Bump the python-dependencies group across 1 directory with 4 updates

[dependabot]

Bumps the python-dependencies group with 4 updates in the / directory: pydantic[email], fastapi, starlette and mkdocs-material.

Updates pydantic[email] from 2.12.3 to 2.12.4

Release notes

Sourced from pydantic[email]'s releases.

v2.12.4 2025-11-05

v2.12.4 (2025-11-05)

This is the fourth 2.12 patch release, fixing more regressions, and reverting a change in the build() method of the AnyUrl and Dsn types.

This patch release also fixes an issue with the serialization of IP address types, when serialize_as_any is used. The next patch release will try to address the remaining issues with serialize as any behavior by introducing a new polymorphic serialization feature, that should be used in most cases in place of serialize as any.

• Fix issue with forward references in parent TypedDict classes by @​Viicos in #12427.

  This issue is only relevant on Python 3.14 and greater.

• Exclude fields with exclude_if from JSON Schema required fields by @​Viicos in #12430

• Revert URL percent-encoding of credentials in the build() method of the AnyUrl and Dsn types by @​davidhewitt in pydantic-core#1833.

  This was initially considered as a bugfix, but caused regressions and as such was fully reverted. The next release will include an opt-in option to percent-encode components of the URL.

• Add type inference for IP address types by @​davidhewitt in pydantic-core#1868.

  The 2.12 changes to the serialize_as_any behavior made it so that IP address types could not properly serialize to JSON.

• Avoid getting default values from defaultdict by @​davidhewitt in pydantic-core#1853.

  This fixes a subtle regression in the validation behavior of the collections.defaultdict type.

• Fix issue with field serializers on nested typed dictionaries by @​davidhewitt in pydantic-core#1879.

• Add more pydantic-core builds for the three-threaded version of Python 3.14 by @​davidhewitt in pydantic-core#1864.

Full Changelog: pydantic/pydantic@v2.12.3...v2.12.4

Changelog

Sourced from pydantic[email]'s changelog.

v2.12.4 (2025-11-05)

GitHub release

This is the fourth 2.12 patch release, fixing more regressions, and reverting a change in the build() method of the AnyUrl and Dsn types.

This patch release also fixes an issue with the serialization of IP address types, when serialize_as_any is used. The next patch release will try to address the remaining issues with serialize as any behavior by introducing a new polymorphic serialization feature, that should be used in most cases in place of serialize as any.

• Fix issue with forward references in parent TypedDict classes by @​Viicos in #12427.

  This issue is only relevant on Python 3.14 and greater.

• Exclude fields with exclude_if from JSON Schema required fields by @​Viicos in #12430

• Revert URL percent-encoding of credentials in the build() method of the AnyUrl and Dsn types by @​davidhewitt in pydantic-core#1833.

  This was initially considered as a bugfix, but caused regressions and as such was fully reverted. The next release will include an opt-in option to percent-encode components of the URL.

• Add type inference for IP address types by @​davidhewitt in pydantic-core#1868.

  The 2.12 changes to the serialize_as_any behavior made it so that IP address types could not properly serialize to JSON.

• Avoid getting default values from defaultdict by @​davidhewitt in pydantic-core#1853.

  This fixes a subtle regression in the validation behavior of the collections.defaultdict type.

• Fix issue with field serializers on nested typed dictionaries by @​davidhewitt in pydantic-core#1879.

• Add more pydantic-core builds for the three-threaded version of Python 3.14 by @​davidhewitt in pydantic-core#1864.

Commits

• 5c842df Prepare release v2.12.4
• c678a71 Bump pydantic-core to v2.41.5
• a7cd292 Bump cloudpickle to v3.1.2
• 21f6278 Bump actions/setup-node from 5 to 6
• 8d6be8f Bump astral-sh/setup-uv from 6 to 7
• 17865ea Bump actions/upload-artifact from 4 to 5
• 90ad0af Bump actions/download-artifact from 5 to 6
• 18e6672 Drop testing under PyPy 3.9
• 650215b Document workaround for MongoDsn default port
• e326790 Fix example of for bytes_invalid_encoding validation error
• Additional commits viewable in compare view

Updates fastapi from 0.120.1 to 0.121.1

Release notes

Sourced from fastapi's releases.

0.121.1

Fixes

• 🐛 Fix Depends(func, scope='function') for top level (parameterless) dependencies. PR #14301 by @​luzzodev.

Docs

• 📝 Upate docs for advanced dependencies with yield, noting the changes in 0.121.0, adding scope. PR #14287 by @​tiangolo.

Internal

• ⬆ Bump ruff from 0.13.2 to 0.14.3. PR #14276 by @​dependabot[bot].
• ⬆ [pre-commit.ci] pre-commit autoupdate. PR #14289 by @​pre-commit-ci[bot].

0.121.0

Features

• ✨ Add support for dependencies with scopes, support scope="request" for dependencies with yield that exit before the response is sent. PR #14262 by @​tiangolo.
  • New docs: Dependencies with yield - Early exit and scope.

Internal

• 👥 Update FastAPI People - Contributors and Translators. PR #14273 by @​tiangolo.
• 👥 Update FastAPI People - Sponsors. PR #14274 by @​tiangolo.
• 👥 Update FastAPI GitHub topic repositories. PR #14280 by @​tiangolo.
• ⬆ Bump mkdocs-macros-plugin from 1.4.0 to 1.4.1. PR #14277 by @​dependabot[bot].
• ⬆ Bump mkdocstrings[python] from 0.26.1 to 0.30.1. PR #14279 by @​dependabot[bot].

0.120.4

Fixes

• 🐛 Fix security schemes in OpenAPI when added at the top level app. PR #14266 by @​YuriiMotov.

0.120.3

Refactors

• ♻️ Reduce internal cyclic recursion in dependencies, from 2 functions calling each other to 1 calling itself. PR #14256 by @​tiangolo.
• ♻️ Refactor internals of dependencies, simplify code and remove get_param_sub_dependant. PR #14255 by @​tiangolo.
• ♻️ Refactor internals of dependencies, simplify using dataclasses. PR #14254 by @​tiangolo.

Docs

• 📝 Update note for untranslated pages. PR #14257 by @​YuriiMotov.

0.120.2

Fixes

• 🐛 Fix separation of schemas with nested models introduced in 0.119.0. PR #14246 by @​tiangolo.

Internal

... (truncated)

Commits

• 1c7e254 🔖 Release version 0.121.1
• 9e54399 📝 Update release notes
• 282f372 🐛 Fix Depends(func, scope='function') for top level (parameterless) depende...
• 972a967 📝 Update release notes
• 4170f62 📝 Update release notes
• 67c8dfa ⬆ Bump ruff from 0.13.2 to 0.14.3 (#14276)
• 34db1e2 ⬆ [pre-commit.ci] pre-commit autoupdate (#14289)
• b787103 📝 Update release notes
• 289b4aa 📝 Upate docs for advanced dependencies with yield, noting the changes in 0....
• 4efae81 🔖 Release version 0.121.0
• Additional commits viewable in compare view

Updates starlette from 0.49.1 to 0.50.0

Release notes

Sourced from starlette's releases.

Version 0.50.0

Removed

• Drop Python 3.9 support #3061.

---

Full Changelog: Kludex/starlette@0.49.3...0.50.0

Version 0.49.3

Fixed

• Relax strictness on Middleware type #3059.

---

Full Changelog: Kludex/starlette@0.49.2...0.49.3

Version 0.49.2

Fixed

• Ignore if-modified-since header if if-none-match is present in StaticFiles #3044.

---

Full Changelog: Kludex/starlette@0.49.1...0.49.2

Changelog

Sourced from starlette's changelog.

0.50.0 (November 1, 2025)

• Drop Python 3.9 support #3061.

0.49.3 (November 1, 2025)

This is the last release that supports Python 3.9, which will be dropped in the next minor release.

Fixed

• Relax strictness on Middleware type #3059.

0.49.2 (November 1, 2025)

Fixed

• Ignore if-modified-since header if if-none-match is present in StaticFiles #3044.

Commits

• 4941b4a Version 0.50.0 (#3063)
• a0499f6 Drop support for Python 3.9 (#3061)
• de3ffec Version 0.49.3 (#3062)
• c443396 Relax strictness on Middleware type (#3059)
• 85bf027 Version 0.49.2 (#3058)
• 3d480dd Ignore if-modified-since if if-none-match is present (#3057)
• da06052 Bump the github-actions group with 3 updates (#3056)
• 34caa99 Add groups configuration for GitHub Actions (#3055)
• See full diff in compare view

Updates mkdocs-material from 9.6.22 to 9.6.23

Release notes

Sourced from mkdocs-material's releases.

mkdocs-material-9.6.23

• Updated Burmese translation

Changelog

Sourced from mkdocs-material's changelog.

mkdocs-material-9.6.23 (2025-11-01)

• Updated Burmese translation

mkdocs-material-9.6.22 (2025-10-15)

• Updated Georgian translation

mkdocs-material-9.6.21 (2025-09-30)

• Updated Serbian translations
• Fixed #8458: Temporary pin of click dependency

mkdocs-material-9.6.20 (2025-09-15)

• Fixed #8446: Deprecation warning as of Python 3.14 in Emoji extension
• Fixed #8440: & character not escaped in search highlighting
• Fixed #8439: FontAwesome icons color not set in social cards (regression)

mkdocs-material-9.6.19 (2025-09-07)

• Added support for Python 3.14
• Updated Bahasa Malaysia translations

mkdocs-material-9.6.18 (2025-08-22)

• Updated Azerbaijani translations
• Fixed last compat issues with [minijinja], now 100% compatible

mkdocs-material-9.6.17 (2025-08-15)

• Fixed #8396: Videos do not autoplay when inside a content tab
• Fixed #8394: Stroke width not effective in Mermaid.js diagrams
• Fixed disappearing version selector when hiding page title

mkdocs-material-9.6.16 (2025-07-26)

• Fixed #8349: Info plugin doesn't correctly detect virtualenv in some cases
• Fixed #8334: Find-in-page detects matches in hidden search result list

mkdocs-material-9.6.15 (2025-07-01)

• Updated Mongolian translations
• Improved semantic markup of "edit this page" button
• Improved info plugin virtual environment resolution
• Fixed #8291: Large font size setting throws of breakpoints in JavaScript

mkdocs-material-9.6.14 (2025-05-13)

• Fixed #8215: Social plugin crashes when CairoSVG is updated to 2.8

... (truncated)

Commits

• 54c7b79 Prepare 9.6.23 release
• f0dbcb5 Disabled dependabot
• 53d15f8 Updated dependencies
• d9e4f71 Updated Burmese translations
• See full diff in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot recreate.

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.