Bump the production-updates group across 1 directory with 4 updates

[dependabot]

Bumps the production-updates group with 4 updates in the / directory: boto3, tqdm, setuptools and werkzeug.

Updates boto3 from 1.35.49 to 1.35.57

Commits

• be729ae Merge branch 'release-1.35.57'
• 3dbc942 Bumping version to 1.35.57
• bdfdd00 Add changelog entries from botocore
• 7376423 Merge branch 'release-1.35.56'
• 9b22d5a Merge branch 'release-1.35.56' into develop
• aa17d21 Bumping version to 1.35.56
• 7d746c6 Add changelog entries from botocore
• a48a256 Merge branch 'release-1.35.55'
• 90f444e Merge branch 'release-1.35.55' into develop
• 66576f6 Bumping version to 1.35.55
• Additional commits viewable in compare view

Updates tqdm from 4.66.5 to 4.67.0

Release notes

Sourced from tqdm's releases.

tqdm v4.67.0 stable

• contrib.discord: replace disco-py with requests (#1536)

tqdm v4.66.6 stable

• cli: zip-safe --manpath, --comppath (#1627)
• misc framework updates (#1627)
  • fix pytest DeprecationWarning
  • fix snapcraft build
  • fix nbval DeprecationWarning
  • update & tidy workflows
  • bump pre-commit
  • docs: update URLs

Commits

• 35a6ee9 bump version, merge pull request #1536 from guigoruiz1
• 8aa9470 add discord requests dep
• 1db24b4 better user-agent
• 61365d8 handle rate limit
• 6708400 use requests.Session
• f1129e7 restore original docs, misc linting
• 03b90e4 Using correct user agent
• b78efea Using REST API directly
• 5b84012 bump version, merge pull request #1627 from tqdm/devel
• 0a439b5 tests: fix nbval DeprecationWarning
• Additional commits viewable in compare view

Updates setuptools from 75.2.0 to 75.3.0

Changelog

Sourced from setuptools's changelog.

v75.3.0

Features

• Allowed using dict as an ordered type in setuptools.dist.check_requirements -- by :user:Avasam (#4575)

Bugfixes

• Ensured methods in setuptools.modified preferably raise a consistent distutils.errors.DistutilsError type (except in the deprecated use case of SETUPTOOLS_USE_DISTUTILS=stdlib) -- by :user:Avasam (#4567)
• Fix the ABI tag when building a wheel using the debug build of Python 3.13 on Windows. Previously, the ABI tag was missing the "d" flag. (#4674)
• Fix clashes for optional-dependencies in pyproject.toml and extra_requires in setup.cfg/setup.py. As per PEP 621, optional-dependencies have to be honoured and dynamic behaviour is not allowed. (#4696)

Misc

• #4560

Commits

• d8da7df Bump version: 75.2.0 → 75.3.0
• a21c7fa Fix grammar in news fragment
• a9a79e7 Fix wheel ABI tag for debug Python 3.13 on Windows (#4676)
• 0bc3248 Merge simple type annotations from typeshed (#4504)
• 1155ca8 Fix wheel ABI tag for debug Python 3.13 on Windows
• 1ca55c9 Workaround for clash between ruff in pre-commit hook and pytest-ruff (#...
• c498d16 Satisfy ruff linter - automatic fix
• 1f92af5 Sync pre-commit-hook with version of ruff that gets automatically pulled in t...
• a39336b Ruff: enable all pyflakes and perf rules (#4556)
• e5f16a2 bump jaraco.test to py.typed version 5.5 in test extra (#4651)
• Additional commits viewable in compare view

Updates werkzeug from 3.0.6 to 3.1.3

Release notes

Sourced from werkzeug's releases.

3.1.3

This is the Werkzeug 3.1.3 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes vs 3.1.0.

PyPI: https://pypi.org/project/Werkzeug/3.1.3/ Changes: https://werkzeug.palletsprojects.com/en/stable/changes/#version-3-1-3 Milestone: https://github.com/pallets/werkzeug/milestone/41?closed=1

• Initial data passed to MultiDict and similar interfaces only accepts list, tuple, or set when passing multiple values. It had been changed to accept any Collection, but this matched types that should be treated as single values, such as bytes. #2994
• When the Host header is not set and Request.host falls back to the WSGI SERVER_NAME value, if that value is an IPv6 address it is wrapped in [] to match the Host header. #2993

3.1.2

This is the Werkzeug 3.1.2 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes vs 3.1.0.

PyPI: https://pypi.org/project/Werkzeug/3.1.2/ Changes: https://werkzeug.palletsprojects.com/en/stable/changes/#version-3-1-2 Milestone: https://github.com/pallets/werkzeug/milestone/40?closed=1

• Improve type annotation for TypeConversionDict.get to allow the type parameter to be a callable. #2988
• Headers does not inherit from MutableMapping, as it is does not exactly match that interface. #2989

3.1.1

This is the Werkzeug 3.1.1 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes vs 3.1.0.

PyPI: https://pypi.org/project/Werkzeug/3.1.1/ Changes: https://werkzeug.palletsprojects.com/en/stable/changes/#version-3-1-1 Milestone: https://github.com/pallets/werkzeug/milestone/38?closed=1

• Fix an issue that caused str(Request.headers) to always appear empty. #2985

3.1.0

This is the Werkzeug 3.1.0 feature release. A feature release may include new features, remove previously deprecated code, add new deprecations, or introduce potentially breaking changes. We encourage everyone to upgrade, and to use a tool such as pip-tools to pin all dependencies and control upgrades. Test with warnings treated as errors to be able to adapt to deprecation warnings early.

PyPI: https://pypi.org/project/Werkzeug/3.1.0/ Changes: https://werkzeug.palletsprojects.com/en/stable/changes/#version-3-1-0 Milestone: https://github.com/pallets/werkzeug/milestone/34?closed=1

• Drop support for Python 3.8. #2966
• Remove previously deprecated code. #2967
• Request.max_form_memory_size defaults to 500kB instead of unlimited. Non-file form fields over this size will cause a RequestEntityTooLarge error. #2964
• OrderedMultiDict and ImmutableOrderedMultiDict are deprecated. Use MultiDict and ImmutableMultiDict instead. #2968
• Behavior of properties on request.cache_control and response.cache_control has been significantly adjusted.
  • Dict values are always str | None. Setting properties will convert the value to a string. Setting a property to False is equivalent to setting it to None. Getting typed properties will return None if conversion raises ValueError, rather than the string. #2980
  • max_age is None if present without a value, rather than -1. #2980
  • no_cache is a boolean for requests, it is True instead of "*" when present. It remains a string for responses. #2980
  • max_stale is True if present without a value, rather than "*". #2980
  • no_transform is a boolean. Previously it was mistakenly always None. #2881
  • min_fresh is None if present without a value, rather than "*". #2881
  • private is True if present without a value, rather than "*". #2980
  • Added the must_understand property. #2881
  • Added the stale_while_revalidate, and stale_if_error properties. #2948

... (truncated)

Changelog

Sourced from werkzeug's changelog.

Version 3.1.3

Released 2024-11-08

• Initial data passed to MultiDict and similar interfaces only accepts list, tuple, or set when passing multiple values. It had been changed to accept any Collection, but this matched types that should be treated as single values, such as bytes. :issue:2994
• When the Host header is not set and Request.host falls back to the WSGI SERVER_NAME value, if that value is an IPv6 address it is wrapped in [] to match the Host header. :issue:2993

Version 3.1.2

Released 2024-11-04

• Improve type annotation for TypeConversionDict.get to allow the type parameter to be a callable. :issue:2988
• Headers does not inherit from MutableMapping, as it is does not exactly match that interface. :issue:2989

Version 3.1.1

Released 2024-11-01

• Fix an issue that caused str(Request.headers) to always appear empty. :issue:2985

Version 3.1.0

Released 2024-10-31

• Drop support for Python 3.8. :pr:2966

• Remove previously deprecated code. :pr:2967

• Request.max_form_memory_size defaults to 500kB instead of unlimited. Non-file form fields over this size will cause a RequestEntityTooLarge error. :issue:2964

• OrderedMultiDict and ImmutableOrderedMultiDict are deprecated. Use MultiDict and ImmutableMultiDict instead. :issue:2968

• Behavior of properties on request.cache_control and response.cache_control has been significantly adjusted.

  • Dict values are always str | None. Setting properties will convert

... (truncated)

Commits

• 6389612 release version 3.1.3
• ba15683 wrap IPv6 SERVER_NAME in [] (#2997)
• d99f72d wrap IPv6 SERVER_NAME in []
• ea93b54 restrict containers accepted by multi (#2995)
• 598bb1d restrict containers accepted by multi
• 1a1728e start version 3.1.3
• 4fd7073 release version 3.1.2 (#2992)
• 4764684 release version 3.1.2
• 1803db6 Headers is not MutableMapping (#2991)
• ac87bf8 Headers is not MutableMapping
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.