chore(deps): bump the storage group in /api with 3 updates

[dependabot]

Updates the requirements on boto3, bce-python-sdk and google-cloud-storage to permit the latest version.
Updates boto3 from 1.42.83 to 1.42.88

Commits

• f92a06c Merge branch 'release-1.42.88'
• 9bdec29 Bumping version to 1.42.88
• d880788 Add changelog entries from botocore
• 39a4122 chore: add additional text to CONTRIBUTING.rst (#4749)
• 8d65320 Merge branch 'release-1.42.87'
• fdcbb88 Merge branch 'release-1.42.87' into develop
• aff7ae5 Bumping version to 1.42.87
• a58071d Add changelog entries from botocore
• bf26a45 Add boto3 version clarification for login with console credentials (#4758)
• a4315bc Merge branch 'release-1.42.86'
• Additional commits viewable in compare view

Updates bce-python-sdk to 0.9.69

Updates google-cloud-storage to 3.10.1

Release notes

Sourced from google-cloud-storage's releases.

google-cloud-storage: v3.10.1

3.10.1 (2026-03-23)

Bug Fixes

• raise ValueError if api_endpoint is unset when using AnonymousCredentials in AsyncGrpcClient. (#1778) (17828ea3)

Changelog

Sourced from google-cloud-storage's changelog.

3.10.1 (2026-03-23)

Bug Fixes

• raise ValueError if api_endpoint is unset when using AnonymousCredentials in AsyncGrpcClient. (#1778) (17828ea316872938a98a6360b10a2495c54bbbcb)

3.10.0 (2026-03-18)

Features

• [Bucket Encryption Enforcement] add support for bucket encryption enforcement config (#1742) (2a6e8b00e4e6ff57460373f8e628fd363be47811)

Perf Improvments

• [Rapid Buckets Reads] Use raw proto access for read resumption strategy (#1764) (14cfd61ce35365a409650981239ef742cdf375fb)
• [Rapid Buckets Benchmarks] init mp pool & grpc client once, use os.sched_setaffinity (#1751) (a9eb82c1b9b3c6ae5717d47b76284ed0deb5f769)
• [Rapid Buckets Writes] don't flush at every append, results in bad perf (#1746) (ab62d728ac7d7be3c4fe9a99d72e35ead310805a)

Bug Fixes

• [Windows] skip downloading blobs whose name contain ":" eg: C: D: etc when application runs in Windows. (#1774) (558198823ed51918db9c0137715d1e7f5b593975)
• [Path Traversal] Prevent path traversal in download_many_to_path (#1768) (700fec3bf7aa37bd5ea4b163cc3f9e8e6892bd5a)
• [Rapid Buckets] pass token correctly, '&' instead of ',' (#1756) (d8dd1e074d2431de9b45e0103181dce749a447a0)

3.9.0 (2026-02-02)

Features

• add get_object method for async grpc client (#1735) (0e5ec29bc6a31b77bcfba4254cef5bffb199095c)
• expose DELETE_OBJECT in AsyncGrpcClient (#1718) (c8dd7a0b124c395b7b60189ee78f47aba8d51f7d)
• update generation for MRD (#1730) (08bc7082db7392f13bc8c51511b4afa9c7b157c9)
• Move Zonal Buckets features of _experimental (#1728) (74c9ecc54173420bfcd48498a8956088a035af50)
• add default user agent for grpc (#1726) (7b319469d2e495ea0bf7367f3949190e8f5d9fff)
• expose finalized_time in blob.py applicable for GET_OBJECT in ZB (#1719) (8e21a7fe54d0a043f31937671003630a1985a5d2)
• add context manager to mrd (#1724) (5ac2808a69195c688ed42c3604d4bfadbb602a66)
• integrate writes strategy and appendable object writer (#1695) (dbd162b3583e32e6f705a51f5c3fef333a9b89d0)
• Add support for opening via write_handle and fix write_handle type (#1715) (2bc15fa570683ba584230c51b439d189dbdcd580)
• Add micro-benchmarks for writes comparing standard (regional) vs rapid (zonal) buckets. (#1707) (dbe9d8b89d975dfbed8c830a5687ccfafea51d5f)
• Add micro-benchmarks for reads comparing standard (regional) vs rapid (zonal) buckets. (#1697) (1917649fac41481da1adea6c2a9f4ab1298a34c4)
• send user_agent to grpc channel (#1712) (cdb2486bb051dcbfbffc2510aff6aacede5e54d3)
• add samples for appendable objects writes and reads (#1705) (2e1a1eb5cbe1c909f1f892a0cc74fe63c8ef36ff)
• add samples for appendable objects writes and reads (2e1a1eb5cbe1c909f1f892a0cc74fe63c8ef36ff)
• add support for generation=0 to avoid overwriting existing objects and add is_stream_open support (#1709) (ea0f5bf8316f4bfcff2728d9d1baa68dde6ebdae)
• add support for generation=0 to prevent overwriting existing objects (ea0f5bf8316f4bfcff2728d9d1baa68dde6ebdae)
• add is_stream_open property to AsyncAppendableObjectWriter for stream status check (ea0f5bf8316f4bfcff2728d9d1baa68dde6ebdae)

... (truncated)

Commits

• fce6a6b chore: librarian release pull request: 20260323T070628Z (#1782)
• f768af7 chore: run bidi_tests independently (#1781)
• 17828ea fix: raise ValueError if api_endpoint is unset when using AnonymousCredential...
• 8b7fbde chore: librarian release pull request: 20260318T145147Z (#1776)
• 21bb20f feat(samples): add argparse and clarify traversal support in download_many sn...
• 5581988 fix(storage): skip downloading blobs whose name contain ":" eg: C: D: ...
• c5735c3 feat(storage): support returning skipped items as UserWarning in download_man...
• 14cfd61 feat(storage): Use raw proto access for read resumption strategy (#1764)
• 2a6e8b0 feat: add support for bucket encryption enforcement config (#1742)
• 141f7ac chore: skip hmac tests until b/493225655 is fixed (#1771)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 83.93%. Comparing base (534fea7) to head (9047fed).
⚠️ Report is 7 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main   #35014   +/-   ##
=======================================
  Coverage   83.93%   83.93%           
=======================================
  Files        4288     4288           
  Lines      181066   181077   +11     
  Branches    36329    36329           
=======================================
+ Hits       151981   151991   +10     
  Misses      26194    26194           
- Partials     2891     2892    +1     

Flag	Coverage Δ
api	82.38% <ø> (+<0.01%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.