MESH-2092 Bump the dependencies group across 1 directory with 5 updates

[dependabot]

Bumps the dependencies group with 5 updates in the / directory:

Package	From	To
types-python-dateutil	2.9.0.20260124	2.9.0.20260302
fastapi	0.129.0	0.135.1
uvicorn	0.40.0	0.41.0
types-lxml	2026.1.1	2026.2.16
ruff	0.15.1	0.15.4

Updates types-python-dateutil from 2.9.0.20260124 to 2.9.0.20260302

Commits

• See full diff in compare view

Updates fastapi from 0.129.0 to 0.135.1

Release notes

Sourced from fastapi's releases.

0.135.1

Fixes

• 🐛 Fix, avoid yield from a TaskGroup, only as an async context manager, closed in the request async exit stack. PR #15038 by @​tiangolo.

Docs

• ✏️ Fix typo in docs/en/docs/_llm-test.md. PR #15007 by @​adityagiri3600.
• 📝 Update Skill, optimize context, trim and refactor into references. PR #15031 by @​tiangolo.

Internal

• 👥 Update FastAPI People - Experts. PR #15037 by @​tiangolo.
• 👥 Update FastAPI People - Contributors and Translators. PR #15029 by @​tiangolo.
• 👥 Update FastAPI GitHub topic repositories. PR #15036 by @​tiangolo.

0.135.0

Features

• ✨ Add support for Server Sent Events. PR #15030 by @​tiangolo.
  • New docs: Server-Sent Events (SSE).

0.134.0

Features

• ✨ Add support for streaming JSON Lines and binary data with yield. PR #15022 by @​tiangolo.
  • This also upgrades Starlette from >=0.40.0 to >=0.46.0, as it's needed to properly unrwap and re-raise exceptions from exception groups.
  • New docs: Stream JSON Lines.
  • And new docs: Stream Data.

Docs

• 📝 Update Library Agent Skill with streaming responses. PR #15024 by @​tiangolo.
• 📝 Update docs for responses and new stream with yield. PR #15023 by @​tiangolo.
• 📝 Add await in StreamingResponse code example to allow cancellation. PR #14681 by @​casperdcl.
• 📝 Rename docs_src/websockets to docs_src/websockets_ to avoid import errors. PR #14979 by @​YuriiMotov.

Internal

• 🔨 Run tests with pytest-xdist and pytest-cov. PR #14992 by @​YuriiMotov.

0.133.1

Features

• 🔧 Add FastAPI Agent Skill. PR #14982 by @​tiangolo.
  • Read more about it in Library Agent Skills.

Internal

• ✅ Fix all tests are skipped on Windows. PR #14994 by @​YuriiMotov.

... (truncated)

Commits

• ca5f60e 🔖 Release version 0.135.1
• 87f75aa 📝 Update release notes
• 8a9258b 🐛 Fix, avoid yield from a TaskGroup, only as an async context manager, closed...
• 6038507 📝 Update release notes
• c796ba4 👥 Update FastAPI People - Experts (#15037)
• b24aa03 📝 Update release notes
• 2c61047 ✏️ Fix typo in docs/en/docs/_llm-test.md (#15007)
• e3bbeef 📝 Update release notes
• d726c8c 📝 Update release notes
• cf514e6 👥 Update FastAPI People - Contributors and Translators (#15029)
• Additional commits viewable in compare view

Updates uvicorn from 0.40.0 to 0.41.0

Release notes

Sourced from uvicorn's releases.

Version 0.41.0

Added

• Add --limit-max-requests-jitter to stagger worker restarts (#2707)
• Add socket path to scope["server"] (#2561)

Changed

• Rename LifespanOn.error_occured to error_occurred (#2776)

Fixed

• Ignore permission denied errors in watchfiles reloader (#2817)
• Ensure lifespan shutdown runs when should_exit is set during startup (#2812)
• Reduce the log level of 'request limit exceeded' messages (#2788)

---

New Contributors

• @​t-kawasumi made their first contribution in Kludex/uvicorn#2776
• @​fardyn made their first contribution in Kludex/uvicorn#2800
• @​ewie made their first contribution in Kludex/uvicorn#2807
• @​shevron made their first contribution in Kludex/uvicorn#2788
• @​jonashaag made their first contribution in Kludex/uvicorn#2707

---

Full Changelog: Kludex/uvicorn@0.40.0...0.41.0

Changelog

Sourced from uvicorn's changelog.

0.41.0 (February 16, 2026)

Added

• Add --limit-max-requests-jitter to stagger worker restarts (#2707)
• Add socket path to scope["server"] (#2561)

Changed

• Rename LifespanOn.error_occured to error_occurred (#2776)

Fixed

• Ignore permission denied errors in watchfiles reloader (#2817)
• Ensure lifespan shutdown runs when should_exit is set during startup (#2812)
• Reduce the log level of 'request limit exceeded' messages (#2788)

Commits

• 9283c0f Version 0.41.0 (#2821)
• a01a33e Add --limit-max-requests-jitter to stagger worker restarts (#2707)
• 2ce65bd Ignore permission denied errors in watchfiles reloader (#2817)
• 654f2ed Ensure lifespan shutdown runs when should_exit is set during startup (#2812)
• a03d9f6 Reduce the log level of 'request limit exceeded' messages (#2788)
• e377de4 Add socket path to scope["server"] (#2561)
• 0779f7f Poll for readiness in test_multiprocess_health_check and run_server (#2816)
• 7e9ce2c Poll for PID changes in test_multiprocess_sighup instead of fixed sleep (#2...
• 99f0d87 Fix grep warning in scripts/sync-version (#2807)
• 7ae2e63 chore(deps): bump the python-packages group with 18 updates (#2801)
• Additional commits viewable in compare view

Updates types-lxml from 2026.1.1 to 2026.2.16

Release notes

Sourced from types-lxml's releases.

2026.02.16

🚀 Features

• (mypy plugin) Supports ElementDefaultClassLookup
• Supports type checking and runtime testing under PyPy 3.11
• Stub is error-free for ty type checker

🐛 Bug Fixes

• HtmlElement.head and .body can be None
• [breaking] Convert ElementDefaultClassLookup into Generic class
• Extend the list of unusable content-only elem methods
• Resolver methods args mostly position only
• [breaking] Remove _ResolverRegistry.copy()

🚜 Refactor

• Retire some unused type aliases
• (mypy plugin) Determine class lookup names more systematically

📚 Documentation

• Existing old docstring layout converted to new one
• New docstrings for some etree classes and funcs
• Add CHANGELOG.md to help searching among past changes

🧪 Testing

• Remove some signature tests already covered by mypy.stubtest
• Retire type checker "if KEYWORD:" usage
• Compat fix for pyright 1.1.408+ and basedpyright 1.37.1+
• Compat fix for pyright 1.1.406 and basedpyright 1.31.6
• Split mypy.stubtest as standalone tests
• More static tests migrated to runtime:
  • HtmlElement sequence tests, DocInfo, Resolver
  • "backport" some HtmlElement sequence tests to _Element
  • Partially migrate Element factory annotation test

☑️ Miscellaneous Tasks

• Introduce pre-commit usage to help running actionlint
• Drop pytest-mypy-plugin from [dev] extras
• Add config for git-cliff

⚙️ CI/CD Tasks

• Enable Bandit security scanner in workflow
• Add ty to compat checks, and add more versions
• Use ubuntu-slim GitHub runner for lightweight workflows
• Stop using reviewdog for PR check

... (truncated)

Changelog

Sourced from types-lxml's changelog.

2026.02.16

🚀 Features

• (mypy plugin) Supports ElementDefaultClassLookup
• Supports type checking and runtime testing under PyPy 3.11
• Stub is error-free for ty type checker

🐛 Bug Fixes

• HtmlElement.head and .body can be None
• [breaking] Convert ElementDefaultClassLookup into Generic class
• Extend the list of unusable content-only elem methods
• Resolver methods args mostly position only
• [breaking] Remove _ResolverRegistry.copy()

🚜 Refactor

• Retire some unused type aliases
• (mypy plugin) Determine class lookup names more systematically

📚 Documentation

• Existing old docstring layout converted to new one
• New docstrings for some etree classes and funcs
• Add CHANGELOG.md to help searching among past changes

🧪 Testing

• Remove some signature tests already covered by mypy.stubtest
• Retire type checker "if KEYWORD:" usage
• Compat fix for pyright 1.1.408+ and basedpyright 1.37.1+
• Compat fix for pyright 1.1.406 and basedpyright 1.31.6
• Split mypy.stubtest as standalone tests
• More static tests migrated to runtime:
  • HtmlElement sequence tests, DocInfo, Resolver
  • "backport" some HtmlElement sequence tests to _Element
  • Partially migrate Element factory annotation test

☑️ Miscellaneous Tasks

• Introduce pre-commit usage to help running actionlint
• Drop pytest-mypy-plugin from [dev] extras
• Add config for git-cliff

⚙️ CI/CD Tasks

• Enable Bandit security scanner in workflow
• Add ty to compat checks, and add more versions
• Use ubuntu-slim GitHub runner for lightweight workflows

... (truncated)

Commits

• 8454d91 ci: Fix release workflow token permissions
• d241569 docs: Prepare for new release
• c3d29a9 docs: Add CHANGELOG.md
• 704c735 test: test_registry_remove_bad fix for PyPy
• fd27499 test(mypy): exclude Resolver related names due to method sig change
• 52f7421 ci: Don't run stub test for worker supposed to run runtime test only
• 451c1af chore: Add config for git-cliff
• 711183d test: Migrate Resolver tests to runtime
• cbdad52 fix(stub)!: Remove _ResolverRegistry.copy()
• d8d5e13 fix(stub): Resolver methods args mostly position only
• Additional commits viewable in compare view

Updates ruff from 0.15.1 to 0.15.4

Release notes

Sourced from ruff's releases.

0.15.4

Release Notes

Released on 2026-02-26.

This is a follow-up release to 0.15.3 that resolves a panic when the new rule PLR1712 was enabled with any rule that analyzes definitions, such as many of the ANN or D rules.

Bug fixes

• Fix panic on access to definitions after analyzing definitions (#23588)
• [pyflakes] Suppress false positive in F821 for names used before del in stub files (#23550)

Documentation

• Clarify first-party import detection in Ruff (#23591)
• Fix incorrect import-heading example (#23568)

Contributors

• @​stakeswky
• @​ntBre
• @​thejcannon
• @​GeObts

Install ruff 0.15.4

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/ruff/releases/download/0.15.4/ruff-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://github.com/astral-sh/ruff/releases/download/0.15.4/ruff-installer.ps1 | iex"

Download ruff 0.15.4

File	Platform	Checksum
ruff-aarch64-apple-darwin.tar.gz	Apple Silicon macOS	checksum
ruff-x86_64-apple-darwin.tar.gz	Intel macOS	checksum
ruff-aarch64-pc-windows-msvc.zip	ARM64 Windows	checksum
ruff-i686-pc-windows-msvc.zip	x86 Windows	checksum
ruff-x86_64-pc-windows-msvc.zip	x64 Windows	checksum
ruff-aarch64-unknown-linux-gnu.tar.gz	ARM64 Linux	checksum
ruff-i686-unknown-linux-gnu.tar.gz	x86 Linux	checksum
ruff-powerpc64-unknown-linux-gnu.tar.gz	PPC64 Linux	checksum

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.4

Released on 2026-02-26.

This is a follow-up release to 0.15.3 that resolves a panic when the new rule PLR1712 was enabled with any rule that analyzes definitions, such as many of the ANN or D rules.

Bug fixes

• Fix panic on access to definitions after analyzing definitions (#23588)
• [pyflakes] Suppress false positive in F821 for names used before del in stub files (#23550)

Documentation

• Clarify first-party import detection in Ruff (#23591)
• Fix incorrect import-heading example (#23568)

Contributors

• @​stakeswky
• @​ntBre
• @​thejcannon
• @​GeObts

0.15.3

Released on 2026-02-26.

Preview features

• Drop explicit support for .qmd file extension (#23572)

  This can now be enabled instead by setting the extension option:

  # ruff.toml
  extension = { qmd = "markdown" }
  pyproject.toml
  [tool.ruff]
  extension = { qmd = "markdown" }

• Include configured extensions in file discovery (#23400)

• [flake8-bandit] Allow suspicious imports in TYPE_CHECKING blocks (S401-S415) (#23441)

• [flake8-bugbear] Allow B901 in pytest hook wrappers (#21931)

• [flake8-import-conventions] Add missing conventions from upstream (ICN001, ICN002) (#21373)

... (truncated)

Commits

• f14edd8 Bump 0.15.4 (#23595)
• fd09d37 Fix panic on access to definitions after analyzing definitions (#23588)
• 81d655f [pyflakes] suppress false positive in F821 for names used before del in...
• 625b4f5 [ruff] docs: Clarify first-party import detection in Ruff (#23591)
• 60facfa one word typo fix in a while_loop.md test case (#23589)
• fbb9fa7 docs: fix incorrect import-heading example (#23568)
• 5bc49a9 Increase the ruleset size to 16 bits (#23586)
• a62ba8c [ty] Fix overloaded callable assignability for unary Callable targets (#23277)
• e5f2f36 Bump 0.15.3 (#23585)
• 0e19fc9 [ty] defer calculating conjunctions in narrowing constraints (#23552)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

☂️ Python Coverage

current status: ✅

Overall Coverage

Lines	Covered	Coverage	Threshold	Status
2931	2719	93%	85%	🟢

New Files

No new covered files...

Modified Files

No covered modified files...

updated for commit: 2524910 by action🐍

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud