Bump the pip-major group across 1 directory with 4 updates

[dependabot]

Bumps the pip-major group with 4 updates in the / directory: marshmallow, okta, types-flask-cors and pytest.

Updates marshmallow from 3.23.1 to 4.1.0

Changelog

Sourced from marshmallow's changelog.

4.1.0 (2025-11-01) ++++++++++++++++++

Other changes:

• Add __len__ implementation to missing so that it can be used with validate.Length <marshmallow.validate.Length> (:pr:2861). Thanks :user:agentgodzilla for the PR.
• Drop support for Python 3.9 (:pr:2363).
• Test against Python 3.14.

4.0.1 (2025-08-28) ++++++++++++++++++

Bug fixes:

• Fix wildcard import of from marshmallow import * (:pr:2823). Thanks :user:Florian-Laport for the PR.

4.0.0 (2025-04-16)

---

See :ref:upgrading_4_0 for a guide on updating your code.

Features:

• Typing: Add types to all Field <marshmallow.fields.Field> constructor kwargs (:issue:2285). Thanks :user:navignaw for the suggestion.
• DateTime <marshmallow.fields.DateTime>, Date <marshmallow.fields.Date>, Time <marshmallow.fields.Time>, TimeDelta <marshmallow.fields.TimeDelta>, and Enum <marshmallow.fields.Enum> accept their internal value types as valid input (:issue:1415). Thanks :user:bitdancer for the suggestion.
• @validates <marshmallow.validates> accepts multiple field names (:issue:1960). Backwards-incompatible: Decorated methods now receive data_key as a keyword argument. Thanks :user:dpriskorn for the suggestion and :user:dharani7998 for the PR.

Other changes:

• Typing: Field <marshmallow.fields.Field> is now a generic type with a type argument for the internal value type.
• marshmallow.fields.UUID no longer subclasses marshmallow.fields.String.
• marshmallow.Schema.load no longer silently fails to call schema validators when a generator is passed (:issue:1898). The typing of data is also updated to be more accurate. Thanks :user:ziplokk1 for reporting.
• Backwards-incompatible: Use datetime.date.fromisoformat, datetime.time.fromisoformat, and datetime.datetime.fromisoformat from the standard library to deserialize dates, times and datetimes (:pr:2078). As a consequence of this change:
  • Time with time offsets are now supported.
  • YYYY-MM-DD is now accepted as a datetime and deserialized as naive 00:00 AM.
  • from_iso_date, from_iso_time and from_iso_datetime are removed from marshmallow.utils.

... (truncated)

Commits

• 441213d Bump version and update changelog
• 2b84b56 (fix) missing constant with len validation (#2861)
• fc87262 Test against Python 3.14 (#2864)
• 2a5e2e1 Update CHANGELOG
• d861be7 Merge pull request #2863 from marshmallow-code/drop_python_39
• 22288b6 Fix ruff issues
• 1d8fd27 Drop Python 3.9
• 966caf9 [pre-commit.ci] pre-commit autoupdate
• feb2244 Merge pull request #2857 from marshmallow-code/disable_RUF043
• 23ee363 Disable RUF043 in tests: allow metacharacters in match patterns
• Additional commits viewable in compare view

Updates okta from 2.9.8 to 3.0.0

Release notes

Sourced from okta's releases.

v3.0.0

What's Changed

• Upgrade SDK to OAS3.0 by @​BinoyOza-okta in okta/okta-sdk-python#452
• Added README changes. by @​BinoyOza-okta in okta/okta-sdk-python#454
• OKTA-937866 Adding dependabot file for python by @​agrja-rastogi-okta in okta/okta-sdk-python#451
• Add support for new Okta TLD domains (okta-gov.com, okta.mil, okta-miltest.com, trex-govcloud.com) by @​BinoyOza-okta in okta/okta-sdk-python#455

New Contributors

• @​agrja-rastogi-okta made their first contribution in okta/okta-sdk-python#451

Full Changelog: okta/okta-sdk-python@v2.9.13...v3.0.0

v2.9.13

What's Changed

• Expire and renew the access token when using OAuth 2.0 by @​BinoyOza-okta in okta/okta-sdk-python#445
• V2.9.13 Release changes by @​BinoyOza-okta in okta/okta-sdk-python#446

Full Changelog: okta/okta-sdk-python@v2.9.12...v2.9.13

v2.9.12

What's Changed

• Reduce JWT token expiration time. by @​BinoyOza-okta in okta/okta-sdk-python#443
• V2.9.12 Release changes by @​BinoyOza-okta in okta/okta-sdk-python#444

Full Changelog: okta/okta-sdk-python@v2.9.11...v2.9.12

v2.9.11

What's Changed

• Allow latest aenum release by @​BinoyOza-okta in okta/okta-sdk-python#440
• "Okta direct auth API grants" are not valid OAuthGrantType by @​BinoyOza-okta in okta/okta-sdk-python#441
• Fixed #435: added data_type parameter for OktaAPIResponse by @​comrumino in okta/okta-sdk-python#438
• V2.9.11 Release changes by @​BinoyOza-okta in okta/okta-sdk-python#442

New Contributors

• @​BinoyOza-okta made their first contribution in okta/okta-sdk-python#440
• @​comrumino made their first contribution in okta/okta-sdk-python#438

Full Changelog: okta/okta-sdk-python@v2.9.10...v2.9.11

v2.9.10

What's Changed

• Fix client creds auth by @​csanders-git in okta/okta-sdk-python#429

New Contributors

• @​csanders-git made their first contribution in okta/okta-sdk-python#429

Full Changelog: okta/okta-sdk-python@v2.9.9...v2.9.10

... (truncated)

Changelog

Sourced from okta's changelog.

3.0.0

OKTA SDK PYTHON COMPREHENSIVE API MIGRATION REPORT

EXECUTIVE SUMMARY

This summary documents ALL METHOD CHANGES across the complete set of 350 operations between the older resource_clients directory and the newer api directory in the Okta Python SDK.

COMPLETE METHOD MIGRATION MAPPING

1. APPLICATION_CLIENT.PY → MULTIPLE APIs (53 METHODS)

FROM: application_client.py (53 methods) TO: Multiple specialized APIs

CORE APPLICATION METHODS (Retained in application_api.py):

• ✓ list_applications → list_applications (KEPT)
• ✓ create_application → create_application (KEPT)
• ✓ delete_application → delete_application (KEPT)
• ✓ get_application → get_application (KEPT)
• ✓ activate_application → activate_application (KEPT)
• ✓ deactivate_application → deactivate_application (KEPT)
• ✗ update_application → replace_application (RENAMED)

APPLICATION CONNECTION METHODS (→ application_connections_api.py):

• ✗ get_default_provisioning_connection_for_application → MOVED
• ✗ set_default_provisioning_connection_for_application → MOVED
• ✗ activate_default_provisioning_connection_for_application → MOVED
• ✗ deactivate_default_provisioning_connection_for_application → MOVED

CERTIFICATE/CSR METHODS (REMOVED - No direct equivalent):

• ✗ list_csrs_for_application → REMOVED
• ✗ generate_csr_for_application → REMOVED
• ✗ revoke_csr_from_application → REMOVED
• ✗ get_csr_for_application → REMOVED
• ✗ publish_cer_cert → REMOVED
• ✗ publish_binary_cer_cert → REMOVED
• ✗ publish_der_cert → REMOVED
• ✗ publish_binary_der_cert → REMOVED
• ✗ publish_binary_pem_cert → REMOVED

APPLICATION KEYS METHODS (REMOVED - No direct equivalent):

• ✗ list_application_keys → REMOVED
• ✗ generate_application_key → REMOVED
• ✗ get_application_key → REMOVED
• ✗ clone_application_key → REMOVED

... (truncated)

Commits

• e9fa5b8 Merge pull request #455 from okta/OKTA-504329
• 6d85ea5 Merge pull request #451 from okta/OKTA-937866
• 6c3b63a - Added the new domains to the Okta domain list in the code files mentioned.
• 8ef9317 Merge pull request #454 from okta/readme-changes
• fada5bf - Added link for the devforums in the README.md
• 780ecaa major (sdk): Migrate from Swagger 2.0 to OpenAPI 3.0
• a423b78 adding dependabot file for python
• e9764a4 Merge pull request #446 from okta/release-changes-v2.9.13
• 55fae99 - Release changelog and version changes.
• f75f82c Merge pull request #445 from okta/OKTA-641384
• Additional commits viewable in compare view

Updates types-flask-cors from 5.0.0.20240902 to 6.0.0.20250809

Commits

• See full diff in compare view

Updates pytest from 8.3.4 to 9.0.0

Release notes

Sourced from pytest's releases.

9.0.0

pytest 9.0.0 (2025-11-05)

New features

• #1367: Support for subtests has been added.

  subtests <subtests> are an alternative to parametrization, useful in situations where the parametrization values are not all known at collection time.

  Example:

  def contains_docstring(p: Path) -> bool:
      """Return True if the given Python file contains a top-level docstring."""
      ...
  def test_py_files_contain_docstring(subtests: pytest.Subtests) -> None:
  for path in Path.cwd().glob("*.py"):
  with subtests.test(path=str(path)):
  assert contains_docstring(path)

  Each assert failure or error is caught by the context manager and reported individually, giving a clear picture of all files that are missing a docstring.

  In addition, unittest.TestCase.subTest is now also supported.

  This feature was originally implemented as a separate plugin in pytest-subtests, but since then has been merged into the core.

  [!NOTE] This feature is experimental and will likely evolve in future releases. By that we mean that we might change how subtests are reported on failure, but the functionality and how to use it are stable.

• #13743: Added support for native TOML configuration files.

  While pytest, since version 6, supports configuration in pyproject.toml files under [tool.pytest.ini_options], it does so in an "INI compatibility mode", where all configuration values are treated as strings or list of strings. Now, pytest supports the native TOML data model.

  In pyproject.toml, the native TOML configuration is under the [tool.pytest] table.

  # pyproject.toml
  [tool.pytest]
  minversion = "9.0"
  addopts = ["-ra", "-q"]
  testpaths = [
      "tests",
      "integration",
  ]

... (truncated)

Commits

• f4b0fd2 Prepare release version 9.0.0
• 52d8e68 Merge pull request #13889 from bluetech/regendoc-restore
• d6d3e4a doc: fixes for regendoc
• 7cb3974 doc: restore missing "# content of pytest.toml" regendoc commands
• 5ae9e47 build(deps): Bump django in /testing/plugins_integration (#13881)
• adb3658 Merge pull request #13864 from bluetech/config-cleanups-2
• a28c08e Merge pull request #13875 from bluetech/ci-tweaks
• a250954 ci: split publish-to-pypi and push-tag jobs
• ebc152f ci: update setup python's from 3.11 or 3.* to 3.13
• dfd796f ci: move running update-plugin-list script to tox
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions