Bump the all-dependencies group with 11 updates

[dependabot]

Bumps the all-dependencies group with 11 updates:

Package	From	To
uvicorn	0.25.0	0.26.0
flask	3.0.0	3.0.1
pydantic	1.10.13	1.10.14
sanic	23.12.0	23.12.1
ddtrace	2.4.0	2.5.0
markupsafe	2.1.3	2.1.4
sentry-sdk	1.39.1	1.39.2
types-aiofiles	23.2.0.0	23.2.0.20240106
types-python-dateutil	2.8.19.14	2.8.19.20240106
botocore	1.34.13	1.34.23
types-protobuf	4.24.0.4	4.24.0.20240106

Updates uvicorn from 0.25.0 to 0.26.0

Release notes

Sourced from uvicorn's releases.

Version 0.26.0

Changed

• Update --root-path to include the root path prefix in the full ASGI path as per the ASGI spec (#2213) 16/01/24
• Use __future__.annotations on some internal modules (#2199) 16/01/24

---

Full Changelog: encode/uvicorn@0.25.0...0.26.0

Changelog

Sourced from uvicorn's changelog.

0.26.0 - 2024-01-16

Changed

• Update --root-path to include the root path prefix in the full ASGI path as per the ASGI spec (#2213) 16/01/24
• Use __future__.annotations on some internal modules (#2199) 16/01/24

Commits

• 99fafb3 Version 0.26.0 (#2216)
• 4af46c9 ♻️ Update root_path handling (from --root-path CLI option) to include the...
• ebcd996 Group dependencies on dependabot updates (#2212)
• 3dd0d44 Bump pytest from 7.4.3 to 7.4.4 (#2206)
• fc1de01 Bump mkdocs from 1.5.2 to 1.5.3 (#2202)
• 274d9af Bump pytest-mock from 3.11.1 to 3.12.0 (#2205)
• 1cce88d Bump httpx from 0.25.2 to 0.26.0 (#2203)
• 5515893 Bump actions/setup-python from 4 to 5 (#2207)
• 56aa152 Allow test suite to run without httptools installed (#2198)
• 32fa92f Use future.annotations (#2199)
• Additional commits viewable in compare view

Updates flask from 3.0.0 to 3.0.1

Release notes

Sourced from flask's releases.

3.0.1

This is a fix release for the 3.0.x feature release branch.

Fixes an issue where using other JSON providers, such as flask-orjson, previously caused loaded session data to have an incorrect format in some cases.

• Changes: https://flask.palletsprojects.com/en/3.0.x/changes/#version-3-0-1
• Milestone: https://github.com/pallets/flask/milestone/32?closed=1
• PyPI: https://pypi.org/project/Flask/3.0.1/

Changelog

Sourced from flask's changelog.

Version 3.0.1

Released 2024-01-18

• Correct type for path argument to send_file. :issue:5230
• Fix a typo in an error message for the flask run --key option. :pr:5344
• Session data is untagged without relying on the built-in json.loads object_hook. This allows other JSON providers that don't implement that. :issue:5381
• Address more type findings when using mypy strict mode. :pr:5383

Commits

• f622b1c release version 3.0.1
• 5fcc999 fix create release action
• da3a0dd fix slsa generator version
• 5e059be update actions versions
• bae6ee8 address mypy strict findings (#5383)
• 81b3c85 update requirements
• 08d3185 update pre-commit hooks
• 6000e80 address mypy strict findings
• 5a48a0f untag without object_hook (#5382)
• 700fc7d untag without object_hook
• Additional commits viewable in compare view

Updates pydantic from 1.10.13 to 1.10.14

Release notes

Sourced from pydantic's releases.

v1.10.14 2024-01-19

What's Changed

• Update install.md by @​dmontagu in pydantic/pydantic#7690
• Fix ci to only deploy docs on release by @​sydney-runkle in pydantic/pydantic#7740
• Ubuntu fixes for V1 by @​sydney-runkle in pydantic/pydantic#8540 and pydantic/pydantic#8587
• Fix cached_property handling in dataclasses when copied by @​rdbisme in pydantic/pydantic#8407

New Contributors

• @​rdbisme made their first contribution in pydantic/pydantic#8407

Full Changelog: pydantic/pydantic@v1.10.13...v1.10.14

Changelog

Sourced from pydantic's changelog.

v1.10.14 (2024-01-19)

• Update install.md by @​dmontagu in pydantic/pydantic#7690
• Fixes ci to only deploy docs on release by @​sydney-runkle in pydantic/pydantic#7740
• Ubuntu fixes for V1 by @​sydney-runkle in pydantic/pydantic#8540 and pydantic/pydantic#8587
• Fix cached_property handling in dataclasses when copied by @​rdbisme in pydantic/pydantic#8407

Commits

• 3ddb509 Prep for 1.10.14 release (#8588)
• c6fc582 Minor tweak to V1 docs url fix (#8587)
• f0766c0 Fix cached_property handling in dataclasses when copied in V1(#8407)
• 4e290ab Ubuntu fixes for V1 (#8540)
• 2e939dc Update v1 fixes ci to only deploy docs on release (#7740)
• ae53c9d Update install.md (#7690)
• See full diff in compare view

Updates sanic from 23.12.0 to 23.12.1

Release notes

Sourced from sanic's releases.

Version 23.12.1

What's Changed

• Fix broken multiplexer manage by @​ahopkins in sanic-org/sanic#2895
• Do not strip entity-headers with HTTP status 304 or 412 by @​Tronic in sanic-org/sanic#2824

Full Changelog: sanic-org/sanic@v23.12.0...v23.12.1

Commits

• cf71fc7 Do not strip entity-headers with HTTP status 304 or 412 (#2824)
• 57d44f2 Merge conflict
• 2ea65c2 Update sanic-routing
• 599f746 Fix broken multiplexer manage (#2895)
• 3d85a1c Add release notes
• 54813d2 Cleanup 23.6 docs
• 2292005 old docs notice
• 90e4c90 Make pretty
• 599536e Set version
• 5127500 Release 23.12
• Additional commits viewable in compare view

Updates ddtrace from 2.4.0 to 2.5.0

Release notes

Sourced from ddtrace's releases.

2.5.0

New Features

• aiohttp: add split_by_domain config to split service name by domain
• CI Visibility: Adds code coverage lines covered tag for pytest and unittest.
• aiohttp: Adds http.route tag to aiohttp.request spans.
• bottle: Adds http.route tag to bottle.request spans.
• falcon: Adds http.route tag to falcon.request spans.
• molten: Adds http.route tag to molten.request spans.
• Adds distributed tracing for confluent-kafka integration. Distributed tracing connects Kafka consumer spans with Kafka producer spans within the same trace if a message is valid. To enable distributed tracing, set the configuration: DD_KAFKA_DISTRIBUTED_TRACING_ENABLED=True for both the consumer and producer service.
• ASM: This introduces (experimental) api security support for fastAPI. Flask and Django were already supported in 2.4.0. Support schema computation on all addresses (requests and responses) and scanner support for pii, credentials and payment data.
• CI Visibility: introduces a CI visibility-specific logger (enabled for the pytest plugin), enabled by setting the DD_CIVISIBILITY_LOG_LEVEL environment variable (with the same level names as Python logging levels).
• CI Visibility: allows for waiting for the git metadata upload to complete before deciding whether or not to enable coverage (based on API response).
• Further lazy loads telemetry_writer so that it is not running when explicitly disabled. Users must explicitly set "DD_INSTRUMENTATION_TELEMETRY_ENABLED=false".
• tracer: Add support for remotely configuring trace tags.

Bug Fixes

• loguru: Ensures log correlation is enabled when the root logger is initialized. Previously, log correlation was only enabled when a new sink was added.

• Fix compatibility with other tools that try to infer the type of a Python object at runtime.

• tracing: Fixes a bug that prevents span links from being visualized in the Datadog UI.

• tracing: Resolves span encoding errors raised when span links do not contain expected types

• ASM: This fix resolves an issue where custom event boolean properties were not reported as true and false like other tracers but as True and False.

• Vulnerability Management for Code-level (IAST): Ensure that Cookies vulnerabilities report only the cookie name.

• langchain: This fix resolves an get_openai_token_cost_for_model import error in langhcain version 0.0.351 or later.

• ASM: This fix resolves an issue where IAST could cause circular dependency at startup.

• tracing: Ensures all fields in ddtrace.context.Context are picklable.

• pytest: This fix resolves an issue where the --no-cov flag did not take precedence over the --cov flag when deciding whether to report code coverage on spans.

• rq: Fixed a bug where the RQ integration would emit a warning when setting job.status span tag.

• IAST: Don't split AST Assign nodes since it's not needed for propagation to work.

• Fix an issue that caused an exception to be raised when trying to access resource files via pkg_resources.

• Fix for an import issue that caused the pytest plugin to fail to properly initialize a test session and exit with an import exception.

• opentelemetry: Ensures that span links are serialized in a json-compatible representation.

• otel: Ensures all otel sampling decisions are consistent with Datadog Spans. This prevents otel spans in a distrbuted trace from being sampled differently than Datadog spans in the same trace.

• tracing: Fix an issue where remote configuration values would not be reverted when unset in the UI.

• openai: This fix resolves an issue where an internal OpenAI method SyncAPIClient._process_response
  was not being patched correctly and led to to an AttributeError while patching.

• tracing: Ensures span links are serialized with the expected traceflag when DD_TRACE_API_VERSION=v0.4

2.5.0rc2

New Features

• aiohttp: add split_by_domain config to split service name by domain
• CI Visibility: Adds code coverage lines covered tag for pytest and unittest.
• aiohttp: Adds http.route tag to aiohttp.request spans.
• bottle: Adds http.route tag to bottle.request spans.
• falcon: Adds http.route tag to falcon.request spans.
• molten: Adds http.route tag to molten.request spans.

... (truncated)

Commits

• 2901112 fix(span_links): set highest order bit in traceflag encoding [backport 2.5] (...
• ea1187a fix(openai): add version gate to patch _process_response [backport 2.5] (#8148)
• c4184e8 fix(tracing): enable settings to be unset (#8126) [backport 2.5] (#8142)
• 4f77b89 fix(otel): ensure booleans have json compatible representation [backport 2.5]...
• 1a9f1ce fix(otel): support tag flattening [AIT-9352] [backport 2.5] (#8093)
• 2e77b53 fix(internal): support for pkg_resources [backport 2.5] (#8121)
• 822e0b4 ci: skip some test_stack.py tests on 3.12 [backport 2.5] (#8085)
• 0e31149 fix: avoid changing the AST assign node since it's not needed for propagation...
• 08140f9 fix(ci): pin versions of sphinx dependencies to unlock ci [backport 2.5] (#8107)
• ce1cbf4 fix(internal): support for namespace packages [backport 2.5] (#8087)
• Additional commits viewable in compare view

Updates markupsafe from 2.1.3 to 2.1.4

Release notes

Sourced from markupsafe's releases.

2.1.4

This is a fix release for the 2.1.x feature release branch. It fixes bugs but does not otherwise change behavior and should not result in breaking changes.

• Improves performance of the Markup.striptags method for large input.

• Changes: https://markupsafe.palletsprojects.com/en/2.1.x/changes/#version-2-1-4

• Milestone: https://github.com/pallets/markupsafe/milestone/11?closed=1

• PyPI: https://pypi.org/project/MarkupSafe/2.1.4/

Changelog

Sourced from markupsafe's changelog.

Version 2.1.4

Released 2024-01-19

• Don't use regular expressions for striptags, avoiding a performance issue. :pr:413

Commits

• b7cd652 release version 2.1.4
• 3bead8e update cibuildwheel for 3.12 wheels
• a24df39 improve striptags performance (#413)
• 750e22b improve striptags performance
• 4c397ef start version 2.1.4
• bc0cb5c [pre-commit.ci] pre-commit autoupdate (#387)
• 35ab8a0 [pre-commit.ci] pre-commit autoupdate
• f5a40c7 [pre-commit.ci] pre-commit autoupdate (#386)
• 8dd8dac [pre-commit.ci] pre-commit autoupdate
• e2fd390 update dependencies
• Additional commits viewable in compare view

Updates sentry-sdk from 1.39.1 to 1.39.2

Release notes

Sourced from sentry-sdk's releases.

1.39.2

Various fixes & improvements

• Fix timestamp in transaction created by OTel (#2627) by @​antonpirker
• Fix relative path in DB query source (#2624) by @​antonpirker
• Run more CI checks on 2.0 branch (#2625) by @​sentrivana
• Fix tracing TypeError for static and class methods (#2559) by @​szokeasaurusrex
• Fix missing ctx in Arq integration (#2600) by @​ivanovart
• Change data_category from check_in to monitor (#2598) by @​sentrivana

Changelog

Sourced from sentry-sdk's changelog.

1.39.2

Various fixes & improvements

• Fix timestamp in transaction created by OTel (#2627) by @​antonpirker
• Fix relative path in DB query source (#2624) by @​antonpirker
• Run more CI checks on 2.0 branch (#2625) by @​sentrivana
• Fix tracing TypeError for static and class methods (#2559) by @​szokeasaurusrex
• Fix missing ctx in Arq integration (#2600) by @​ivanovart
• Change data_category from check_in to monitor (#2598) by @​sentrivana

Commits

• b244efc Update CHANGELOG.md
• 5a2d813 release: 1.39.2
• b74ea08 Fix timestamp in transaction created by OTel (#2627)
• b873c38 Fix relative path in db query source (#2624)
• 6f41823 Run more CI checks on 2.0 branch (#2625)
• 8bd2f46 fix(api): Fix tracing TypeError for static and class methods (#2559)
• 6470063 Arq integration ctx (#2600)
• 248cb06 fix(crons): Change data_category from check_in to monitor (#2598)
• 658c6c9 Merge branch 'release/1.39.1'
• See full diff in compare view

Updates types-aiofiles from 23.2.0.0 to 23.2.0.20240106

Commits

• See full diff in compare view

Updates types-python-dateutil from 2.8.19.14 to 2.8.19.20240106

Commits

• See full diff in compare view

Updates botocore from 1.34.13 to 1.34.23

Changelog

Sourced from botocore's changelog.

1.34.23

• api-change:athena: Introducing new NotebookS3LocationUri parameter to Athena ImportNotebook API. Payload is no longer required and either Payload or NotebookS3LocationUri needs to be provided (not both) for a successful ImportNotebook API call. If both are provided, an InvalidRequestException will be thrown.
• api-change:codebuild: Release CodeBuild Reserved Capacity feature
• api-change:dynamodb: This release adds support for including ApproximateCreationDateTimePrecision configurations in EnableKinesisStreamingDestination API, adds the same as an optional field in the response of DescribeKinesisStreamingDestination, and adds support for a new UpdateKinesisStreamingDestination API.
• api-change:qconnect: Increased Quick Response name max length to 100

1.34.22

• api-change:b2bi: Increasing TestMapping inputFileContent file size limit to 5MB and adding file size limit 250KB for TestParsing input file. This release also includes exposing InternalServerException for Tag APIs.
• api-change:cloudtrail: This release adds a new API ListInsightsMetricData to retrieve metric data from CloudTrail Insights.
• api-change:connect: GetMetricDataV2 now supports 3 groupings
• api-change:drs: Removed invalid and unnecessary default values.
• api-change:firehose: Allow support for Snowflake as a Kinesis Data Firehose delivery destination.
• api-change:sagemaker-featurestore-runtime: Increase BatchGetRecord limits from 10 items to 100 items

1.34.21

• api-change:dynamodb: Updating note for enabling streams for UpdateTable.
• api-change:keyspaces: This release adds support for Multi-Region Replication with provisioned tables, and Keyspaces auto scaling APIs

1.34.20

• api-change:iot: Revert release of LogTargetTypes
• api-change:iotfleetwise: Updated APIs: SignalNodeType query parameter has been added to ListSignalCatalogNodesRequest and ListVehiclesResponse has been extended with attributes field.
• api-change:macie2: This release adds support for analyzing Amazon S3 objects that are encrypted using dual-layer server-side encryption with AWS KMS keys (DSSE-KMS). It also adds support for reporting DSSE-KMS details in statistics and metadata about encryption settings for S3 buckets and objects.
• api-change:payment-cryptography: Provide an additional option for key exchange using RSA wrap/unwrap in addition to tr-34/tr-31 in ImportKey and ExportKey operations. Added new key usage (type) TR31_M1_ISO_9797_1_MAC_KEY, for use with Generate/VerifyMac dataplane operations with ISO9797 Algorithm 1 MAC calculations.
• api-change:personalize-runtime: Documentation updates for Amazon Personalize
• api-change:personalize: Documentation updates for Amazon Personalize.
• api-change:rekognition: This release adds ContentType and TaxonomyLevel attributes to DetectModerationLabels and GetMediaAnalysisJob API responses.
• api-change:securityhub: Documentation updates for AWS Security Hub

1.34.19

• api-change:sagemaker: This release will have ValidationException thrown if certain invalid app types are provided. The release will also throw ValidationException if more than 10 account ids are provided in VpcOnlyTrustedAccounts.

1.34.18

• api-change:connect: Supervisor Barge for Chat is now supported through the MonitorContact API.

... (truncated)

Commits

• 63e7153 Merge branch 'release-1.34.23'
• b52f2e5 Bumping version to 1.34.23
• 357b9ee Update to latest partitions and endpoints
• 439c5d5 Update to latest models
• 0995e25 Merge branch 'release-1.34.22'
• 3489672 Merge branch 'release-1.34.22' into develop
• c8a53f7 Bumping version to 1.34.22
• 2007f19 Update to latest partitions and endpoints
• 97aa212 Update to latest models
• b738b70 Merge branch 'release-1.34.21'
• Additional commits viewable in compare view

Updates types-protobuf from 4.24.0.4 to 4.24.0.20240106

Commits

• See full diff in compare view

Most Recent Ignore Conditions Applied to This Pull Request

Dependency Name	Ignore Conditions
ddtrace	[< 1.5, > 1.4.1]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[codecov]

Codecov Report

Merging #3353 (64a7f53) into main (c26bb05) will decrease coverage by 0.31%.
The diff coverage is n/a.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #3353      +/-   ##
==========================================
- Coverage   96.62%   96.32%   -0.31%     
==========================================
  Files         485      484       -1     
  Lines       30292    30272      -20     
  Branches     3746     3742       -4     
==========================================
- Hits        29270    29158     -112     
- Misses        833      903      +70     
- Partials      189      211      +22     

[codspeed-hq]

CodSpeed Performance Report

Merging #3353 will degrade performances by 27.63%

_{Comparing dependabot/pip/all-dependencies-4acbb40ab5 (64a7f53) with main (c26bb05)}

Summary

❌ 1 regressions
✅ 12 untouched benchmarks

⚠️ Please fix the performance issues or acknowledge them on CodSpeed.

Benchmarks breakdown

	Benchmark	main	dependabot/pip/all-dependencies-4acbb40ab5	Change
❌	test_execute_basic	10 ms	13.9 ms	-27.63%

[patrick91]

@dependabot recreate

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.