from using underscore to dash to match PyPi normalized pa...
• 7c22208 Support ALLOW_DISPLAY_NAME and ALLOW_EMPTY_LOCAL in the CLI (#145)
• Additional commits viewable in compare view

Updates pytest to 9.0.3

Release notes

Sourced from pytest's releases.

9.0.3

pytest 9.0.3 (2026-04-07)

Bug fixes

• #12444: Fixed pytest.approx which now correctly takes into account ~collections.abc.Mapping keys order to compare them.

• #13634: Blocking a conftest.py file using the -p no: option is now explicitly disallowed.

  Previously this resulted in an internal assertion failure during plugin loading.

  Pytest now raises a clear UsageError explaining that conftest files are not plugins and cannot be disabled via -p.

• #13734: Fixed crash when a test raises an exceptiongroup with __tracebackhide__ = True.

• #14195: Fixed an issue where non-string messages passed to unittest.TestCase.subTest() were not printed.

• #14343: Fixed use of insecure temporary directory (CVE-2025-71176).

Improved documentation

• #13388: Clarified documentation for -p vs PYTEST_PLUGINS plugin loading and fixed an incorrect -p example.
• #13731: Clarified that capture fixtures (e.g. capsys and capfd) take precedence over the -s / --capture=no command-line options in Accessing captured output from a test function <accessing-captured-output>.
• #14088: Clarified that the default pytest_collection hook sets session.items before it calls pytest_collection_finish, not after.
• #14255: TOML integer log levels must be quoted: Updating reference documentation.

Contributor-facing changes

• #12689: The test reports are now published to Codecov from GitHub Actions. The test statistics is visible on the web interface.

  -- by aleguy02

Commits

• a7d58d7 Prepare release version 9.0.3
• 089d981 Merge pull request #14366 from bluetech/revert-14193-backport
• 8127eaf Revert "Fix: assertrepr_compare respects dict insertion order (#14050) (#14193)"
• 99a7e60 Merge pull request #14363 from pytest-dev/patchback/backports/9.0.x/95d8423bd...
• ddee02a Merge pull request #14343 from bluetech/cve-2025-71176-simple
• 74eac69 doc: Update training info (#14298) (#14301)
• f92dee7 Merge pull request #14267 from pytest-dev/patchback/backports/9.0.x/d6fa26c62...
• 7ee58ac Merge pull request #12378 from Pierre-Sassoulas/fix-implicit-str-concat-and-d...
• 37da870 Merge pull request #14259 from mitre88/patch-4 (#14268)
• c34bfa3 Add explanation for string context diffs (#14257) (#14266)
• Additional commits viewable in compare view

Updates pytest-asyncio to 1.3.0

Release notes

Sourced from pytest-asyncio's releases.

pytest-asyncio 1.3.0

1.3.0 - 2025-11-10

Removed

• Support for Python 3.9 (#1278)

Added

• Support for pytest 9 (#1279)

Notes for Downstream Packagers

• Tested Python versions include free threaded Python 3.14t (#1274)
• Tests are run in the same pytest process, instead of spawning a subprocess with pytest.Pytester.runpytest_subprocess. This prevents the test suite from accidentally using a system installation of pytest-asyncio, which could result in test errors. (#1275)

Commits

• 2e9695f docs: Compile changelog for v1.3.0
• dd0e9ba docs: Reference correct issue in news fragment.
• 4c31abe Build(deps): Bump nh3 from 0.3.1 to 0.3.2
• 13e9477 Link to migration guides from changelog
• 4d2cf3c tests: handle Python 3.14 DefaultEventLoopPolicy deprecation warnings
• ee3549b test: Remove obsolete test for the event_loop fixture.
• 7a67c82 tests: Fix failing test by preventing warning conversion to error.
• a17b689 test: add pytest config to isolated test directories
• 18afc9d fix(tests): replace runpytest_subprocess with runpytest
• cdc6bd1 Add support for pytest 9 and drop Python 3.9 support
• Additional commits viewable in compare view

Updates pytest-cov to 7.1.0

Changelog

Sourced from pytest-cov's changelog.

7.1.0 (2026-03-21)

• Fixed total coverage computation to always be consistent, regardless of reporting settings. Previously some reports could produce different total counts, and consequently can make --cov-fail-under behave different depending on reporting options. See [#641](https://github.com/pytest-dev/pytest-cov/issues/641) <https://github.com/pytest-dev/pytest-cov/issues/641>_.

• Improve handling of ResourceWarning from sqlite3.

  The plugin adds warning filter for sqlite3 ResourceWarning unclosed database (since 6.2.0). It checks if there is already existing plugin for this message by comparing filter regular expression. When filter is specified on command line the message is escaped and does not match an expected message. A check for an escaped regular expression is added to handle this case.

  With this fix one can suppress ResourceWarning from sqlite3 from command line::

  pytest -W "ignore:unclosed database in <sqlite3.Connection object at:ResourceWarning" ...

• Various improvements to documentation. Contributed by Art Pelling in [#718](https://github.com/pytest-dev/pytest-cov/issues/718) <https://github.com/pytest-dev/pytest-cov/pull/718>_ and "vivodi" in [#738](https://github.com/pytest-dev/pytest-cov/issues/738) <https://github.com/pytest-dev/pytest-cov/pull/738>. Also closed [#736](https://github.com/pytest-dev/pytest-cov/issues/736) <https://github.com/pytest-dev/pytest-cov/issues/736>.

• Fixed some assertions in tests. Contributed by in Markéta Machová in [#722](https://github.com/pytest-dev/pytest-cov/issues/722) <https://github.com/pytest-dev/pytest-cov/pull/722>_.

• Removed unnecessary coverage configuration copying (meant as a backup because reporting commands had configuration side-effects before coverage 5.0).

7.0.0 (2025-09-09)

• Dropped support for subprocesses measurement.

  It was a feature added long time ago when coverage lacked a nice way to measure subprocesses created in tests. It relied on a .pth file, there was no way to opt-out and it created bad interations with coverage's new patch system <https://coverage.readthedocs.io/en/latest/config.html#run-patch>_ added in 7.10 <https://coverage.readthedocs.io/en/7.10.6/changes.html#version-7-10-0-2025-07-24>_.

  To migrate to this release you might need to enable the suprocess patch, example for .coveragerc:

  .. code-block:: ini

  [run] patch = subprocess

  This release also requires at least coverage 7.10.6.

• Switched packaging to have metadata completely in pyproject.toml and use hatchling <https://pypi.org/project/hatchling/>_ for building. Contributed by Ofek Lev in [#551](https://github.com/pytest-dev/pytest-cov/issues/551) <https://github.com/pytest-dev/pytest-cov/pull/551>_ with some extras in [#716](https://github.com/pytest-dev/pytest-cov/issues/716) <https://github.com/pytest-dev/pytest-cov/pull/716>_.

• Removed some not really necessary testing deps like six.

... (truncated)

Commits

• 66c8a52 Bump version: 7.0.0 → 7.1.0
• f707662 Make the examples use pypy 3.11.
• 6049a78 Make context test use the old ctracer (seems the new sysmon tracer behaves di...
• 8ebf20b Update changelog.
• 861d30e Remove the backup context manager - shouldn't be needed since coverage 5.0, ...
• fd4c956 Pass the precision on the nulled total (seems that there's some caching goion...
• 78c9c4e Only run the 3.9 on older deps.
• 4849a92 Punctuation.
• 197c35e Update changelog and hopefully I don't forget to publish release again :))
• 14dc1c9 Update examples to use 3.11 and make the adhoc layout example look a bit more...
• Additional commits viewable in compare view

Updates pytest-httpx to 0.36.2

Release notes

Sourced from pytest-httpx's releases.

0.36.2 (2026-04-09)

Fixed

• Document how to ignore query parameters while matching on URL.

Changelog

Sourced from pytest-httpx's changelog.

[0.36.2] - 2026-04-09

Fixed

• Document how to ignore query parameters while matching on URL.

[0.36.0] - 2025-12-02

Changed

• pytest required version is now 9.

Added

• Explicit support for python 3.14.
• match_params parameter is now available on responses and callbacks registration, as well as request(s) retrieval. Allowing to provide query parameters as a dict instead of being part of the matched URL.
  • This parameter allows to perform partial query params matching (refer to documentation for more information).

Fixed

• URL with more than one value for the same parameter were not matched properly (matching was performed on the first value).
• httpx_mock.add_exception is now properly documented (accepts BaseException instead of Exception).

Removed

• pytest 8 is not supported anymore.
• python 3.9 is not supported anymore.

[0.35.0] - 2024-11-28

Changed

• Requires httpx==0.28.*

[0.34.0] - 2024-11-18

Added

• is_optional parameter is now available on responses and callbacks registration. Allowing to add optional responses while keeping other responses as mandatory. Refer to documentation for more details.
• is_reusable parameter is now available on responses and callbacks registration. Allowing to add multi-match responses while keeping other responses as single-match. Refer to documentation for more details.

Fixed

• httpx_mock.get_request will now also propose to refine filters if more than one request is found instead of only proposing to switch to httpx_mock.get_requests.

[0.33.0] - 2024-10-28

Added

• Explicit support for python 3.13.
• should_mock option (callable returning a boolean) is now available, defaulting to always returning True. Refer to documentation for more details.
• Matching on the full multipart body can now be performed using match_files and match_data parameters. Refer to documentation for more details.
• Matching on extensions (including timeout) can now be performed using match_extensions parameter. Refer to documentation for more details.

Removed

• non_mocked_hosts option is not available anymore. Use should_mock instead as in the following sample:

  import pytest
  @​pytest.mark.httpx_mock(non_mocked_hosts=["my_local_test_host"])
  def test_previous_behavior(httpx_mock):
  ...
  @​pytest.mark.httpx_mock(should_mock=lambda request: request.url.host not in ["my_local_test_host"])

... (truncated)

Commits

• 8121166 Re-release as 0.36.2
• d5e4283 Bump version
• 66eeeb0 Release version 0.36.1
• 1be4693 Merge branch 'master' into develop
• 5acf97f Release 0.36.1
• 71b9dd4 Release 0.36.1
• 9714e55 Cleanup project management
• 47e7e02 Use commit sha as version
• ede6a6d Update black to latest version
• 7d8291e Use trusted publisher to publish to pypi
• Additional commits viewable in compare view

Updates python-dotenv to 1.2.2

Release notes

Sourced from python-dotenv's releases.

v1.2.2

Added

• Support for Python 3.14, including the free-threaded (3.14t) build. (#)

Changed

• The dotenv run command now forwards flags directly to the specified command by @​bbc2 in theskumar/python-dotenv#607
• Improved documentation clarity regarding override behavior and the reference page.
• Updated PyPy support to version 3.11.
• Documentation for FIFO file support.
• Support for Python 3.9.

Fixed

• Improved set_key and unset_key behavior when interacting with symlinks by @​bbc2 in #790c5
• Corrected the license specifier and added missing Python 3.14 classifiers in package metadata by @​JYOuyang in theskumar/python-dotenv#590

Breaking Changes

• dotenv.set_key and dotenv.unset_key used to follow symlinks in some situations. This is no longer the case. For that behavior to be restored in all cases, follow_symlinks=True should be used.

• In the CLI, set and unset used to follow symlinks in some situations. This is no longer the case.

• dotenv.set_key, dotenv.unset_key and the CLI commands set and unset used to reset the file mode of the modified .env file to 0o600 in some situations. This is no longer the case: The original mode of the file is now preserved. Is the file needed to be created or wasn't a regular file, mode 0o600 is used.

Misc

• skip 000 permission tests for root user by @​burnout-projects in theskumar/python-dotenv#561
• Bump actions/checkout from 5 to 6 in the github-actions group by @​dependabot[bot] in theskumar/python-dotenv#593
• Add Windows testing to CI by @​bbc2 in theskumar/python-dotenv#604
• Improve workflow efficiency with best practices by @​theskumar in theskumar/python-dotenv#609
• Remove the use of sh in tests by @​bbc2 in theskumar/python-dotenv#612

New Contributors

• @​JYOuyang made their first contribution in theskumar/python-dotenv#590
• @​burnout-projects made their first contribution in theskumar/python-dotenv#561
• @​cpackham-atlnz made their first contribution in theskumar/python-dotenv#597

Full Changelog: theskumar/python-dotenv@v1.2.1...v1.2.2

Changelog

Sourced from python-dotenv's changelog.

[1.2.2] - 2026-03-01

Added

• Support for Python 3.14, including the free-threaded (3.14t) build. (#588)

Changed

• The dotenv run command now forwards flags directly to the specified command by [@​bbc2] in #607
• Improved documentation clarity regarding override behavior and the reference page.
• Updated PyPy support to version 3.11.
• Documentation for FIFO file support.
• Dropped Support for Python 3.9.

Fixed

• Improved set_key and unset_key behavior when interacting with symlinks by [@​bbc2] in [790c5c0]
• Corrected the license specifier and added missing Python 3.14 classifiers in package metadata by [@​JYOuyang] in #590

Breaking Changes

• dotenv.set_key and dotenv.unset_key used to follow symlinks in some situations. This is no longer the case. For that behavior to be restored in all cases, follow_symlinks=True should be used.

• In the CLI, set and unset used to follow symlinks in some situations. This is no longer the case.

• dotenv.set_key, dotenv.unset_key and the CLI commands set and unset used to reset the file mode of the modified .env file to 0o600 in some situations. This is no longer the case: The original mode of the file is now preserved. Is the file needed to be created or wasn't a regular file, mode 0o600 is used.

[1.2.1] - 2025-10-26

• Move more config to pyproject.toml, removed setup.cfg
• Add support for reading .env from FIFOs (Unix) by [@​sidharth-sudhir] in #586

[1.2.0] - 2025-10-26

• Upgrade build system to use PEP 517 & PEP 518 to use build and pyproject.toml by [@​EpicWink] in #583
• Add support for Python 3.14 by [@​23f3001135] in #579
• Add support for disabling of load_dotenv() using PYTHON_DOTENV_DISABLED env var. by [@​matthewfranglen] in #569

[1.1.1] - 2025-06-24

Fixed

• CLI: Ensure find_dotenv work reliably on python 3.13 by [@​theskumar] in #563

... (truncated)

Commits

• 36004e0 Bump version: 1.2.1 → 1.2.2
• eb20252 docs: update changelog for v1.2.2
• 790c5c0 Merge commit from fork
• 43340da Remove the use of sh in tests (#612)
• 09d7cee docs: clarify override behavior and document FIFO support (#610)
• c8de288 ci: improve workflow efficiency with best practices (#609)
• 7bd9e3d Add Windows testing to CI (#604)