Bump the uv group across 1 directory with 2 updates

[dependabot]

Bumps the uv group with 2 updates in the / directory: requests and pillow.

Updates requests from 2.32.5 to 2.33.0

Release notes

Sourced from requests's releases.

v2.33.0

2.33.0 (2026-03-25)

Announcements

• 📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at #7271. Give it a try, and report any gaps or feedback you may have in the issue. 📣

Security

• CVE-2026-25645 requests.utils.extract_zipped_paths now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.

Improvements

• Migrated to a PEP 517 build system using setuptools. (#7012)

Bugfixes

• Fixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+. (#7205)

Deprecations

• Dropped support for Python 3.9 following its end of support. (#7196)

Documentation

• Various typo fixes and doc improvements.

New Contributors

• @​M0d3v1 made their first contribution in psf/requests#6865
• @​aminvakil made their first contribution in psf/requests#7220
• @​E8Price made their first contribution in psf/requests#6960
• @​mitre88 made their first contribution in psf/requests#7244
• @​magsen made their first contribution in psf/requests#6553
• @​Rohan5commit made their first contribution in psf/requests#7227

Full Changelog: https://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25

Changelog

Sourced from requests's changelog.

2.33.0 (2026-03-25)

Announcements

• 📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at #7271. Give it a try, and report any gaps or feedback you may have in the issue. 📣

Security

• CVE-2026-25645 requests.utils.extract_zipped_paths now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.

Improvements

• Migrated to a PEP 517 build system using setuptools. (#7012)

Bugfixes

• Fixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+. (#7205)

Deprecations

• Dropped support for Python 3.9 following its end of support. (#7196)

Documentation

• Various typo fixes and doc improvements.

Commits

• bc04dfd v2.33.0
• 66d21cb Merge commit from fork
• 8b9bc8f Move badges to top of README (#7293)
• e331a28 Remove unused extraction call (#7292)
• 753fd08 docs: fix FAQ grammar in httplib2 example
• 774a0b8 docs(socks): same block as other sections
• 9c72a41 Bump github/codeql-action from 4.33.0 to 4.34.1
• ebf7190 Bump github/codeql-action from 4.32.0 to 4.33.0
• 0e4ae38 docs: exclude Response.is_permanent_redirect from API docs (#7244)
• d568f47 docs: clarify Quickstart POST example (#6960)
• Additional commits viewable in compare view

Updates pillow from 12.1.1 to 12.2.0

Release notes

Sourced from pillow's releases.

12.2.0

https://pillow.readthedocs.io/en/stable/releasenotes/12.2.0.html

Documentation

• Update 12.2.0 release notes #9522 [@​hugovk]
• Add loader plugins: AMOS abk, Atari Degas, 40+ more obscure formats via Netpbm #9482 [@​bitplane]
• Update Python versions #9515 [@​radarhere]
• Jeffrey A. Clark -> Jeffrey 'Alex' Clark #9513 [@​aclark4life]
• Add release notes for #9394, #9419 and #9456 #9467 [@​radarhere]
• Add Amiga Workbench .info loader to 3rd party plugins list #9459 [@​bitplane]
• Merge PFM documentation into PPM #9434 [@​radarhere]
• Update macOS tested Pillow versions #9431 [@​radarhere]
• Fix CVE number #9430 [@​hugovk]

Dependencies

• Update xz to 5.8.3 #9523 [@​radarhere]
• Update libjpeg-turbo to 3.1.4.1 #9507 [@​radarhere]
• Update libpng to 1.6.56 #9499 [@​radarhere]
• Update freetype to 2.14.3 #9485 [@​radarhere]
• Updated libavif to 1.4.1 #9479 [@​radarhere]
• Updated harfbuzz to 13.2.1 #9461 [@​radarhere]
• Update Ghostscript to 10.7.0 #9469 [@​radarhere]
• Update harfbuzz to 13.0.1 #9453 [@​radarhere]
• Update libavif to 1.4.0 #9460 [@​radarhere]
• Update freetype to 2.14.2 #9449 [@​radarhere]
• Update actions/download-artifact action to v8 #9451 [@renovate[bot]]
• Updated libpng to 1.6.55 #9425 [@​radarhere]

Testing

• Cleanup .spider extension in the same test where it is added #9517 [@​radarhere]
• Run tests in parallel via tox for 3.5x speedup #9516 [@​hugovk]
• Enable colour in CI logs #9486 [@​hugovk]
• Update Ghostscript to 10.7.0 #9469 [@​radarhere]
• Simplify TGA test code #9477 [@​radarhere]
• Update tests to check for ValueError when encoding an empty image #9464 [@​radarhere]
• Upgrade CI from macos-15-intel to macos-26-intel #9454 [@​hugovk]
• Add check-case-conflict hook #9446 [@​radarhere]
• Specify platform when pulling docker image #9440 [@​radarhere]
• GHA: Cache libavif and webp builds for Ubuntu #9437 [@​hugovk]
• Update macOS tested Pillow versions #9431 [@​radarhere]

Other changes

• Check calloc return value #9527 [@​radarhere]
• Check all allocs in the Arrow tree #9488 [@​wiredfool]
• Reject non-numeric elements inside list coords #9526 [@​hugovk]
• Move variable declaration inside define #9525 [@​radarhere]

... (truncated)

Commits

• 3c41c09 12.2.0 version bump
• cdaa29e Check calloc return value (#9527)
• 585b2f5 Check calloc return value
• ecf011e Check all allocs in the Arrow tree (#9488)
• cf6de8c Reject non-numeric elements inside list coords (#9526)
• ffdcede Update 12.2.0 release notes (#9522)
• 7929d77 Added security release notes (#149)
• c4f7aa5 Added security release notes
• 22cdb5f Move variable declaration inside define (#9525)
• fc15b3b Resize tall images vertically first (#9524)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[github-actions]

Coverage Report

File	Stmts	Miss	Cover	Missing
epycloud
__init__.py	3	0	100%
__main__.py	3	3	0%	3, 5–6
cli.py	119	119	0%	3–5, 7–11, 14, 26, 33, 36, 38, 46–48, 54–57, 65, 68, 75, 77, 79–83, 85, 88, 102–112, 114, 117, 130–131, 134–135, 138–139, 142–144, 147–151, 154–155, 158–159, 164–167, 169–172, 176, 179, 190–192, 194–196, 198–200, 202–204, 206–208, 210–212, 214–216, 218–220, 222–224, 226–228, 230–232, 234, 236–237, 239–245, 247–248, 251–252
exceptions.py	26	4	84%	40–41, 94, 96
epycloud/commands
__init__.py	0	0	100%
epycloud/commands/build
__init__.py	3	0	100%
cloud.py	65	13	80%	69, 72, 75–79, 92, 151–154, 171
dev.py	62	21	66%	57–60, 64–66, 80, 83, 88, 96–97, 110, 132–133, 140–141, 143–145, 147
display.py	31	2	93%	57, 60
handlers.py	158	28	82%	110, 115, 156–158, 171–173, 191, 196, 233–235, 260, 265, 302–304, 331, 345, 356–363
local.py	58	17	70%	54–57, 61–63, 76, 79, 86, 92–93, 108, 133–134, 139–140
parser.py	27	24	11%	16, 23, 26, 29, 34, 39, 43, 48, 54, 61, 66, 71, 75, 80, 86, 93, 98, 103, 107, 112, 118, 125, 130, 136
epycloud/commands/config_cmd
__init__.py	3	0	100%
handlers.py	142	4	97%	37, 116, 235, 237
operations.py	103	14	86%	116–127, 156–157
parser.py	20	17	15%	16, 29, 32, 35, 38–39, 42–43, 48, 51, 54, 57–58, 63–65, 68
epycloud/commands/download
__init__.py	3	0	100%
handlers.py	152	30	80%	91–94, 123–130, 146–149, 152–154, 171–175, 238–240, 251, 254–255
operations.py	44	1	97%	174
parser.py	10	8	20%	14, 20, 31, 38, 45, 51, 56, 61
epycloud/commands/experiment
__init__.py	3	0	100%
handlers.py	119	19	84%	44–45, 47–48, 53–54, 77–79, 86, 98–102, 137–138, 202–203
parser.py	13	10	23%	16, 23, 26, 29, 34, 44, 50, 58, 66, 71
epycloud/commands/logs
__init__.py	3	0	100%
display.py	51	5	90%	91, 100–103
handlers.py	98	12	87%	81–82, 175–177, 250, 252–255, 257–258
parser.py	13	11	15%	14, 20, 25, 30, 36, 42, 47, 52, 59, 66, 71
streaming.py	34	7	79%	44, 81–84, 86–87
epycloud/commands/profile
__init__.py	3	0	100%
handlers.py	145	1	99%	39
parser.py	21	18	14%	16, 18, 21, 24, 27–28, 31, 34–36, 39–40, 43–44, 47–48, 51–52
epycloud/commands/run
__init__.py	3	0	100%
handlers.py	98	20	79%	33–34, 36–39, 46–47, 96–97, 99, 101, 155–157, 162, 164, 166, 171, 197
parser.py	38	35	7%	16, 29, 32, 35, 40, 46, 51, 57, 63, 69, 74, 79, 84, 90, 95, 100, 106, 112, 118, 123, 129, 134, 141, 147, 152, 159, 165, 170, 175, 181, 187, 193, 199, 205, 210
validation.py	31	2	93%	92–93
epycloud/commands/run/cloud
__init__.py	3	0	100%
batch_config.py	50	0	100%
job.py	89	8	91%	94, 147, 169, 173, 244–245, 253–254
workflow.py	157	46	70%	99, 107, 117–118, 120–121, 141, 144–146, 169, 172–174, 183, 230, 260–262, 270–272, 275, 278, 281, 342–343, 347–351, 353–356, 359–366, 368–369
epycloud/commands/run/local
__init__.py	3	0	100%
docker_compose.py	22	3	86%	40–42
job.py	46	7	84%	75, 101, 116–118, 124–125
workflow.py	75	68	9%	56–62, 65–66, 69, 72–73, 84–85, 87–90, 93–96, 98, 105–107, 109, 112, 122–125, 127–128, 130–132, 134, 136, 139–142, 144–145, 147, 158–160, 162, 165–169, 171, 183–185, 187, 189–190, 193–197, 199
epycloud/commands/status
__init__.py	3	0	100%
handlers.py	72	12	83%	145–148, 150–151, 212–214, 221, 235–236
operations.py	302	41	86%	93, 118–119, 127, 204, 274–276, 285, 347, 358, 364–367, 423, 430, 448, 461–463, 466–469, 473, 477, 497, 525, 547–548, 550–551, 553, 578, 582, 619, 631–633, 638
parser.py	7	5	28%	14, 20, 25, 32, 42
epycloud/commands/terraform
__init__.py	3	0	100%
handlers.py	153	14	90%	38, 127, 154, 192, 206–207, 222, 252–253, 265, 279–280, 295, 321
operations.py	78	7	91%	90, 138–141, 143–144
parser.py	20	17	15%	16, 24, 27, 34, 37, 43, 48, 54, 59, 65, 71, 77, 82, 88, 94, 100, 105
epycloud/commands/validate
__init__.py	3	0	100%
handlers.py	277	84	69%	74, 120–122, 128–130, 175–176, 179, 183–189, 192–194, 204–210, 227, 244, 252, 269–270, 275–276, 302–303, 341, 343–347, 349–352, 377–384, 430, 432–436, 438–441, 449–453, 455–458, 466–473, 490, 496, 514
operations.py	220	157	28%	70–74, 91, 97, 99–102, 109, 115–116, 118–119, 121, 123, 150–151, 157–158, 161–162, 164–165, 167–168, 171, 173–174, 176, 179–184, 187, 189, 191–192, 223–226, 233–234, 241–243, 246–247, 250, 257, 259, 261–262, 306, 317, 323–324, 327, 333–334, 337–340, 342–343, 350, 352–354, 356–357, 359, 394, 396–397, 399–400, 407–408, 411–413, 415, 417–419, 421–422, 471, 484–486, 488–489, 501, 503–505, 507–509, 516–518, 523, 525, 528–532, 535–537, 539–540, 542–544, 551–557, 563, 576–577, 580–582, 584–587, 590–594, 596–598, 600–602, 604–607
parser.py	9	6	33%	15, 27–28, 33, 40, 47
epycloud/commands/workflow
__init__.py	3	0	100%
api.py	82	13	84%	238–239, 246, 248–250, 254, 355, 360–362, 364–365
display.py	120	34	71%	47–48, 52, 105, 111–112, 117, 119, 127, 137–138, 143–146, 151–157, 171–172, 192–193, 211–213, 216, 219, 222–223, 225
handlers.py	275	51	81%	48, 63–64, 99–101, 111–113, 143, 148, 150, 177–178, 188–190, 202–203, 205, 210, 212, 239–240, 246, 254, 298–299, 315–317, 358, 368–372, 389, 391, 393, 398, 400, 428–429, 440–442, 480, 482, 487, 489
parser.py	24	0	100%
streaming.py	56	36	35%	39–40, 42–43, 45–46, 48, 55–56, 58, 61, 74, 81–82, 85–86, 88–89, 92, 94–101, 103–104, 180, 182–185, 187–188
epycloud/config
__init__.py	0	0	100%
loader.py	112	27	75%	76, 105–106, 131, 163–164, 166, 195, 198–202, 205–206, 250, 295, 301, 306, 311, 379–380, 382–385, 387
epycloud/lib
__init__.py	0	0	100%
command_helpers.py	135	26	80%	208, 248–250, 253–255, 257, 293–294, 331, 339, 345, 524, 527, 530–531, 534–541, 543
formatters.py	159	1	99%	413
gcs.py	95	22	76%	63, 66, 112, 244, 246–250, 253, 255–258, 261–265, 267, 289–290
output.py	90	25	72%	22, 40–42, 90, 94, 98, 197–198, 210–211, 232, 246–247, 271–272, 274, 276–283
paths.py	69	23	66%	23, 37–39, 41, 43, 55–57, 59, 61, 76–77, 80–81, 83, 97–99, 113–115, 202
validation.py	128	13	89%	151, 198–199, 350, 524, 532–533, 540, 545, 563–564, 568–569
epycloud/utils
__init__.py	0	0	100%
confirmation.py	152	0	100%
TOTAL	4797	1191	75%

Tests	Skipped	Failures	Errors	Time
621	2 💤	0 ❌	0 🔥	27.556s ⏱️