Bump the pip group with 4 updates

[dependabot]

Bumps the pip group with 4 updates: cherry-picker, aiohttp, sentry-sdk and pytest.

Updates cherry-picker from 2.3.0 to 2.4.0

Release notes

Sourced from cherry-picker's releases.

cherry-picker-v2.4.0

What's Changed

• Add support for Python 3.14 by @​hugovk in python/cherry-picker#145
• Allow passing a base branch that doesn't have version info by @​Jackenmen in python/cherry-picker#70
• Generate __version__ at build to avoid slow importlib.metadata import by @​hugovk in python/cherry-picker#141
• PyPI metatada: re-add description by @​hugovk in python/cherry-picker#140
• Remove outdated README info by @​hugovk in python/cherry-picker#143

Full Changelog: python/cherry-picker@cherry-picker-v2.3.0...cherry-picker-v2.4.0

Changelog

Sourced from cherry-picker's changelog.

2.4.0

• Add support for Python 3.14 (PR 145
• Allow passing a base branch that doesn't have version info (PR 70
  • This makes cherry-picker useful for projects other than CPython that don't have versioned branch names.

Commits

• 34d27eb Update changelog for 2.4.0 (#146)
• c81925c Add support for Python 3.14 (#145)
• 940787a Allow passing a base branch that doesn't have version info (#70)
• a1552fb Remove outdated README info (#143)
• 7721133 PyPI metatada: re-add description (#140)
• a7d1d0d Generate __version__ at build to avoid slow importlib.metadata import (#141)
• 71490d0 Exclude bots from generated release notes (#139)
• See full diff in compare view

Updates aiohttp from 3.10.11 to 3.11.8

Release notes

Sourced from aiohttp's releases.

3.11.8

Miscellaneous internal changes

• Improved performance of creating :class:aiohttp.ClientResponse objects when there are no cookies -- by :user:bdraco.

  Related issues and pull requests on GitHub: #10029.

• Improved performance of creating :class:aiohttp.ClientResponse objects -- by :user:bdraco.

  Related issues and pull requests on GitHub: #10030.

• Improved performances of creating objects during the HTTP request lifecycle -- by :user:bdraco.

  Related issues and pull requests on GitHub: #10037.

• Improved performance of constructing :class:aiohttp.web.Response with headers -- by :user:bdraco.

  Related issues and pull requests on GitHub: #10043.

• Improved performance of making requests when there are no auto headers to skip -- by :user:bdraco.

  Related issues and pull requests on GitHub: #10049.

• Downgraded logging of invalid HTTP method exceptions on the first request to debug level -- by :user:bdraco.

  HTTP requests starting with an invalid method are relatively common, especially when connected to the public internet, because browsers or other clients may try to speak SSL to a plain-text server or vice-versa. These exceptions can quickly fill the log with noise when nothing is wrong.

  Related issues and pull requests on GitHub:

... (truncated)

Changelog

Sourced from aiohttp's changelog.

3.11.8 (2024-11-27)

Miscellaneous internal changes

• Improved performance of creating :class:aiohttp.ClientResponse objects when there are no cookies -- by :user:bdraco.

  Related issues and pull requests on GitHub: :issue:10029.

• Improved performance of creating :class:aiohttp.ClientResponse objects -- by :user:bdraco.

  Related issues and pull requests on GitHub: :issue:10030.

• Improved performances of creating objects during the HTTP request lifecycle -- by :user:bdraco.

  Related issues and pull requests on GitHub: :issue:10037.

• Improved performance of constructing :class:aiohttp.web.Response with headers -- by :user:bdraco.

  Related issues and pull requests on GitHub: :issue:10043.

• Improved performance of making requests when there are no auto headers to skip -- by :user:bdraco.

  Related issues and pull requests on GitHub: :issue:10049.

• Downgraded logging of invalid HTTP method exceptions on the first request to debug level -- by :user:bdraco.

  HTTP requests starting with an invalid method are relatively common, especially when connected to the public internet, because browsers or other clients may try to speak SSL to a plain-text server or vice-versa. These exceptions can quickly fill the log with noise when nothing is wrong.

... (truncated)

Commits

• 5ddf720 Release 3.11.8 (#10066)
• 13152c3 [PR #10055/c11fe96 backport][3.11] Downgrade logging of invalid HTTP methods ...
• 1b78cae [PR #10059/aac6f741 backport][3.11] Combine executor jobs in FileResponse sen...
• a5a6981 [PR #10058/12372d7 backport][3.11] Remove unreachable content length check fo...
• 7e628f4 [PR #8699/11f0e7f backport][3.11] Reduce code indent in ResponseHandler.data_...
• 1a6fafe [PR #10037/2e369db backport][3.11] Refactor requests and responses to use cla...
• 653302e [PR #10049/006fbc37 backport][3.11] Improve client performance when there are...
• d411bc5 [PR #10043/5255cec backport][3.11] Avoid constructing headers mulitidict twic...
• 3dfd7ae Bump pypa/cibuildwheel from 2.21.3 to 2.22.0 (#10042)
• 65dab0e [PR #10038/6f4e9615 backport][3.11] Small speed up to StreamWriter.__init__...
• Additional commits viewable in compare view

Updates sentry-sdk from 2.17.0 to 2.19.0

Release notes

Sourced from sentry-sdk's releases.

2.19.0

Various fixes & improvements

• New: introduce rust_tracing integration. See https://docs.sentry.io/platforms/python/integrations/rust_tracing/ (#3717) by @​matt-codecov
• Auto enable Litestar integration (#3540) by @​provinzkraut
• Deprecate sentry_sdk.init context manager (#3729) by @​szokeasaurusrex
• feat(spotlight): Send PII to Spotlight when no DSN is set (#3804) by @​BYK
• feat(spotlight): Add info logs when Sentry is enabled (#3735) by @​BYK
• feat(spotlight): Inject Spotlight button on Django (#3751) by @​BYK
• feat(spotlight): Auto enable cache_spans for Spotlight on DEBUG (#3791) by @​BYK
• fix(logging): Handle parameter stack_info for the LoggingIntegration (#3745) by @​gmcrocetti
• fix(pure-eval): Make sentry-sdk[pure-eval] installable with pip==24.0 (#3757) by @​sentrivana
• fix(rust_tracing): include_tracing_fields arg to control unvetted data in rust_tracing integration (#3780) by @​matt-codecov
• fix(aws) Fix aws lambda tests (by reducing event size) (#3770) by @​antonpirker
• fix(arq): fix integration with Worker settings as a dict (#3742) by @​saber-solooki
• fix(httpx): Prevent Sentry baggage duplication (#3728) by @​szokeasaurusrex
• fix(falcon): Don't exhaust request body stream (#3768) by @​szokeasaurusrex
• fix(integrations): Check retries_left before capturing exception (#3803) by @​malkovro
• fix(openai): Use name instead of description (#3807) by @​sourceful-rob
• test(gcp): Only run GCP tests when they should (#3721) by @​szokeasaurusrex
• chore: Shorten CI workflow names (#3805) by @​sentrivana
• chore: Test with pyspark prerelease (#3760) by @​sentrivana
• build(deps): bump codecov/codecov-action from 4.6.0 to 5.0.2 (#3792) by @​dependabot
• build(deps): bump actions/checkout from 4.2.1 to 4.2.2 (#3691) by @​dependabot

2.18.0

Various fixes & improvements

• Add LaunchDarkly and OpenFeature integration (#3648) by @​cmanallen
• Correct typo in a comment (#3726) by @​szokeasaurusrex
• End http.client span on timeout (#3723) by @​Zylphrex
• Check for h2 existence in HTTP/2 transport (#3690) by @​BYK
• Use type() instead when extracting frames (#3716) by @​Zylphrex
• Prefer python_multipart import over multipart (#3710) by @​musicinmybrain
• Update active thread for asgi (#3669) by @​Zylphrex
• Only enable HTTP2 when DSN is HTTPS (#3678) by @​BYK
• Prepare for upstream Strawberry extension removal (#3649) by @​DoctorJohn
• Enhance README with improved clarity and developer-friendly examples (#3667) by @​UTSAVS26
• Run license compliance action on all PRs (#3699) by @​szokeasaurusrex
• Run CodeQL action on all PRs (#3698) by @​szokeasaurusrex
• Fix UTC assuming test (#3722) by @​BYK
• Exclude fakeredis 2.26.0 on py3.6 and 3.7 (#3695) by @​szokeasaurusrex
• Unpin pytest for tornado-latest tests (#3714) by @​szokeasaurusrex
• Install pytest-asyncio for redis tests (Python 3.12-13) (#3706) by @​szokeasaurusrex
• Clarify that only pinned tests are required (#3713) by @​szokeasaurusrex
• Remove accidentally-committed print (#3712) by @​szokeasaurusrex
• Disable broken RQ test in newly-released RQ 2.0 (#3708) by @​szokeasaurusrex
• Unpin pytest for celery tests (#3701) by @​szokeasaurusrex
• Unpin pytest on Python 3.8+ gevent tests (#3700) by @​szokeasaurusrex
• Unpin pytest for Python 3.8+ common tests (#3697) by @​szokeasaurusrex

... (truncated)

Changelog

Sourced from sentry-sdk's changelog.

2.19.0

Various fixes & improvements

• New: introduce rust_tracing integration. See https://docs.sentry.io/platforms/python/integrations/rust_tracing/ (#3717) by @​matt-codecov
• Auto enable Litestar integration (#3540) by @​provinzkraut
• Deprecate sentry_sdk.init context manager (#3729) by @​szokeasaurusrex
• feat(spotlight): Send PII to Spotlight when no DSN is set (#3804) by @​BYK
• feat(spotlight): Add info logs when Sentry is enabled (#3735) by @​BYK
• feat(spotlight): Inject Spotlight button on Django (#3751) by @​BYK
• feat(spotlight): Auto enable cache_spans for Spotlight on DEBUG (#3791) by @​BYK
• fix(logging): Handle parameter stack_info for the LoggingIntegration (#3745) by @​gmcrocetti
• fix(pure-eval): Make sentry-sdk[pure-eval] installable with pip==24.0 (#3757) by @​sentrivana
• fix(rust_tracing): include_tracing_fields arg to control unvetted data in rust_tracing integration (#3780) by @​matt-codecov
• fix(aws) Fix aws lambda tests (by reducing event size) (#3770) by @​antonpirker
• fix(arq): fix integration with Worker settings as a dict (#3742) by @​saber-solooki
• fix(httpx): Prevent Sentry baggage duplication (#3728) by @​szokeasaurusrex
• fix(falcon): Don't exhaust request body stream (#3768) by @​szokeasaurusrex
• fix(integrations): Check retries_left before capturing exception (#3803) by @​malkovro
• fix(openai): Use name instead of description (#3807) by @​sourceful-rob
• test(gcp): Only run GCP tests when they should (#3721) by @​szokeasaurusrex
• chore: Shorten CI workflow names (#3805) by @​sentrivana
• chore: Test with pyspark prerelease (#3760) by @​sentrivana
• build(deps): bump codecov/codecov-action from 4.6.0 to 5.0.2 (#3792) by @​dependabot
• build(deps): bump actions/checkout from 4.2.1 to 4.2.2 (#3691) by @​dependabot

2.18.0

Various fixes & improvements

• Add LaunchDarkly and OpenFeature integration (#3648) by @​cmanallen
• Correct typo in a comment (#3726) by @​szokeasaurusrex
• End http.client span on timeout (#3723) by @​Zylphrex
• Check for h2 existence in HTTP/2 transport (#3690) by @​BYK
• Use type() instead when extracting frames (#3716) by @​Zylphrex
• Prefer python_multipart import over multipart (#3710) by @​musicinmybrain
• Update active thread for asgi (#3669) by @​Zylphrex
• Only enable HTTP2 when DSN is HTTPS (#3678) by @​BYK
• Prepare for upstream Strawberry extension removal (#3649) by @​DoctorJohn
• Enhance README with improved clarity and developer-friendly examples (#3667) by @​UTSAVS26
• Run license compliance action on all PRs (#3699) by @​szokeasaurusrex
• Run CodeQL action on all PRs (#3698) by @​szokeasaurusrex
• Fix UTC assuming test (#3722) by @​BYK
• Exclude fakeredis 2.26.0 on py3.6 and 3.7 (#3695) by @​szokeasaurusrex
• Unpin pytest for tornado-latest tests (#3714) by @​szokeasaurusrex
• Install pytest-asyncio for redis tests (Python 3.12-13) (#3706) by @​szokeasaurusrex
• Clarify that only pinned tests are required (#3713) by @​szokeasaurusrex
• Remove accidentally-committed print (#3712) by @​szokeasaurusrex
• Disable broken RQ test in newly-released RQ 2.0 (#3708) by @​szokeasaurusrex
• Unpin pytest for celery tests (#3701) by @​szokeasaurusrex

... (truncated)

Commits

• 039c220 Updated changelog
• c83e742 release: 2.19.0
• 8fe5bb4 feat: Send PII to Spotlight when no DSN is set (#3804)
• 295dd8d Auto enable Litestar integration (#3540)
• bd50c38 fix(httpx): Prevent Sentry baggage duplication (#3728)
• e9ec6c1 test(gcp): Only run GCP tests when they should (#3721)
• aa6e8fd fix(falcon): Don't exhaust request body stream (#3768)
• 3e28853 fix(integrations): Check retries_left before capturing exception (#3803)
• 01146bd fix(openai): Use name instead of description (#3807)
• d894fc2 Shorten CI workflow names (#3805)
• Additional commits viewable in compare view

Updates pytest from 8.3.3 to 8.3.4

Release notes

Sourced from pytest's releases.

8.3.4

pytest 8.3.4 (2024-12-01)

Bug fixes

• #12592: Fixed KeyError{.interpreted-text role="class"} crash when using --import-mode=importlib in a directory layout where a directory contains a child directory with the same name.

• #12818: Assertion rewriting now preserves the source ranges of the original instructions, making it play well with tools that deal with the AST, like executing.

• #12849: ANSI escape codes for colored output now handled correctly in pytest.fail{.interpreted-text role="func"} with [pytrace=False]{.title-ref}.

• #9353: pytest.approx{.interpreted-text role="func"} now uses strict equality when given booleans.

Improved documentation

• #10558: Fix ambiguous docstring of pytest.Config.getoption{.interpreted-text role="func"}.

• #10829: Improve documentation on the current handling of the --basetemp option and its lack of retention functionality (temporary directory location and retention{.interpreted-text role="ref"}).

• #12866: Improved cross-references concerning the recwarn{.interpreted-text role="fixture"} fixture.

• #12966: Clarify filterwarnings{.interpreted-text role="ref"} docs on filter precedence/order when using multiple @pytest.mark.filterwarnings <pytest.mark.filterwarnings ref>{.interpreted-text role="ref"} marks.

Contributor-facing changes

• #12497: Fixed two failing pdb-related tests on Python 3.13.

Commits

• 53f8b4e Update pypa/gh-action-pypi-publish to v1.12.2
• 98dff36 Prepare release version 8.3.4
• 1b474e2 approx: use exact comparison for bool (#13013)
• b541721 docs: Fix wrong statement about sys.modules with importlib import mode (#1298...
• 16cb87b pytest.fail: fix ANSI escape codes for colored output (#12959) (#12990)
• be6bc81 Issue #12966 Clarify filterwarnings docs on precedence when using multiple ma...
• 7aeb72b Improve docs on basetemp and retention (#12912) (#12928)
• c875841 Merge pull request #12917 from pytest-dev/patchback/backports/8.3.x/ded1f44e5...
• 6502816 Merge pull request #12913 from jakkdl/dontfailonbadpath
• 52135b0 Merge pull request #12885 from The-Compiler/pdb-py311 (#12887)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 100.00%. Comparing base (66d38c3) to head (dc4ee96).
Report is 1 commits behind head on main.

@@            Coverage Diff            @@
##              main      #707   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files            6         6           
  Lines          357       357           
  Branches        14        14           
=========================================
  Hits           357       357           

Flag	Coverage Δ
Python_3.11	100.00% <ø> (ø)
Python_3.12	100.00% <ø> (ø)
Python_3.13	100.00% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.