From 23760d5f7af3e83b606efab1c5a511fe4255bca6 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 8 Oct 2025 10:15:40 +0000
Subject: [PATCH 1/3] Bump github/codeql-action from 3 to 4 (#11605)

Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 3 to 4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.30.7</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.30.7 - 06 Oct 2025</h2>
<p>No user facing changes.</p>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.30.7/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.30.6</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.30.6 - 02 Oct 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.23.2. <a
href="https://redirect.github.com/github/codeql-action/pull/3168">#3168</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.30.6/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.30.5</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.30.5 - 26 Sep 2025</h2>
<ul>
<li>We fixed a bug that was introduced in <code>3.30.4</code> with
<code>upload-sarif</code> which resulted in files without a
<code>.sarif</code> extension not getting uploaded. <a
href="https://redirect.github.com/github/codeql-action/pull/3160">#3160</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.30.5/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.30.4</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.30.4 - 25 Sep 2025</h2>
<ul>
<li>We have improved the CodeQL Action's ability to validate that the
workflow it is used in does not use different versions of the CodeQL
Action for different workflow steps. Mixing different versions of the
CodeQL Action in the same workflow is unsupported and can lead to
unpredictable results. A warning will now be emitted from the
<code>codeql-action/init</code> step if different versions of the CodeQL
Action are detected in the workflow file. Additionally, an error will
now be thrown by the other CodeQL Action steps if they load a
configuration file that was generated by a different version of the
<code>codeql-action/init</code> step. <a
href="https://redirect.github.com/github/codeql-action/pull/3099">#3099</a>
and <a
href="https://redirect.github.com/github/codeql-action/pull/3100">#3100</a></li>
<li>We added support for reducing the size of dependency caches for Java
analyses, which will reduce cache usage and speed up workflows. This
will be enabled automatically at a later time. <a
href="https://redirect.github.com/github/codeql-action/pull/3107">#3107</a></li>
<li>You can now run the latest CodeQL nightly bundle by passing
<code>tools: nightly</code> to the <code>init</code> action. In general,
the nightly bundle is unstable and we only recommend running it when
directed by GitHub staff. <a
href="https://redirect.github.com/github/codeql-action/pull/3130">#3130</a></li>
<li>Update default CodeQL bundle version to 2.23.1. <a
href="https://redirect.github.com/github/codeql-action/pull/3118">#3118</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.30.4/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.30.3</h2>
<h1>CodeQL Action Changelog</h1>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h2>3.29.4 - 23 Jul 2025</h2>
<p>No user facing changes.</p>
<h2>3.29.3 - 21 Jul 2025</h2>
<p>No user facing changes.</p>
<h2>3.29.2 - 30 Jun 2025</h2>
<ul>
<li>Experimental: When the <code>quality-queries</code> input for the
<code>init</code> action is provided with an argument, separate
<code>.quality.sarif</code> files are produced and uploaded for each
language with the results of the specified queries. Do not use this in
production as it is part of an internal experiment and subject to change
at any time. <a
href="https://redirect.github.com/github/codeql-action/pull/2935">#2935</a></li>
</ul>
<h2>3.29.1 - 27 Jun 2025</h2>
<ul>
<li>Fix bug in PR analysis where user-provided <code>include</code>
query filter fails to exclude non-included queries. <a
href="https://redirect.github.com/github/codeql-action/pull/2938">#2938</a></li>
<li>Update default CodeQL bundle version to 2.22.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2950">#2950</a></li>
</ul>
<h2>3.29.0 - 11 Jun 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.22.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2925">#2925</a></li>
<li>Bump minimum CodeQL bundle version to 2.16.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2912">#2912</a></li>
</ul>
<h2>3.28.21 - 28 July 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.20 - 21 July 2025</h2>
<ul>
<li>Remove support for combining SARIF files from a single upload for
GHES 3.18, see <a
href="https://github.blog/changelog/2024-05-06-code-scanning-will-stop-combining-runs-from-a-single-upload/">the
changelog post</a>. <a
href="https://redirect.github.com/github/codeql-action/pull/2959">#2959</a></li>
</ul>
<h2>3.28.19 - 03 Jun 2025</h2>
<ul>
<li>The CodeQL Action no longer includes its own copy of the extractor
for the <code>actions</code> language, which is currently in public
preview.
The <code>actions</code> extractor has been included in the CodeQL CLI
since v2.20.6. If your workflow has enabled the <code>actions</code>
language <em>and</em> you have pinned
your <code>tools:</code> property to a specific version of the CodeQL
CLI earlier than v2.20.6, you will need to update to at least CodeQL
v2.20.6 or disable
<code>actions</code> analysis.</li>
<li>Update default CodeQL bundle version to 2.21.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2910">#2910</a></li>
</ul>
<h2>3.28.18 - 16 May 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2893">#2893</a></li>
<li>Skip validating SARIF produced by CodeQL for improved performance.
<a
href="https://redirect.github.com/github/codeql-action/pull/2894">#2894</a></li>
<li>The number of threads and amount of RAM used by CodeQL can now be
set via the <code>CODEQL_THREADS</code> and <code>CODEQL_RAM</code>
runner environment variables. If set, these environment variables
override the <code>threads</code> and <code>ram</code> inputs
respectively. <a
href="https://redirect.github.com/github/codeql-action/pull/2891">#2891</a></li>
</ul>
<h2>3.28.17 - 02 May 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2872">#2872</a></li>
</ul>
<h2>3.28.16 - 23 Apr 2025</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/aac66ec793240cfdd3037a81faa5b4d823045bc2"><code>aac66ec</code></a>
Remove <code>update-proxy-release</code> workflow</li>
<li><a
href="https://github.com/github/codeql-action/commit/91a63dc72c2c4c97e141018269495a7b62608d09"><code>91a63dc</code></a>
Remove <code>undefined</code> values from results of
<code>unsafeEntriesInvariant</code></li>
<li><a
href="https://github.com/github/codeql-action/commit/d25fa60a90ddfe309a83dd8606d2f3e0e5de15a7"><code>d25fa60</code></a>
ESLint: Disable <code>no-unused-vars</code> for parameters starting with
<code>_</code></li>
<li><a
href="https://github.com/github/codeql-action/commit/3adb1ff7b88abf82e97c2c42d9ac29a62769ba63"><code>3adb1ff</code></a>
Reorder supported tags in descending order</li>
<li>See full diff in <a
href="https://github.com/github/codeql-action/compare/v3...v4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3&new-version=4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/codeql.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index be954079132..ed447b9f29c 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -29,17 +29,17 @@ jobs:
         uses: actions/checkout@v5
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v3
+        uses: github/codeql-action/init@v4
         with:
           languages: ${{ matrix.language }}
           config-file: ./.github/codeql.yml
           queries: +security-and-quality
 
       - name: Autobuild
-        uses: github/codeql-action/autobuild@v3
+        uses: github/codeql-action/autobuild@v4
         if: ${{ matrix.language == 'python' || matrix.language == 'javascript' }}
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v3
+        uses: github/codeql-action/analyze@v4
         with:
           category: "/language:${{ matrix.language }}"

From 527f4f4863840c74884163a2ff333e7aa1a6000a Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 8 Oct 2025 10:26:28 +0000
Subject: [PATCH 2/3] Bump pytest-codspeed from 4.0.0 to 4.1.1 (#11606)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps [pytest-codspeed](https://github.com/CodSpeedHQ/pytest-codspeed)
from 4.0.0 to 4.1.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/CodSpeedHQ/pytest-codspeed/releases">pytest-codspeed's
releases</a>.</em></p>
<blockquote>
<h2>v4.1.1</h2>
<h2>What's Changed?</h2>
<ul>
<li>fix: build on macos with instrument-hooks by <a
href="https://github.com/not-matthias"><code>@​not-matthias</code></a>
in <a
href="https://redirect.github.com/CodSpeedHQ/pytest-codspeed/pull/90">CodSpeedHQ/pytest-codspeed#90</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/CodSpeedHQ/pytest-codspeed/compare/v4.1.0...v4.1.1">https://github.com/CodSpeedHQ/pytest-codspeed/compare/v4.1.0...v4.1.1</a></p>
<h2>v4.1.0</h2>
<h2>What's New?</h2>
<p>🚀 The new version of <a
href="https://github.com/CodSpeedHQ/instrument-hooks">CodSpeedHQ/instrument-hooks</a>
will improve the quality of the walltime profiling!</p>
<h2>Details</h2>
<h3>✨ Features</h3>
<ul>
<li>Bump instrument-hooks (<a
href="https://redirect.github.com/CodSpeedHQ/pytest-codspeed/issues/87">#87</a>)
by <a
href="https://github.com/not-matthias"><code>@​not-matthias</code></a>
in <a
href="https://redirect.github.com/CodSpeedHQ/pytest-codspeed/pull/87">#87</a></li>
</ul>
<h3><!-- raw HTML omitted -->🐛 Bug Fixes</h3>
<ul>
<li>Use ParamSpec in instrument definition instead of tuple and dict by
<a href="https://github.com/art049"><code>@​art049</code></a></li>
<li>Use ParamSpec in the plugin call definition by <a
href="https://github.com/flying-sheep"><code>@​flying-sheep</code></a></li>
</ul>
<h3><!-- raw HTML omitted -->📚 Documentation</h3>
<ul>
<li>Add pull_request trigger comment by <a
href="https://github.com/adriencaccia"><code>@​adriencaccia</code></a></li>
</ul>
<h3><!-- raw HTML omitted -->⚙️ Internals</h3>
<ul>
<li>Exclude beta tags in changelog by <a
href="https://github.com/art049"><code>@​art049</code></a></li>
<li>Switch to sharded upload (<a
href="https://redirect.github.com/CodSpeedHQ/pytest-codspeed/issues/75">#75</a>)
by <a href="https://github.com/art049"><code>@​art049</code></a> in <a
href="https://redirect.github.com/CodSpeedHQ/pytest-codspeed/pull/75">#75</a></li>
<li>Fix changelog generation by <a
href="https://github.com/art049"><code>@​art049</code></a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/CodSpeedHQ/pytest-codspeed/compare/v4.0.0...v4.1.0">https://github.com/CodSpeedHQ/pytest-codspeed/compare/v4.0.0...v4.1.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/CodSpeedHQ/pytest-codspeed/blob/master/CHANGELOG.md">pytest-codspeed's
changelog</a>.</em></p>
<blockquote>
<h2>[4.1.1] - 2025-10-07</h2>
<h3><!-- raw HTML omitted -->🐛 Bug Fixes</h3>
<ul>
<li>Wheel installation due to file system loop</li>
<li>Use ParamSpec in instrument definition instead of tuple and dict by
<a href="https://github.com/art049"><code>@​art049</code></a></li>
<li>Use ParamSpec in the plugin call definition by <a
href="https://github.com/flying-sheep"><code>@​flying-sheep</code></a></li>
</ul>
<h3><!-- raw HTML omitted -->📚 Documentation</h3>
<ul>
<li>Add pull_request trigger comment by <a
href="https://github.com/adriencaccia"><code>@​adriencaccia</code></a></li>
</ul>
<h3><!-- raw HTML omitted -->⚙️ Internals</h3>
<ul>
<li>Remove the beta versions from the changelog by <a
href="https://github.com/art049"><code>@​art049</code></a></li>
<li>Exclude beta tags in changelog by <a
href="https://github.com/art049"><code>@​art049</code></a></li>
<li>Bump instrument-hooks (<a
href="https://redirect.github.com/CodSpeedHQ/pytest-codspeed/issues/87">#87</a>)
by <a
href="https://github.com/not-matthias"><code>@​not-matthias</code></a>
in <a
href="https://redirect.github.com/CodSpeedHQ/pytest-codspeed/pull/87">#87</a></li>
<li>Switch to sharded upload (<a
href="https://redirect.github.com/CodSpeedHQ/pytest-codspeed/issues/75">#75</a>)
by <a href="https://github.com/art049"><code>@​art049</code></a> in <a
href="https://redirect.github.com/CodSpeedHQ/pytest-codspeed/pull/75">#75</a></li>
<li>Fix changelog generation by <a
href="https://github.com/art049"><code>@​art049</code></a></li>
</ul>
<h2>[4.1.0] - 2025-10-06</h2>
<h3><!-- raw HTML omitted -->🐛 Bug Fixes</h3>
<ul>
<li>Use ParamSpec in instrument definition instead of tuple and dict by
<a href="https://github.com/art049"><code>@​art049</code></a></li>
<li>Use ParamSpec in the plugin call definition by <a
href="https://github.com/flying-sheep"><code>@​flying-sheep</code></a></li>
</ul>
<h3><!-- raw HTML omitted -->📚 Documentation</h3>
<ul>
<li>Add pull_request trigger comment by <a
href="https://github.com/adriencaccia"><code>@​adriencaccia</code></a></li>
</ul>
<h3><!-- raw HTML omitted -->⚙️ Internals</h3>
<ul>
<li>Exclude beta tags in changelog by <a
href="https://github.com/art049"><code>@​art049</code></a></li>
<li>Bump instrument-hooks (<a
href="https://redirect.github.com/CodSpeedHQ/pytest-codspeed/issues/87">#87</a>)
by <a
href="https://github.com/not-matthias"><code>@​not-matthias</code></a>
in <a
href="https://redirect.github.com/CodSpeedHQ/pytest-codspeed/pull/87">#87</a></li>
<li>Switch to sharded upload (<a
href="https://redirect.github.com/CodSpeedHQ/pytest-codspeed/issues/75">#75</a>)
by <a href="https://github.com/art049"><code>@​art049</code></a> in <a
href="https://redirect.github.com/CodSpeedHQ/pytest-codspeed/pull/75">#75</a></li>
<li>Fix changelog generation by <a
href="https://github.com/art049"><code>@​art049</code></a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/CodSpeedHQ/pytest-codspeed/commit/58ee9e99b6ceb7f9cd00c3c5a3f0df7f5149bb57"><code>58ee9e9</code></a>
Release v4.1.1 🚀</li>
<li><a
href="https://github.com/CodSpeedHQ/pytest-codspeed/commit/01742c8e1b279c69823514f40da84658d6b58dce"><code>01742c8</code></a>
fix: wheel installation due to file system loop</li>
<li><a
href="https://github.com/CodSpeedHQ/pytest-codspeed/commit/791bed2a9bdd7d3400eb21ba05efa44afb1ad687"><code>791bed2</code></a>
chore: remove the beta versions from the changelog</li>
<li><a
href="https://github.com/CodSpeedHQ/pytest-codspeed/commit/0a3c31b37e5ccb1c0cffea11f59303da6e13bf7b"><code>0a3c31b</code></a>
Release v4.1.0 🚀</li>
<li><a
href="https://github.com/CodSpeedHQ/pytest-codspeed/commit/6cb7a88ac1fdaa85d202f5c93a9c06427f1bade0"><code>6cb7a88</code></a>
chore: exclude beta tags in changelog</li>
<li><a
href="https://github.com/CodSpeedHQ/pytest-codspeed/commit/63eec3bf9a5f4e96903860d99722fd4a2eb7c9fa"><code>63eec3b</code></a>
chore: bump instrument-hooks (<a
href="https://redirect.github.com/CodSpeedHQ/pytest-codspeed/issues/87">#87</a>)</li>
<li><a
href="https://github.com/CodSpeedHQ/pytest-codspeed/commit/192d881ab8501d77a470cffbd341fd9b66bcf4b4"><code>192d881</code></a>
ci: switch to sharded upload (<a
href="https://redirect.github.com/CodSpeedHQ/pytest-codspeed/issues/75">#75</a>)</li>
<li><a
href="https://github.com/CodSpeedHQ/pytest-codspeed/commit/5f6971d8bf19f0e048244568a14b759e76ea9811"><code>5f6971d</code></a>
fix: use ParamSpec in instrument definition instead of tuple and
dict</li>
<li><a
href="https://github.com/CodSpeedHQ/pytest-codspeed/commit/44071fc1668ac2cd489017e3427a8c816a524d04"><code>44071fc</code></a>
fix: use ParamSpec in the plugin call definition</li>
<li><a
href="https://github.com/CodSpeedHQ/pytest-codspeed/commit/475be0c99deee08b0d07a6ee35eb51d0b1157258"><code>475be0c</code></a>
docs: add pull_request trigger comment</li>
<li>Additional commits viewable in <a
href="https://github.com/CodSpeedHQ/pytest-codspeed/compare/v4.0.0...v4.1.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pytest-codspeed&package-manager=pip&previous-version=4.0.0&new-version=4.1.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 requirements/constraints.txt | 2 +-
 requirements/dev.txt         | 2 +-
 requirements/lint.txt        | 2 +-
 requirements/test-common.txt | 2 +-
 requirements/test-ft.txt     | 2 +-
 requirements/test.txt        | 2 +-
 6 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/requirements/constraints.txt b/requirements/constraints.txt
index 52d10562703..1011c03dc46 100644
--- a/requirements/constraints.txt
+++ b/requirements/constraints.txt
@@ -184,7 +184,7 @@ pytest==8.4.2
     #   pytest-cov
     #   pytest-mock
     #   pytest-xdist
-pytest-codspeed==4.0.0
+pytest-codspeed==4.1.1
     # via
     #   -r requirements/lint.in
     #   -r requirements/test-common.in
diff --git a/requirements/dev.txt b/requirements/dev.txt
index e08b627e4b4..65481dae7d1 100644
--- a/requirements/dev.txt
+++ b/requirements/dev.txt
@@ -179,7 +179,7 @@ pytest==8.4.2
     #   pytest-cov
     #   pytest-mock
     #   pytest-xdist
-pytest-codspeed==4.0.0
+pytest-codspeed==4.1.1
     # via
     #   -r requirements/lint.in
     #   -r requirements/test-common.in
diff --git a/requirements/lint.txt b/requirements/lint.txt
index 4e880e37c80..8b0b7a477b9 100644
--- a/requirements/lint.txt
+++ b/requirements/lint.txt
@@ -80,7 +80,7 @@ pytest==8.4.2
     #   -r requirements/lint.in
     #   pytest-codspeed
     #   pytest-mock
-pytest-codspeed==4.0.0
+pytest-codspeed==4.1.1
     # via -r requirements/lint.in
 pytest-mock==3.15.1
     # via -r requirements/lint.in
diff --git a/requirements/test-common.txt b/requirements/test-common.txt
index 5167e2be230..a00c3b6cbae 100644
--- a/requirements/test-common.txt
+++ b/requirements/test-common.txt
@@ -71,7 +71,7 @@ pytest==8.4.2
     #   pytest-cov
     #   pytest-mock
     #   pytest-xdist
-pytest-codspeed==4.0.0
+pytest-codspeed==4.1.1
     # via -r requirements/test-common.in
 pytest-cov==7.0.0
     # via -r requirements/test-common.in
diff --git a/requirements/test-ft.txt b/requirements/test-ft.txt
index 1e835a13d0c..2dd5ad992d7 100644
--- a/requirements/test-ft.txt
+++ b/requirements/test-ft.txt
@@ -102,7 +102,7 @@ pytest==8.4.2
     #   pytest-cov
     #   pytest-mock
     #   pytest-xdist
-pytest-codspeed==4.0.0
+pytest-codspeed==4.1.1
     # via -r requirements/test-common.in
 pytest-cov==7.0.0
     # via -r requirements/test-common.in
diff --git a/requirements/test.txt b/requirements/test.txt
index 23808b3d1f0..3dd013caf4a 100644
--- a/requirements/test.txt
+++ b/requirements/test.txt
@@ -102,7 +102,7 @@ pytest==8.4.2
     #   pytest-cov
     #   pytest-mock
     #   pytest-xdist
-pytest-codspeed==4.0.0
+pytest-codspeed==4.1.1
     # via -r requirements/test-common.in
 pytest-cov==7.0.0
     # via -r requirements/test-common.in

From 9f718eb26efd18955d0349d2f313c55d00beb9b9 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 8 Oct 2025 10:38:59 +0000
Subject: [PATCH 3/3] Bump pydantic from 2.11.9 to 2.12.0 (#11607)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps [pydantic](https://github.com/pydantic/pydantic) from 2.11.9 to
2.12.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pydantic/pydantic/releases">pydantic's
releases</a>.</em></p>
<blockquote>
<h2>v2.12.0 2025-10-07</h2>
<!-- raw HTML omitted -->
<h1>v2.12.0 (2025-10-07)</h1>
<blockquote>
<p>[!NOTE]
Check out the <a
href="https://pydantic.dev/articles/pydantic-v2-12-release">blog
post</a> for release highlights.</p>
</blockquote>
<p>This is the final 2.12 release. It features the work of 20 external
contributors and provides useful new features, along with initial Python
3.14 support. Several minor <a
href="https://pydantic.dev/articles/pydantic-v2-12-release#changes">changes</a>
(considered non-breaking changes according to our <a
href="https://docs.pydantic.dev/2.12/version-policy/#pydantic-v2">versioning
policy</a>) are also included in this release. Make sure to look into
them before upgrading.</p>
<p>Changes (see the <a
href="https://github.com/pydantic/pydantic/releases/tag/v2.12.0a1">2.12.0a1</a>
and <a
href="https://github.com/pydantic/pydantic/releases/tag/v2.12.0b1">2.12.0b1</a>
releases for additional changes since 2.11):</p>
<h4>Packaging</h4>
<ul>
<li>Update V1 copy to v1.10.24 by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12338">#12338</a></li>
</ul>
<h4>New Features</h4>
<ul>
<li>Add <code>extra</code> parameter to the validate functions by <a
href="https://github.com/anvilpete"><code>@​anvilpete</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12233">#12233</a></li>
<li>Add <code>exclude_computed_fields</code> serialization option by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12334">#12334</a></li>
<li>Add <code>preverse_empty_path</code> URL options by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12336">#12336</a></li>
<li>Add <code>union_format</code> parameter to JSON Schema generation by
<a href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12147">#12147</a></li>
<li>Add <code>__qualname__</code> parameter for
<code>create_model</code> by <a
href="https://github.com/Atry"><code>@​Atry</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12001">#12001</a></li>
</ul>
<h4>Fixes</h4>
<ul>
<li>Do not try to infer name from lambda definitions in pipelines API by
<a href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12289">#12289</a></li>
<li>Use proper namespace for functions in <code>TypeAdapter</code> by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12324">#12324</a></li>
<li>Use <code>Any</code> for context type annotation in
<code>TypeAdapter</code> by <a
href="https://github.com/inducer"><code>@​inducer</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12279">#12279</a></li>
<li>Expose <code>FieldInfo</code> in
<code>pydantic.fields.__all__</code> by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12339">#12339</a></li>
<li>Respect <code>validation_alias</code> in <code>@validate_call</code>
by <a href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12340">#12340</a></li>
<li>Use <code>Any</code> as context annotation in plugin API by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12341">#12341</a></li>
<li>Use proper <code>stacklevel</code> in warnings when possible by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12342">#12342</a></li>
</ul>
<h3>New Contributors</h3>
<ul>
<li><a href="https://github.com/anvilpete"><code>@​anvilpete</code></a>
made their first contribution in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12233">#12233</a></li>
<li><a
href="https://github.com/JonathanWindell"><code>@​JonathanWindell</code></a>
made their first contribution in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12327">#12327</a></li>
<li><a href="https://github.com/inducer"><code>@​inducer</code></a> made
their first contribution in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12279">#12279</a></li>
<li><a href="https://github.com/Atry"><code>@​Atry</code></a> made their
first contribution in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12001">#12001</a></li>
<li></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/pydantic/pydantic/compare/v2.11.10...v2.12.0">https://github.com/pydantic/pydantic/compare/v2.11.10...v2.12.0</a></p>
<h2>v2.12.0b1 2025-10-03</h2>
<h2>v2.12.0b1 (2025-10-03)</h2>
<p>This is the first beta release of the upcoming 2.12 release.</p>
<h3>What's Changed</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pydantic/pydantic/blob/main/HISTORY.md">pydantic's
changelog</a>.</em></p>
<blockquote>
<h2>v2.12.0 (2025-10-07)</h2>
<p><a
href="https://github.com/pydantic/pydantic/releases/tag/v2.12.0">GitHub
release</a></p>
<h3>What's Changed</h3>
<p>This is the final 2.12 release. It features the work of 20 external
contributors and provides useful new features, along with initial Python
3.14 support.
Several minor changes (considered non-breaking changes according to our
<a
href="https://docs.pydantic.dev/2.12/version-policy/#pydantic-v2">versioning
policy</a>)
are also included in this release. Make sure to look into them before
upgrading.</p>
<p>Changes (see the alpha and beta releases for additional changes since
2.11):</p>
<h4>Packaging</h4>
<ul>
<li>Update V1 copy to v1.10.24 by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12338">#12338</a></li>
</ul>
<h4>New Features</h4>
<ul>
<li>Add <code>extra</code> parameter to the validate functions by <a
href="https://github.com/anvilpete"><code>@​anvilpete</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12233">#12233</a></li>
<li>Add <code>exclude_computed_fields</code> serialization option by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12334">#12334</a></li>
<li>Add <code>preverse_empty_path</code> URL options by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12336">#12336</a></li>
<li>Add <code>union_format</code> parameter to JSON Schema generation by
<a href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12147">#12147</a></li>
<li>Add <code>__qualname__</code> parameter for
<code>create_model</code> by <a
href="https://github.com/Atry"><code>@​Atry</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12001">#12001</a></li>
</ul>
<h4>Fixes</h4>
<ul>
<li>Do not try to infer name from lambda definitions in pipelines API by
<a href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12289">#12289</a></li>
<li>Use proper namespace for functions in <code>TypeAdapter</code> by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12324">#12324</a></li>
<li>Use <code>Any</code> for context type annotation in
<code>TypeAdapter</code> by <a
href="https://github.com/inducer"><code>@​inducer</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12279">#12279</a></li>
<li>Expose <code>FieldInfo</code> in
<code>pydantic.fields.__all__</code> by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12339">#12339</a></li>
<li>Respect <code>validation_alias</code> in <code>@validate_call</code>
by <a href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12340">#12340</a></li>
<li>Use <code>Any</code> as context annotation in plugin API by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12341">#12341</a></li>
<li>Use proper <code>stacklevel</code> in warnings when possible by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12342">#12342</a></li>
</ul>
<h3>New Contributors</h3>
<ul>
<li><a href="https://github.com/anvilpete"><code>@​anvilpete</code></a>
made their first contribution in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12233">#12233</a></li>
<li><a
href="https://github.com/JonathanWindell"><code>@​JonathanWindell</code></a>
made their first contribution in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12327">#12327</a></li>
<li><a href="https://github.com/inducer"><code>@​inducer</code></a> made
their first contribution in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12279">#12279</a></li>
<li><a href="https://github.com/Atry"><code>@​Atry</code></a> made their
first contribution in <a
href="https://redirect.github.com/pydantic/pydantic/pull/12001">#12001</a></li>
</ul>
<h2>v2.12.0b1 (2025-10-03)</h2>
<p><a
href="https://github.com/pydantic/pydantic/releases/tag/v2.12.0b1">GitHub
release</a></p>
<p>This is the first beta release of the upcoming 2.12 release.</p>
<h3>What's Changed</h3>
<h4>Packaging</h4>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pydantic/pydantic/commit/a7928e692e5a7841c4379d1af1fd37966941dade"><code>a7928e6</code></a>
Update Python version in documentation publishing CI job (<a
href="https://redirect.github.com/pydantic/pydantic/issues/12344">#12344</a>)</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/0e188d02f30ce0a4bfeb6a719ce562084fb5621d"><code>0e188d0</code></a>
Prepare release 2.12.0 (<a
href="https://redirect.github.com/pydantic/pydantic/issues/12343">#12343</a>)</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/1231eeea6943baa7d5167f72cb7b6116f4347e26"><code>1231eee</code></a>
Use proper <code>stacklevel</code> in warnings when possible (<a
href="https://redirect.github.com/pydantic/pydantic/issues/12342">#12342</a>)</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/94989e0b09b8aeecfe0551c918bdc004ce9c0cf3"><code>94989e0</code></a>
Use <code>Any</code> as context annotation in plugin API (<a
href="https://redirect.github.com/pydantic/pydantic/issues/12341">#12341</a>)</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/3f59a03ea3219d9e4efd02a504c59138f273723e"><code>3f59a03</code></a>
Add <code>__qualname__</code> parameter for <code>create_model</code>
(<a
href="https://redirect.github.com/pydantic/pydantic/issues/12001">#12001</a>)</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/28c62c33218258fdb0f53f7d26c607b24dd6ed50"><code>28c62c3</code></a>
Rewrite std types, fields and strict mode documentation (<a
href="https://redirect.github.com/pydantic/pydantic/issues/12287">#12287</a>)</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/34baf1254115f113c031ffc0d9424bb89616ad49"><code>34baf12</code></a>
Add <code>union_format</code> parameter to JSON Schema generation (<a
href="https://redirect.github.com/pydantic/pydantic/issues/12147">#12147</a>)</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/495b03f92dc9aedd18af454b69f2605ac402a580"><code>495b03f</code></a>
Add <code>preverse_empty_path</code> URL options (<a
href="https://redirect.github.com/pydantic/pydantic/issues/12336">#12336</a>)</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/82d4254f30895c9a7ae63368a72e2aa4efa675d5"><code>82d4254</code></a>
Respect <code>validation_alias</code> in <code>@validate_call</code> (<a
href="https://redirect.github.com/pydantic/pydantic/issues/12340">#12340</a>)</li>
<li><a
href="https://github.com/pydantic/pydantic/commit/4bd84188a7f8a4a856b5e1923b27cbae28ee38b4"><code>4bd8418</code></a>
Expose <code>FieldInfo</code> in <code>pydantic.fields.__all__</code>
(<a
href="https://redirect.github.com/pydantic/pydantic/issues/12339">#12339</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/pydantic/pydantic/compare/v2.11.9...v2.12.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pydantic&package-manager=pip&previous-version=2.11.9&new-version=2.12.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 requirements/constraints.txt | 4 ++--
 requirements/dev.txt         | 4 ++--
 requirements/lint.txt        | 4 ++--
 requirements/test-common.txt | 4 ++--
 requirements/test-ft.txt     | 4 ++--
 requirements/test.txt        | 4 ++--
 6 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/requirements/constraints.txt b/requirements/constraints.txt
index 1011c03dc46..cf1e00f7bee 100644
--- a/requirements/constraints.txt
+++ b/requirements/constraints.txt
@@ -157,9 +157,9 @@ pycares==4.11.0
     # via aiodns
 pycparser==2.23
     # via cffi
-pydantic==2.11.9
+pydantic==2.12.0
     # via python-on-whales
-pydantic-core==2.33.2
+pydantic-core==2.41.1
     # via pydantic
 pyenchant==3.3.0
     # via sphinxcontrib-spelling
diff --git a/requirements/dev.txt b/requirements/dev.txt
index 65481dae7d1..60e88b75cf3 100644
--- a/requirements/dev.txt
+++ b/requirements/dev.txt
@@ -154,9 +154,9 @@ pycares==4.11.0
     # via aiodns
 pycparser==2.23
     # via cffi
-pydantic==2.11.9
+pydantic==2.12.0
     # via python-on-whales
-pydantic-core==2.33.2
+pydantic-core==2.41.1
     # via pydantic
 pygments==2.19.2
     # via
diff --git a/requirements/lint.txt b/requirements/lint.txt
index 8b0b7a477b9..708cc6e97a4 100644
--- a/requirements/lint.txt
+++ b/requirements/lint.txt
@@ -67,9 +67,9 @@ pycares==4.11.0
     # via aiodns
 pycparser==2.23
     # via cffi
-pydantic==2.11.9
+pydantic==2.12.0
     # via python-on-whales
-pydantic-core==2.33.2
+pydantic-core==2.41.1
     # via pydantic
 pygments==2.19.2
     # via
diff --git a/requirements/test-common.txt b/requirements/test-common.txt
index a00c3b6cbae..181fc34dd2c 100644
--- a/requirements/test-common.txt
+++ b/requirements/test-common.txt
@@ -56,9 +56,9 @@ proxy-py==2.4.10
     # via -r requirements/test-common.in
 pycparser==2.23
     # via cffi
-pydantic==2.12.0a1
+pydantic==2.12.0
     # via python-on-whales
-pydantic-core==2.37.2
+pydantic-core==2.41.1
     # via pydantic
 pygments==2.19.2
     # via
diff --git a/requirements/test-ft.txt b/requirements/test-ft.txt
index 2dd5ad992d7..abe94c1bb75 100644
--- a/requirements/test-ft.txt
+++ b/requirements/test-ft.txt
@@ -87,9 +87,9 @@ pycares==4.11.0
     # via aiodns
 pycparser==2.23
     # via cffi
-pydantic==2.12.0a1
+pydantic==2.12.0
     # via python-on-whales
-pydantic-core==2.37.2
+pydantic-core==2.41.1
     # via pydantic
 pygments==2.19.2
     # via
diff --git a/requirements/test.txt b/requirements/test.txt
index 3dd013caf4a..425d84664cc 100644
--- a/requirements/test.txt
+++ b/requirements/test.txt
@@ -87,9 +87,9 @@ pycares==4.11.0
     # via aiodns
 pycparser==2.23
     # via cffi
-pydantic==2.12.0a1
+pydantic==2.12.0
     # via python-on-whales
-pydantic-core==2.37.2
+pydantic-core==2.41.1
     # via pydantic
 pygments==2.19.2
     # via