Bump the uv group across 15 directories with 11 updates

[dependabot]

Bumps the uv group with 2 updates in the / directory: idna and paramiko.
Bumps the uv group with 7 updates in the /backend directory:

Package	From	To
pytest	8.3.3	9.0.3
banks	2.4.1	2.4.2
idna	3.11	3.15
nltk	3.9.3	3.9.4
paramiko	4.0.0	5.0.0
pillow	12.1.1	12.2.0
ujson	5.11.0	5.12.1

Bumps the uv group with 8 updates in the /platform-service directory:

Package	From	To
pytest	8.3.3	9.0.3
urllib3	2.5.0	2.7.0
authlib	1.6.4	1.6.12
banks	2.2.0	2.4.2
idna	3.10	3.15
nltk	3.9.1	3.9.4
pillow	11.3.0	12.2.0
ujson	5.11.0	5.12.1

Bumps the uv group with 8 updates in the /prompt-service directory:

Package	From	To
pytest	8.3.3	9.0.3
urllib3	2.5.0	2.7.0
authlib	1.6.4	1.6.12
banks	2.2.0	2.4.2
idna	3.10	3.15
nltk	3.9.1	3.9.4
pillow	11.3.0	12.2.0
ujson	5.11.0	5.12.1

Bumps the uv group with 4 updates in the /runner directory: pytest, python-dotenv, urllib3 and idna.
Bumps the uv group with 3 updates in the /tool-sidecar directory: python-dotenv, urllib3 and idna.
Bumps the uv group with 8 updates in the /unstract/connectors directory:

Package	From	To
pytest	9.0.2	9.0.3
authlib	1.6.6	1.6.12
banks	2.3.0	2.4.2
idna	3.10	3.15
nltk	3.9.2	3.9.4
paramiko	3.5.1	5.0.0
pillow	12.1.0	12.2.0
ujson	5.11.0	5.12.1

Bumps the uv group with 2 updates in the /unstract/core directory: urllib3 and idna.
Bumps the uv group with 8 updates in the /unstract/filesystem directory:

Package	From	To
pytest	8.3.3	9.0.3
urllib3	2.3.0	2.7.0
authlib	1.3.1	1.6.12
banks	2.2.0	2.4.2
idna	3.10	3.15
nltk	3.9.1	3.9.4
pillow	11.1.0	12.2.0
ujson	5.10.0	5.12.1

Bumps the uv group with 8 updates in the /unstract/sdk1 directory:

Package	From	To
pytest	8.3.3	9.0.3
urllib3	2.5.0	2.7.0
authlib	1.6.4	1.6.12
banks	2.2.0	2.4.2
idna	3.10	3.15
nltk	3.9.1	3.9.4
pillow	11.3.0	12.2.0
ujson	5.11.0	5.12.1

Bumps the uv group with 8 updates in the /unstract/tool-registry directory:

Package	From	To
pytest	8.3.3	9.0.3
urllib3	2.3.0	2.7.0
authlib	1.3.1	1.6.12
banks	2.2.0	2.4.2
idna	3.10	3.15
nltk	3.9.1	3.9.4
pillow	11.1.0	12.2.0
ujson	5.10.0	5.12.1

Bumps the uv group with 2 updates in the /unstract/tool-sandbox directory: urllib3 and idna.
Bumps the uv group with 5 updates in the /unstract/workflow-execution directory:

Package	From	To
urllib3	2.3.0	2.7.0
banks	2.4.1	2.4.2
idna	3.10	3.15
nltk	3.9.1	3.9.4
pillow	11.1.0	12.2.0

Bumps the uv group with 8 updates in the /workers directory:

Package	From	To
pytest	8.3.3	9.0.3
authlib	1.6.9	1.6.12
banks	2.4.1	2.4.2
idna	3.11	3.15
nltk	3.9.3	3.9.4
paramiko	4.0.0	5.0.0
pillow	12.1.1	12.2.0
ujson	5.11.0	5.12.1

Bumps the uv group with 3 updates in the /x2text-service directory: python-dotenv, urllib3 and idna.

Updates idna from 3.13 to 3.15

Changelog

Sourced from idna's changelog.

3.15 (2026-05-12)

• Enforce DNS-length cap on individual labels early in check_label, short-circuiting contextual-rule processing for oversized input while staying compatible with UTS 46 usage.
• Tidy core helpers: hoist bidi category sets to module-level frozensets (avoiding per-codepoint list construction), simplify length checks, and reuse the shared _unicode_dots_re from idna.core in the codec module.
• Use raise ... from err for proper exception chaining and switch internal string formatting to f-strings.
• Allow flit_core 4.x in the build backend.
• Expand the ruff lint set (flake8-bugbear, flake8-simplify, pyupgrade, perflint) and apply the surfaced fixes; pin lint CI to Python 3.14.
• Add Dependabot configuration for GitHub Actions.
• Convert README and HISTORY from reStructuredText to Markdown.
• Reference CVE-2026-45409 for the 3.14 advisory in place of the initial GHSA identifier.

Thanks to Felix Yan, Stan Ulbrych, and metsw24-max for contributions to this release.

3.14 (2026-05-10)

• Removed opportunity to process long inputs into quadratic time by rejecting oversize inputs up-front. Closes a bypass of the CVE-2024-3651 mitigation. [CVE-2026-45409]

Thanks to Stan Ulbrych for reporting the issue.

Commits

• af30a09 Release 3.15
• 30314d4 Pre-release 3.15rc0
• 05d4b21 Merge pull request #237 from kjd/convert-docs-to-markdown
• 2987fdb Convert README and HISTORY from reStructuredText to Markdown
• 59fa800 Merge pull request #236 from kjd/dependabot/github_actions/actions-f3e34333ea
• def6983 Merge branch 'master' into dependabot/github_actions/actions-f3e34333ea
• bbd8004 Merge pull request #234 from StanFromIreland/patch-1
• edd07c0 Bump github/codeql-action from 3.35.2 to 4.35.2 in the actions group
• 5557db0 Merge branch 'master' into patch-1
• f11746c Merge pull request #235 from StanFromIreland/patch-2
• Additional commits viewable in compare view

Updates paramiko from 4.0.0 to 5.0.0

Commits

• 710cc5c What's a few weeks between friends?
• ea93c59 Fix up Ed25519Key so it has non-erroring repr() during fatal errors
• 5b90ef9 ruff/isort
• f3864b6 Changelog fixes
• acd4bc1 Replace hardcoded PEM format in PKey.write* with new parameter
• 6fa1556 Bump group-exchange kex min_bits to 2048
• eb87ad3 Fix some tests that were incorrectly passing
• 1ecc933 Remove GSSAPI support :(
• 9bf5fca Remove SHA1-based (non-GSS) kex methods
• b8f75c7 Lintin' ain't easy
• Additional commits viewable in compare view

Updates pytest from 8.3.3 to 9.0.3

Release notes

Sourced from pytest's releases.

9.0.3

pytest 9.0.3 (2026-04-07)

Bug fixes

• #12444: Fixed pytest.approx which now correctly takes into account ~collections.abc.Mapping keys order to compare them.

• #13634: Blocking a conftest.py file using the -p no: option is now explicitly disallowed.

  Previously this resulted in an internal assertion failure during plugin loading.

  Pytest now raises a clear UsageError explaining that conftest files are not plugins and cannot be disabled via -p.

• #13734: Fixed crash when a test raises an exceptiongroup with __tracebackhide__ = True.

• #14195: Fixed an issue where non-string messages passed to unittest.TestCase.subTest() were not printed.

• #14343: Fixed use of insecure temporary directory (CVE-2025-71176).

Improved documentation

• #13388: Clarified documentation for -p vs PYTEST_PLUGINS plugin loading and fixed an incorrect -p example.
• #13731: Clarified that capture fixtures (e.g. capsys and capfd) take precedence over the -s / --capture=no command-line options in Accessing captured output from a test function <accessing-captured-output>.
• #14088: Clarified that the default pytest_collection hook sets session.items before it calls pytest_collection_finish, not after.
• #14255: TOML integer log levels must be quoted: Updating reference documentation.

Contributor-facing changes

• #12689: The test reports are now published to Codecov from GitHub Actions. The test statistics is visible on the web interface.

  -- by aleguy02

9.0.2

pytest 9.0.2 (2025-12-06)

Bug fixes

• #13896: The terminal progress feature added in pytest 9.0.0 has been disabled by default, except on Windows, due to compatibility issues with some terminal emulators.

  You may enable it again by passing -p terminalprogress. We may enable it by default again once compatibility improves in the future.

  Additionally, when the environment variable TERM is dumb, the escape codes are no longer emitted, even if the plugin is enabled.

• #13904: Fixed the TOML type of the tmp_path_retention_count settings in the API reference from number to string.

• #13946: The private config.inicfg attribute was changed in a breaking manner in pytest 9.0.0. Due to its usage in the ecosystem, it is now restored to working order using a compatibility shim. It will be deprecated in pytest 9.1 and removed in pytest 10.

... (truncated)

Commits

• a7d58d7 Prepare release version 9.0.3
• 089d981 Merge pull request #14366 from bluetech/revert-14193-backport
• 8127eaf Revert "Fix: assertrepr_compare respects dict insertion order (#14050) (#14193)"
• 99a7e60 Merge pull request #14363 from pytest-dev/patchback/backports/9.0.x/95d8423bd...
• ddee02a Merge pull request #14343 from bluetech/cve-2025-71176-simple
• 74eac69 doc: Update training info (#14298) (#14301)
• f92dee7 Merge pull request #14267 from pytest-dev/patchback/backports/9.0.x/d6fa26c62...
• 7ee58ac Merge pull request #12378 from Pierre-Sassoulas/fix-implicit-str-concat-and-d...
• 37da870 Merge pull request #14259 from mitre88/patch-4 (#14268)
• c34bfa3 Add explanation for string context diffs (#14257) (#14266)
• Additional commits viewable in compare view

Updates banks from 2.4.1 to 2.4.2

Release notes

Sourced from banks's releases.

v2.4.2

What's Changed

• fix: prevent SSTI by switching to SandboxedEnvironment by @​masci in masci/banks#74

Full Changelog: masci/banks@v2.4.1...v2.4.2

Commits

• 3c9d09d chore: set version to 2.4.2 [skip ci]
• dbf7cef fix: prevent SSTI by switching to SandboxedEnvironment (#74)
• See full diff in compare view

Updates idna from 3.11 to 3.15

Changelog

Sourced from idna's changelog.

3.15 (2026-05-12)

• Enforce DNS-length cap on individual labels early in check_label, short-circuiting contextual-rule processing for oversized input while staying compatible with UTS 46 usage.
• Tidy core helpers: hoist bidi category sets to module-level frozensets (avoiding per-codepoint list construction), simplify length checks, and reuse the shared _unicode_dots_re from idna.core in the codec module.
• Use raise ... from err for proper exception chaining and switch internal string formatting to f-strings.
• Allow flit_core 4.x in the build backend.
• Expand the ruff lint set (flake8-bugbear, flake8-simplify, pyupgrade, perflint) and apply the surfaced fixes; pin lint CI to Python 3.14.
• Add Dependabot configuration for GitHub Actions.
• Convert README and HISTORY from reStructuredText to Markdown.
• Reference CVE-2026-45409 for the 3.14 advisory in place of the initial GHSA identifier.

Thanks to Felix Yan, Stan Ulbrych, and metsw24-max for contributions to this release.

3.14 (2026-05-10)

• Removed opportunity to process long inputs into quadratic time by rejecting oversize inputs up-front. Closes a bypass of the CVE-2024-3651 mitigation. [CVE-2026-45409]

Thanks to Stan Ulbrych for reporting the issue.

Commits

• af30a09 Release 3.15
• 30314d4 Pre-release 3.15rc0
• 05d4b21 Merge pull request #237 from kjd/convert-docs-to-markdown
• 2987fdb Convert README and HISTORY from reStructuredText to Markdown
• 59fa800 Merge pull request #236 from kjd/dependabot/github_actions/actions-f3e34333ea
• def6983 Merge branch 'master' into dependabot/github_actions/actions-f3e34333ea
• bbd8004 Merge pull request #234 from StanFromIreland/patch-1
• edd07c0 Bump github/codeql-action from 3.35.2 to 4.35.2 in the actions group
• 5557db0 Merge branch 'master' into patch-1
• f11746c Merge pull request #235 from StanFromIreland/patch-2
• Additional commits viewable in compare view

Updates nltk from 3.9.3 to 3.9.4

Changelog

Sourced from nltk's changelog.

Version 3.9.4 2026-03-24

• Support Python 3.14
• Fix bug in Levenshtein distance when substitution_cost > 2
• Fix bug in Treebank detokeniser re quote ordering
• Fix bug in Jaro similarity for empty strings
• Several security enhancements
• Fix GHSA-rf74-v2fm-23pw: unbounded recursion in JSONTaggedDecoder
• Implement TextTiling vocabulary introduction method (Hearst 1997)
• Fix ALINE feature matrix errors and add comprehensive tests
• Support multiple VerbNet versions, fix longid/shortid regex for VerbNet ids
• Let downloader fallback to md5 when sha256 is unavailable
• Several other minor bugfixes and code cleanups

Thanks to the following contributors to 3.9.4: Min-Yen Kan, Eric Kafe, Emily Voss, bowiechen, Hrudhai01, jancallewaert, Mr-Neutr0n, pollak.peter89, ylwango613,

Version 3.9.3 2026-02-21

• Fix CVE-2025-14009: secure ZIP extraction in nltk.downloader (#3468)
• Block path traversal/arbitrary reads in nltk.data for protocol-less refs (#3467)
• Block path traversal/abs paths in corpus readers and FS pointers (#3479, #3480)
• Validate external StanfordSegmenter JARs using SHA256 (#3477)
• Add optional sandbox enforcement for filestring() (#3485)
• Maintenance: downloader/zipped models, CI/tooling updates

Thanks to the following contributors to 3.9.3: Chris Clauss, Eric Kafe, HyperPS, purificant, Shivansh-Game, Christopher Smith

Version 3.9.2 2025-10-01

• Update download checksums to use SHA256 in built index
• Fix percentage escape in new-style string formatting
• replace shortened URLs using goo.gl
• Make Wordnet interoperable with various taggers and tagged corpora
• Fix saving PerceptronTagger
• Document how to reproduce old Wordnet studies
• properly initialize Portuguese corpus reader
• support for mixed rules conversion into Chomsky Normal Form
• only import tkinter if a GUI is needed
• issue #2112 with Corenlp
• new environment variable NLTK_DOWNLOADER_FORCE_INTERACTIVE_SHELL
• Lesk defaults to most frequent sense in case of ties

Thanks to the following contributors to 3.9.2: Jose Cols, Peter de Blanc, GeneralPoxter, Eric Kafe, William LaCroix, Jason Liu, Samer Masterson, Mike014, purificant, Andrew Ernest Ritz, samertm, Ikram Ul Haq, Christopher Smith, Ryan Mannion

Version 3.9.1 2024-08-19

... (truncated)

Commits

• ad9c96b Update copyright year
• 7edcddf Updates for 3.9.4 release
• 67a2736 Merge pull request #3180 from yzhaoinuw/bug-on-edit_distance_align
• 2b17ac5 Fix edit_distance_align backtrace for high substitution costs
• 4b72976 Merge pull request #3018 from JuanIMartinezB/bug/shortid-longid
• 8a5619f Merge pull request #3222 from Syzygy2048/feature/texttiling-vocabulary-introd...
• c6574d7 Merge pull request #3289 from ihitamandal/codeflash/optimize-windowdiff-2024-...
• 98ff5d9 Merge pull request #3435 from Hrudhai01/fix-3260-detokenize-quotes
• aec4fce Merge pull request #3522 from ekaf/pathsec
• eec4ee3 Merge pull request #3526 from nltk/update-contributing
• Additional commits viewable in compare view

Updates paramiko from 4.0.0 to 5.0.0

Commits

• 710cc5c What's a few weeks between friends?
• ea93c59 Fix up Ed25519Key so it has non-erroring repr() during fatal errors
• 5b90ef9 ruff/isort
• f3864b6 Changelog fixes
• acd4bc1 Replace hardcoded PEM format in PKey.write* with new parameter
• 6fa1556 Bump group-exchange kex min_bits to 2048
• eb87ad3 Fix some tests that were incorrectly passing
• 1ecc933 Remove GSSAPI support :(
• 9bf5fca Remove SHA1-based (non-GSS) kex methods
• b8f75c7 Lintin' ain't easy
• Additional commits viewable in compare view

Updates pillow from 12.1.1 to 12.2.0

Release notes

Sourced from pillow's releases.

12.2.0

https://pillow.readthedocs.io/en/stable/releasenotes/12.2.0.html

Documentation

• Update 12.2.0 release notes #9522 [@​hugovk]
• Add loader plugins: AMOS abk, Atari Degas, 40+ more obscure formats via Netpbm #9482 [@​bitplane]
• Update Python versions #9515 [@​radarhere]
• Jeffrey A. Clark -> Jeffrey 'Alex' Clark #9513 [@​aclark4life]
• Add release notes for #9394, #9419 and #9456 #9467 [@​radarhere]
• Add Amiga Workbench .info loader to 3rd party plugins list #9459 [@​bitplane]
• Merge PFM documentation into PPM #9434 [@​radarhere]
• Update macOS tested Pillow versions #9431 [@​radarhere]
• Fix CVE number #9430 [@​hugovk]

Dependencies

• Update xz to 5.8.3 #9523 [@​radarhere]
• Update libjpeg-turbo to 3.1.4.1 #9507 [@​radarhere]
• Update libpng to 1.6.56 #9499 [@​radarhere]
• Update freetype to 2.14.3 #9485 [@​radarhere]
• Updated libavif to 1.4.1 #9479 [@​radarhere]
• Updated harfbuzz to 13.2.1 #9461 [@​radarhere]
• Update Ghostscript to 10.7.0 #9469 [@​radarhere]
• Update harfbuzz to 13.0.1 #9453 [@​radarhere]
• Update libavif to 1.4.0 #9460 [@​radarhere]
• Update freetype to 2.14.2 #9449 [@​radarhere]
• Update actions/download-artifact action to v8 #9451 [@renovate[bot]]
• Updated libpng to 1.6.55 #9425 [@​radarhere]

Testing

• Cleanup .spider extension in the same test where it is added #9517 [@​radarhere]
• Run tests in parallel via tox for 3.5x speedup #9516 [@​hugovk]
• Enable colour in CI logs #9486 [@​hugovk]
• Update Ghostscript to 10.7.0 #9469 [@​radarhere]
• Simplify TGA test code #9477 [@​radarhere]
• Update tests to check for ValueError when encoding an empty image #9464 [@​radarhere]
• Upgrade CI from macos-15-intel to macos-26-intel #9454 [@​hugovk]
• Add check-case-conflict hook #9446 [@​radarhere]
• Specify platform when pulling docker image #9440 [@​radarhere]
• GHA: Cache libavif and webp builds for Ubuntu #9437 [@​hugovk]
• Update macOS tested Pillow versions #9431 [@​radarhere]

Other changes

• Check calloc return value #9527 [@​radarhere]
• Check all allocs in the Arrow tree #9488 [@​wiredfool]
• Reject non-numeric elements inside list coords #9526 [@​hugovk]
• Move variable declaration inside define #9525 [@​radarhere]

... (truncated)

Commits

• 3c41c09 12.2.0 version bump
• cdaa29e Check calloc return value (#9527)
• 585b2f5 Check calloc return value
• ecf011e Check all allocs in the Arrow tree (#9488)
• cf6de8c Reject non-numeric elements inside list coords (#9526)
• ffdcede Update 12.2.0 release notes (#9522)
• 7929d77 Added security release notes (#149)
• c4f7aa5 Added security release notes
• 22cdb5f Move variable declaration inside define (#9525)
• fc15b3b Resize tall images vertically first (#9524)
• Additional commits viewable in compare view

Updates ujson from 5.11.0 to 5.12.1

Release notes

Sourced from ujson's releases.

5.12.1

Fixed

• Fix encoding ref leak with non-English character (#714) @​nhancdt2602
• Fix memory leak when ujson.dump() is unable to write to its file (0bf630aaef59c0aafd0c8a4fc8bbe2a7bcefa853) @​bwoodsend

Note that pre-built wheels for graalpy on macOS have been omitted from this release due to infrastructural issues building them (#731).

5.12.0

Added

• Update license field (#693) @​wagenrace
• Build wheels for GraalPy (#685) @​timfel

Changed

• Drop support for Python 3.9 (#686) @​hugovk

Fixed

• Fix memory leak parsing large integers (ultrajson/ultrajson@4baeb95) @​bwoodsend
• Fix buffer overflow/infinite loop from indent handling (#709) @​bwoodsend
• Remove upper bound of setuptools for PyPy (#704) @​hugovk

Commits

• 7d9036f Temporarily disable pre-built wheels for graalpy on macOS (#730)
• 0bf630a Temporarily disable pre-built wheels for graalpy on macOS
• 46f7596 Enable read access for CI/CD
• 82af1d0 Fix failure cleanup paths in ujson.dump()
• ceae6cd Gitignore .fuse_hidden and .DS_Store files
• dd87ed3 Improve unit test coverage (#718)
• ddbe2da Update release-drafter/release-drafter action to v7.2.1 (#717)
• 3be5ae5 Update release-drafter/release-drafter action to v7.2.1
• 9f90a8c Fix encoding ref leak with non-English character (#714)
• f1574e5 Hash pin GitHub Actions (#715)
• Additional commits viewable in compare view

Updates pytest from 8.3.3 to 9.0.3

Release notes

Sourced from pytest's releases.

9.0.3

pytest 9.0.3 (2026-04-07)

Bug fixes

• #12444: Fixed pytest.approx which now correctly takes into account ~collections.abc.Mapping keys order to compare them.

• #13634: Blocking a conftest.py file using the -p no: option is now explicitly disallowed.

  Previously this resulted in an internal assertion failure during plugin loading.

  Pytest now raises a clear UsageError explaining that conftest files are not plugins and cannot be disabled via -p.

• #13734: Fixed crash when a test raises an exceptiongroup with __tracebackhide__ = True.

• #14195: Fixed an issue where non-string messages passed to unittest.TestCase.subTest() were not printed.

• #14343: Fixed use of insecure temporary directory (CVE-2025-71176).

Improved documentation

• #13388: Clarified documentation for -p vs PYTEST_PLUGINS plugin loading and fixed an incorrect -p example.
• #13731: Clarified that capture fixtures (e.g. capsys and capfd) take precedence over the -s / --capture=no command-line options in Accessing captured output from a test function <accessing-captured-output>.
• #14088: Clarified that the default pytest_collection hook sets session.items before it calls pytest_collection_finish, not after.
• #14255: TOML integer log levels must be quoted: Updating reference documentation.

Contributor-facing changes

• #12689: The test reports are now published to Codecov from GitHub Actions. The test statistics is visible on the web interface.

  -- by aleguy02

9.0.2

pytest 9.0.2 (2025-12-06)

Bug fixes

• #13896: The terminal progress feature added in pytest 9.0.0 has been disabled by default, except on Windows, due to compatibility issues with some terminal emulators.

  You may enable it again by passing -p terminalprogress. We may enable it by default again once compatibility improves in the future.

  Additionally, when the environment variable TERM is dumb, the escape codes are no longer emitted, even if the plugin is enabled.

• #13904: Fixed the TOML type of the tmp_path_retention_count settings in the API reference from number to string.

• #13946: The private config.inicfg attribute was changed in a breaking manner in pytest 9.0.0. Due to its usage in the ecosystem, it is now restored to working order using a compatibility shim. It will be deprecated in pytest 9.1 and removed in pytest 10.

... (truncated)

Commits

• a7d58d7 Prepare release version 9.0.3
• 089d981 Merge pull request #14366 from bluetech/revert-14193-backport
• 8127eaf Revert "Fix: assertrepr_compare respects dict insertion order (#14050) (#14193)"
• 99a7e60 Merge pull request #14363 from pytest-dev/patchback/backports/9.0.x/95d8423bd...
• ddee02a Merge pull request #14343 from bluetech/cve-2025-71176-simple
• 74eac69 doc: Update training info (#14298) (#14301)
• f92dee7 Merge pull request #14267 from pytest-dev/patchback/backports/9.0.x/d6fa26c62...
• 7ee58ac Merge pull request #12378 from Pierre-Sassoulas/fix-implicit-str-concat-and-d...
• 37da870 Merge pull request #14259 from mitre88/patch-4 (#14268)
• c34bfa3 Add explanation for string context diffs (#14257) (#14266)
• Additional commits viewable in compare view

Updates urllib3 from 2.5.0 to 2.7.0

Release notes

Sourced from urllib3's releases.

2.7.0

🚀 urllib3 is fundraising for HTTP/2 support

urllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects please consider contributing financially to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.

Thank you for your support.

Security

Addressed high-severity security issues. Impact was limited to specific use cases detailed in the accompanying advisories; overall user exposure was estimated to be marginal.

• Decompression-bomb safeguards of the streaming API were bypassed:

  1. When HTTPResponse.drain_conn() was called after the response had been read and decompressed partially. (Reported by @​Cycloctane)
  2. During the second HTTPResponse.read(amt=N) or HTTPResponse.stream(amt=N) call when the response was decompressed using the official Brotli library. (Reported by @​kimkou2024)

  See GHSA-mf9v-mfxr-j63j for details.

• HTTP pools created using ProxyManager.connection_from_url did not strip sensitive headers specified in Retry.remove_headers_on_redirect when redirecting to a different host. (GHSA-qccp-gfcp-xxvc reported by @​christos-spearbit)

Deprecations and Removals

• Used FutureWarning instead of DeprecationWarning for better visibility of existing deprecation notices. Rescheduled the removal of deprecated features to version 3.0. (urllib3/urllib3#3763)
• Removed support for end-of-life Python 3.9. (urllib3/urllib3#3720)
• Removed support for end-of-life PyPy3.10. (urllib3/urllib3#4979)
• Bumped the minimum supported pyOpenSSL version to 19.0.0. (urllib3/urllib3#3777)

Bugfixes

• Fixed a bug where HTTPResponse.read(amt=None) was ignoring decompressed data buffered from previous partial reads. (urllib3/urllib3#3636)
• Fixed a bug where HTTPResponse.read() could cache only part of the response after a partial read when cache_content=True. (urllib3/urllib3#4967)
• Fixed HTTPResponse.stream() and HTTPResponse.read_chunked() to handle amt=0. (urllib3/urllib3#3793)
• Updated _TYPE_BODY type alias to include missing Iterable[str], matching the documented and runtime behavior of chunked request bodies. (urllib3/urllib3#3798)
• Fixed LocationParseError when paths resembling schemeless URIs were passed to HTTPConnectionPool.urlopen(). (urllib3/urllib3#3352)
• Fixed BaseHTTPResponse.readinto() type annotation to accept memoryview in addition to bytearray, matching the io.RawIOBase.readinto contract and enabling use with io.BufferedReader without type errors. (urllib3/urllib3#3764)

2.6.3

🚀 urllib3 is fundraising for HTTP/2 support

urllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects please consider contributing financially to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.

Thank you for your support.

Changes

• Fixed a security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were followed. (CVE-2026-21441 reported by @​D47A, 8.9 High, GHSA-38jv-5279-wg99)
• Started treating Retry-After times greater than 6 hours as 6 hours by default. (urllib3/urllib3#3743)
• Fixed urllib3.connection.VerifiedHTTPSConnection on Emscripten. (urllib3/urllib3#3752)

2.6.2

... (truncated)

Changelog

Sourced from urllib3's changelog.

2.7.0 (2026-05-07)

Security

Addressed high-severity security issues. Impact was limited to specific use cases detailed in the accompanying advisories; overall user exposure was estimated to be marginal.

• Decompression-bomb safeguards of the streaming API were bypassed:

  1. When HTTPResponse.drain_conn() was called after the response had been read and decompressed partially.
  2. During the second HTTPResponse.read(amt=N) or HTTPResponse.stream(amt=N) call when the response was decompressed using the official Brotli <https://pypi.org/project/brotli/>__ library.

  See GHSA-mf9v-mfxr-j63j <https://github.com/urllib3/urllib3/security/advisories/GHSA-mf9v-mfxr-j63j>__ for details.

• HTTP pools created using ProxyManager.connection_from_url did not strip sensitive headers specified in Retry.remove_headers_on_redirect when redirecting to a different host. (GHSA-qccp-gfcp-xxvc <https://github.com/urllib3/urllib3/security/advisories/GHSA-qccp-gfcp-xxvc>__)

Deprecations and Removals

• Used FutureWarning instead of DeprecationWarning for better visibility of existing deprecation notices. Rescheduled the removal of deprecated features to version 3.0. ([#3763](https://github.com/urllib3/urllib3/issues/3763) <https://github.com/urllib3/urllib3/issues/3763>__)
• Removed support for end-of-life Python 3.9. ([#3720](https://github.com/urllib3/urllib3/issues/3720) <https://github.com/urllib3/urllib3/issues/3720>__)
• Removed support for end-of-life PyPy3.10. ([#4979](https://github.com/urllib3/urllib3/issues/4979) <https://github.com/urllib3/urllib3/issues/4979>__)
• Bumped the minimum supported pyOpenSSL version to 19.0.0. ([#3777](https://github.com/urllib3/urllib3/issues/3777) <https://github.com/urllib3/urllib3/issues/3777>__)

Bugfixes

• Fixed a bug where HTTPResponse.read(amt=None) was ignoring decompressed data buffered from previous partial reads. ([#3636](https://github.com/urllib3/urllib3/issues/3636) <https://github.com/urllib3/urllib3/issues/3636>__)
• Fixed a bug where HTTPResponse.read() could cache only part of the response after a partial read when cache_content=True.

... (truncated)

Commits

• 9a950b9 Release 2.7.0
• 5ec0de4 Merge commit from fork
• 2bdcc44 Merge commit from fork
• f45b0df Fix a misleading example for ProxyManager (#4970)
• 577193c Switch to nightly PyPy3.11 in CI for now (#4984)
• e90af45 Avoid infinite loop in HTTPResponse.read_chunked when amt=0 (#4974)
• 67ed74f Bump dev dependencies (#4972)
• 3abd481 Upgrade mypy to version 1.20.2 (#4978)
• 2b8725d Drop support for EOL PyPy3.10 (#4979)
• 2944b2a Upgrade setup-chrome and setup-firefox to fix warnings (

[greptile-apps]

PR author is in the excluded authors list.

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[jaseemjaskp]

PR Review Toolkit — automated review of #1981

This is a Dependabot bump touching only pyproject.toml + uv.lock files. The comment-analyzer, silent-failure-hunter, type-design-analyzer, and code-simplifier agents had no in-scope code; findings below come from code-reviewer + pr-test-analyzer, verified against the actual files.

Headline risk

pytest 7.4 / 8.x → 9.0.3 is a major version jump in 6 packages. Pytest 9 turns PytestRemovedIn9Warning into errors by default and tightens a handful of behaviours (duplicate path dedup, CI env detection, config exclusivity). Test code grep'd clean (no pytest.warns(None), tmpdir, pytest.config, pytest.yield_fixture, pytest.deprecated_call), and the SDK already moved pytest-asyncio>=0.24.0. The remaining risk is plugin compatibility — please run uv run pytest --collect-only -q per package as a smoke check before merging.

Cross-file findings not attached to a diff hunk

• Root pyproject.toml:15 still pins pytest>=8.0.1 in the workspace dev group — inconsistent with the bump everywhere else. File isn't in this PR's diff, so flagging here.
• unstract/connectors/pyproject.toml:56 still pins pytest>=8.0.1 in its [dependency-groups].test group — the lockfile got regenerated but the pin wasn't bumped. Same reason no inline comment.
• No asyncio_mode is configured anywhere (grep for asyncio_mode returned nothing). With pytest-asyncio 1.x (resolved in lockfile) the default is strict, which works for the existing @pytest.mark.asyncio tests but emits a deprecation warning on every run. Adding asyncio_mode = "strict" to each [tool.pytest.ini_options] block silences it.

litellm 1.83.10 → 1.85.1

Upstream 1.84.0 release notes explicitly say "this release contains breaking changes". The SDK ships a monkey-patch (unstract/sdk1/src/unstract/sdk1/patches/litellm_cohere_timeout.py) and parses litellm internal exception shapes in error utilities — both can drift across litellm minor versions. Worth a manual smoke test of the LLM/embedding adapters + retry paths before merging.

Individual inline comments follow.

[jaseemjaskp]

HIGH — pytest 8.3 → 9.0 major bump. Pytest 9 turns PytestRemovedIn9Warning into errors by default; if any backend test or fixture uses a deprecated API the suite will start failing. Before merging, run uv run pytest --collect-only -q from backend/ to surface any plugin or config issues without executing tests.

[jaseemjaskp]

MEDIUM — pytest-dotenv==0.5.2 is unmaintained (last release 2020). It patches pytest Config internals and has open reports of breakage on newer pytest. The env_files = "test.env" option at line 101 depends on it. If --collect-only blows up here, the fix is a 5-line conftest.py calling dotenv.load_dotenv("test.env") directly and dropping the plugin.

[jaseemjaskp]

LOW — pin style inconsistency. pytest~=9.0.3 resolves to >=9.0.3,<9.1 — locks out the next minor (9.1) unlike every other package which uses >=9.0.3. Either widen to pytest>=9.0.3 for consistency or accept the tighter cap deliberately.

(Same line is also where the major-version jump from 8.0.1 happens; smoke-test with uv run pytest --collect-only -q from prompt-service/.)

[jaseemjaskp]

MEDIUM — pytest-asyncio>=0.23.0 floor is below what aligns cleanly with pytest 9. Lockfile resolves to 1.3.0 which is fine, but the floor permits an incompatible re-resolution. Bump to pytest-asyncio>=0.24.0 to match unstract/sdk1/pyproject.toml:75. Also, there's no asyncio_mode set anywhere in the repo — pytest-asyncio 1.x will emit a deprecation warning on every run; add asyncio_mode = "strict" to the file's [tool.pytest.ini_options] block.

[jaseemjaskp]

MEDIUM — pytest-dotenv==0.5.2 is unmaintained (last release 2020). Same concern as backend/pyproject.toml:74. If pytest 9 breaks plugin loading here, replace with dotenv.load_dotenv() in a conftest.py (the plugin reads env_files from [tool.pytest.ini_options]; mirror that with an explicit load_dotenv(...) call).

[jaseemjaskp]

MEDIUM — litellm 1.83.10 → 1.85.1 includes documented breaking changes (1.84.0 release notes explicitly flag breaking changes; 1.85.x is mostly security hardening). The SDK is tightly coupled to litellm internals:

• src/unstract/sdk1/patches/litellm_cohere_timeout.py monkey-patches the cohere transport
• llm.py / embedding.py parse litellm error message shapes (e.g. parse_litellm_err, strip_litellm_prefix, is_retryable_litellm_error)

These surfaces aren't part of litellm's public API contract and can drift across minor versions. Please smoke-test (a) the cohere-timeout patch still applies, (b) error parsing for at least Bedrock / OpenAI / Cohere paths, and (c) retry classification. Consider adding <1.86 as a soft cap until you re-validate against the next minor.

[jaseemjaskp]

MEDIUM — exact pin pytest==9.0.3 is a stronger commitment than every other package in this PR (pytest>=9.0.3). It blocks picking up 9.0.4 bugfixes without another Dependabot run, and 9.0 is brand new — patch releases are likely. Recommend loosening to pytest>=9.0.3,<10 or pytest~=9.0 to match the workspace pattern.

[jaseemjaskp]

HIGH — pytest 7.4 → 9.0.3 spans two major versions. Plus workers/pyproject.toml has --strict-markers and --strict-config in addopts (lines 152-153), which makes any new pytest 9 strictness immediately fatal. Highly recommend running uv run pytest --collect-only -q from workers/ before merging to catch config/plugin issues without executing the full suite.

[jaseemjaskp]

MEDIUM — pytest-asyncio>=0.21.0 floor is too loose for pytest 9. Lockfile resolves to 1.3.0 (fine), but the constraint would also allow 0.21–0.23 which predate pytest 9 support. Same applies to the duplicate test group at line 59. Bump both floors to pytest-asyncio>=0.24.0 (matches unstract/sdk1/pyproject.toml:75). Also add asyncio_mode = "strict" to [tool.pytest.ini_options] (line 146) to suppress the pytest-asyncio 1.x deprecation warning.