Bump the pip group across 1 directory with 3 updates

[dependabot]

Updates the requirements on setuptools, pydantic and requests to permit the latest version.
Updates setuptools to 75.2.0

Changelog

Sourced from setuptools's changelog.

v75.2.0

Features

• Made errors when parsing Distribution data more explicit about the expected type (tuple[str, ...] | list[str]) -- by :user:Avasam (#4578)

Bugfixes

• Fix a TypeError when a Distribution's old included attribute was a tuple -- by :user:Avasam (#4578)
• Add workaround for bdist_wheel --dist-info-dir errors when customisation does not inherit from setuptools. (#4684)

v75.1.1

Bugfixes

• Re-use pre-existing .dist-info dir when creating wheels via the build backend APIs (PEP 517) and the metadata_directory argument is passed -- by :user:pelson. (#1825)
• Changed egg_info command to avoid adding an empty .egg-info directory while iterating over entry-points. This avoids triggering integration problems with importlib.metadata/importlib_metadata (reference: pypa/pyproject-hooks#206). (#4680)

v75.1.0

Features

• Deprecated bdist_wheel.universal configuration. (#4617)

Bugfixes

• Removed reference to upload_docs module in entry points. (#4650)

v75.0.0

Features

... (truncated)

Commits

• 61a5a03 Bump version: 75.1.1 → 75.2.0
• 8ad3ea7 Workaround for bdist_wheel.dist_info_dir problems (#4684)
• 9af0877 Type sequence checks in setuptools/dist.py (#4578)
• 0534fde Add news fragment
• 50b732a Check for more specific error message
• a663287 Add pragma for edge-case code path
• 96be735 Workaround for bdist_wheel.dist_info_dir problems
• 000a413 Deprecate public access to setuptools.dist.sequence
• 00995c1 Use variable msg instead of tmpl in setuptools/dist
• d457d0e Type sequence checks in setuptools/dist.py
• Additional commits viewable in compare view

Updates pydantic to 2.9.2

Release notes

Sourced from pydantic's releases.

v2.9.2 (2024-09-17)

What's Changed

Fixes

• Do not error when trying to evaluate annotations of private attributes by @​Viicos in #10358
• Adding notes on designing sound Callable discriminators by @​sydney-runkle in #10400
• Fix serialization schema generation when using PlainValidator by @​Viicos in #10427
• Fix Union serialization warnings by @​sydney-runkle in pydantic/pydantic-core#1449
• Fix variance issue in _IncEx type alias, only allow True by @​Viicos in #10414
• Fix ZoneInfo validation with various invalid types by @​sydney-runkle in #10408

Full Changelog: pydantic/pydantic@v2.9.1...v2.9.2

Changelog

Sourced from pydantic's changelog.

v2.9.2 (2024-09-17)

GitHub release

What's Changed

Fixes

• Do not error when trying to evaluate annotations of private attributes by @​Viicos in #10358
• Adding notes on designing sound Callable discriminators by @​sydney-runkle in #10400
• Fix serialization schema generation when using PlainValidator by @​Viicos in #10427
• Fix Union serialization warnings by @​sydney-runkle in pydantic/pydantic-core#1449
• Fix variance issue in _IncEx type alias, only allow True by @​Viicos in #10414
• Fix ZoneInfo validation with various invalid types by @​sydney-runkle in #10408

v2.9.1 (2024-09-09)

GitHub release

What's Changed

Fixes

• Fix Predicate issue in v2.9.0 by @​sydney-runkle in #10321
• Fixing annotated-types bound to >=0.6.0 by @​sydney-runkle in #10327
• Turn tzdata install requirement into optional timezone dependency by @​jakob-keller in #10331
• Fix IncExc type alias definition by @​Viicos in #10339
• Use correct types namespace when building namedtuple core schemas by @​Viicos in #10337
• Fix evaluation of stringified annotations during namespace inspection by @​Viicos in #10347
• Fix tagged union serialization with alias generators by @​sydney-runkle in pydantic/pydantic-core#1442

v2.9.0 (2024-09-05)

GitHub release

The code released in v2.9.0 is practically identical to that of v2.9.0b2.

What's Changed

Packaging

• Bump ruff to v0.5.0 and pyright to v1.1.369 by @​sydney-runkle in #9801
• Bump pydantic-extra-types to v2.9.0 by @​sydney-runkle in #9832
• Support compatibility with pdm v2.18.1 by @​Viicos in #10138
• Bump v1 version stub to v1.10.18 by @​sydney-runkle in #10214
• Bump pydantic-core to v2.23.2 by @​sydney-runkle in #10311

New Features

• Add support for ZoneInfo by @​Youssefares in #9896
• Add Config.val_json_bytes by @​josh-newman in #9770
• Add DSN for Snowflake by @​aditkumar72 in #10128

... (truncated)

Commits

• 7cedbfb history updates
• 7eab2b8 v bump
• c0a288f Fix ZoneInfo with various invalid types (#10408)
• ea6115d Fix variance issue in _IncEx type alias, only allow True (#10414)
• fbfe25a Fix serialization schema generation when using PlainValidator (#10427)
• 26cff3c Adding notes on designing callable discriminators (#10400)
• 8a0e7ad Do not error when trying to evaluate annotations of private attributes (#10358)
• ecc5275 bump
• 2c61bfd Fix evaluation of stringified annotations during namespace inspection (#10347)
• 3d364cb Use correct types namespace when building namedtuple core schemas (#10337)
• Additional commits viewable in compare view

Updates requests to 2.32.3

Release notes

Sourced from requests's releases.

v2.32.3

2.32.3 (2024-05-29)

Bugfixes

• Fixed bug breaking the ability to specify custom SSLContexts in sub-classes of HTTPAdapter. (#6716)
• Fixed issue where Requests started failing to run on Python versions compiled without the ssl module. (#6724)

Changelog

Sourced from requests's changelog.

2.32.3 (2024-05-29)

Bugfixes

• Fixed bug breaking the ability to specify custom SSLContexts in sub-classes of HTTPAdapter. (#6716)
• Fixed issue where Requests started failing to run on Python versions compiled without the ssl module. (#6724)

2.32.2 (2024-05-21)

Deprecations

• To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing custom HTTPAdapters will need to migrate their code to use this new API. get_connection is considered deprecated in all versions of Requests>=2.32.0.

  A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (#6710)

2.32.1 (2024-05-20)

Bugfixes

• Add missing test certs to the sdist distributed on PyPI.

2.32.0 (2024-05-20)

Security

• Fixed an issue where setting verify=False on the first request from a Session will cause subsequent requests to the same origin to also ignore cert verification, regardless of the value of verify. (GHSA-9wx4-h78v-vm56)

Improvements

• verify=True now reuses a global SSLContext which should improve request time variance between first and subsequent requests. It should also minimize certificate load time on Windows systems when using a Python version built with OpenSSL 3.x. (#6667)
• Requests now supports optional use of character detection (chardet or charset_normalizer) when repackaged or vendored. This enables pip and other projects to minimize their vendoring surface area. The Response.text() and apparent_encoding APIs will default to utf-8 if neither library is present. (#6702)

... (truncated)

Commits

• 0e322af v2.32.3
• e188799 Don't create default SSLContext if ssl module isn't present (#6724)
• 145b539 Merge pull request #6716 from sigmavirus24/bug/6715
• b1d73dd Don't use default SSLContext with custom poolmanager kwargs
• 6badbac Update HISTORY.md
• a62a2d3 Allow for overriding of specific pool key params
• 88dce9d v2.32.2
• c98e4d1 Merge pull request #6710 from nateprewitt/api_rename
• 92075b3 Add deprecation warning
• aa1461b Move _get_connection to get_connection_with_tls_context
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.