chore: Bump the python-deps group in /sdks/python with 7 updates

[dependabot]

Bumps the python-deps group in /sdks/python with 7 updates:

Package	From	To
pydantic-settings	2.14.1	2.14.2
click	8.4.1	8.4.2
boto3	1.43.29	1.43.34
botocore	1.43.34	1.43.36
pydoclint	0.8.6	0.9.0
openai	2.41.1	2.44.0
fastapi	0.138.0	0.138.1

Updates pydantic-settings from 2.14.1 to 2.14.2

Release notes

Sourced from pydantic-settings's releases.

v2.14.2

What's Changed

This is a security patch release.

• Prevent NestedSecretsSettingsSource from following symlinks outside secrets_dir by @​hramezani in pydantic/pydantic-settings#889
• Prepare release 2.14.2 by @​hramezani in pydantic/pydantic-settings#890

Security

Fixes GHSA-4xgf-cpjx-pc3j: NestedSecretsSettingsSource with secrets_nested_subdir=True could follow a symbolic link inside secrets_dir pointing outside it, reading out-of-tree files into settings values and bypassing the secrets_dir_max_size cap. Affected versions: >= 2.12.0, < 2.14.2.

Full Changelog: pydantic/pydantic-settings@v2.14.1...v2.14.2

Commits

• d703bd7 Prepare release 2.14.2 (#890)
• See full diff in compare view

Updates click from 8.4.1 to 8.4.2

Release notes

Sourced from click's releases.

8.4.2

This is the Click 8.4.1 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/click/8.4.2/ Changes: https://click.palletsprojects.com/page/changes/#version-8-4-2 Milestone: https://github.com/pallets/click/milestone/34

• Fix Fish shell completion broken in 8.4.0 by #3126. Newlines and tabs in option help text are now escaped, keeping the original completion format while still supporting multi-line help. #3502 #3043 #3504 #3508
• Deprecated commands and options with empty or missing help text no longer render a stray leading space before the (DEPRECATED) label. #3509
• A {class}Group with invoke_without_command=True marks its subcommand as optional in the usage help, showing [COMMAND] instead of COMMAND. #3059 #3507
• echo_via_pager flushes after each write, so passing a generator streams output to the pager incrementally instead of staying hidden until the pipe buffer fills. #3242 #2542 #3534
• echo_via_pager and get_pager_file no longer close a borrowed stdout stream when no external pager runs, completing the partial I/O operation on closed file fix from #3482. #3449 #3533
• Fix CLI usage symopsis for optional arguments producing double square brackets [[a|b|c]]... whose type already brackets their metavar. #3578
• {func}version_option resolves a package_name that does not match an installed distribution as an import (top-level module) name via {func}importlib.metadata.packages_distributions. Packages whose top-level module name differs from their distribution name (PIL vs Pillow, jwt vs PyJWT) no longer raise RuntimeError out of the box. #2331 #1884 #3125 #3582

Changelog

Sourced from click's changelog.

Version 8.4.2

Unreleased

• Fix Fish shell completion broken in 8.4.0 by {pr}3126. Newlines and tabs in option help text are now escaped, keeping the original completion format while still supporting multi-line help. {issue}3502 {issue}3043 {pr}3504 {pr}3508
• Deprecated commands and options with empty or missing help text no longer render a stray leading space before the (DEPRECATED) label. {pr}3509
• A {class}Group with invoke_without_command=True marks its subcommand as optional in the usage help, showing [COMMAND] instead of COMMAND. {issue}3059 {pr}3507
• echo_via_pager flushes after each write, so passing a generator streams output to the pager incrementally instead of staying hidden until the pipe buffer fills. {issue}3242 {issue}2542 {pr}3534
• echo_via_pager and get_pager_file no longer close a borrowed stdout stream when no external pager runs, completing the partial I/O operation on closed file fix from {pr}3482. {issue}3449 {pr}3533

Commits

• b2e30a1 Release version 8.4.2
• 7a16b20 Fix package_name resolution when module differs from distribution name (#3582)
• bec5928 Fix package_name resolution when top-level module differs from distribution...
• 916883a Fix tests to not rely on -Wdefault option (#3591)
• 09195f6 Fix double-bracketing of choices in synopsis (#3578)
• 1557e26 Check for warning exception with idiomatic context manager
• d9ff133 Static typing improvements in click.shell_completion (#3460)
• 762c97e Fix double-bracketing of choices in synopsis
• 8929d39 Convert changes to markdown. (#3559)
• 237be50 Move changes headings down a level.
• Additional commits viewable in compare view

Updates boto3 from 1.43.29 to 1.43.34

Commits

• 1820b7d Merge branch 'release-1.43.34'
• 2178e7a Bumping version to 1.43.34
• 797f30d Add changelog entries from botocore
• 325a059 Remove DocumentModifiedShape and re-export it from botocore (#4795)
• 44bfb9a Merge branch 'release-1.43.33'
• 447ab8f Merge branch 'release-1.43.33' into develop
• 1a41f9c Bumping version to 1.43.33
• 3a2819d Add changelog entries from botocore
• 22ffece Bump https://github.com/astral-sh/ruff-pre-commit (#4802)
• 19645b7 Merge branch 'release-1.43.32'
• Additional commits viewable in compare view

Updates botocore from 1.43.34 to 1.43.36

Commits

• 7a5b506 Merge branch 'release-1.43.36'
• 9f214f1 Bumping version to 1.43.36
• 32ea3d9 Update to latest models
• d33e4c5 Merge branch 'release-1.43.35'
• 7f8e97a Merge branch 'release-1.43.35' into develop
• 833cf6e Bumping version to 1.43.35
• 8b3f215 Update to latest models
• 377d566 Merge customizations for Application Signals
• 10f696e Merge branch 'release-1.43.34' into develop
• See full diff in compare view

Updates pydoclint from 0.8.6 to 0.9.0

Release notes

Sourced from pydoclint's releases.

0.9.0

What's Changed

• Handle PEP 696 defaults for Generator annotations by @​gaoflow in jsh9/pydoclint#293

New Contributors

• @​gaoflow made their first contribution in jsh9/pydoclint#293

Full Changelog: jsh9/pydoclint@0.8.7...0.9.0

0.8.7

What's Changed

• Fix DOC404 false positive on functions with both return and yield by @​StressTestor in jsh9/pydoclint#291

New Contributors

• @​StressTestor made their first contribution in jsh9/pydoclint#291

Full Changelog: jsh9/pydoclint@0.8.6...0.8.7

Changelog

Sourced from pydoclint's changelog.

[0.9.0] - 2026-06-29

• Fixed
  • A DOC404 false positive for single-argument Generator[YieldType] annotations, where pydoclint compared the docstring yield type with the whole annotation instead of the generator yield type
  • Return/yield handling for one- and two-argument Generator[...] annotations so omitted return types default to None per PEP-696
• Full diff
  • jsh9/pydoclint@0.8.7...0.9.0

[0.8.7] - 2026-06-22

• Fixed
  • A DOC404 false positive on a function with both a return and a yield whose return annotation is a parametrized iterator (e.g. Iterator[Dict[str, Any]]): the yield type was extracted twice, producing (str, Any) instead of Dict[str, Any]
• Full diff
  • jsh9/pydoclint@0.8.6...0.8.7

Commits

• 09ed6c5 Handle PEP 696 defaults for Generator annotations (#293)
• c30c322 Fix DOC404 false positive on functions with both return and yield (#291)
• See full diff in compare view

Updates openai from 2.41.1 to 2.44.0

Release notes

Sourced from openai's releases.

v2.44.0

2.44.0 (2026-06-24)

Full Changelog: v2.43.0...v2.44.0

Bug Fixes

• auth: prioritize first auth header (797e336)

v2.43.0

2.43.0 (2026-06-17)

Full Changelog: v2.42.0...v2.43.0

Features

• api: update OpenAPI spec or Stainless config (2254235)

v2.42.0

2.42.0 (2026-06-16)

Full Changelog: v2.41.1...v2.42.0

Features

• api: admin spend_alerts (6134198)
• api: manual updates (f337bf4)
• api: update OpenAPI spec or Stainless config (7015158)

Build System

• fix release workflow permissions (#3389) (a526ee8)
• Use CI environment for examples API key (#3394) (d64d811)

Changelog

Sourced from openai's changelog.

2.44.0 (2026-06-24)

Full Changelog: v2.43.0...v2.44.0

Bug Fixes

• auth: prioritize first auth header (797e336)

2.43.0 (2026-06-17)

Full Changelog: v2.42.0...v2.43.0

Features

• api: update OpenAPI spec or Stainless config (2254235)

2.42.0 (2026-06-16)

Full Changelog: v2.41.1...v2.42.0

Features

• api: admin spend_alerts (6134198)
• api: manual updates (f337bf4)
• api: update OpenAPI spec or Stainless config (7015158)

Build System

• fix release workflow permissions (#3389) (a526ee8)
• Use CI environment for examples API key (#3394) (d64d811)

Commits

• 6d9262d release: 2.44.0
• d356275 [codex] Add AWS Bedrock provider authentication (#3398)
• f47f9a2 fix(auth): prioritize first auth header
• e20b6b8 release: 2.43.0
• 4d35453 feat(api): update OpenAPI spec or Stainless config
• 2bba15e release: 2.42.0
• 1ec3e82 codegen metadata
• 93c2eca feat(api): manual updates
• b269f88 codegen metadata
• ee821d6 feat(api): admin spend_alerts
• Additional commits viewable in compare view

Updates fastapi from 0.138.0 to 0.138.1

Release notes

Sourced from fastapi's releases.

0.138.1

Refactors

• ♻️ Refactor Library Skills, make info easier to find for agents. PR #15841 by @​tiangolo.

Internal

• 👷 Simplify pull request workflow triggers. PR #15836 by @​tiangolo.
• 👷 Update issue-manager to 0.7.1. PR #15833 by @​tiangolo.
• ⬆️ Update issue-manager to 0.7.0. PR #15831 by @​tiangolo.
• 🔧 Update sponsors: Add TestMu again. PR #15830 by @​tiangolo.
• 🔒️ Update zizmor workflow security checks. PR #15820 by @​tiangolo.
• ⬆ Bump pydantic-settings from 2.14.1 to 2.14.2. PR #15799 by @​dependabot[bot].

Commits

• b90c49a 🔖 Release version 0.138.1 (#15842)
• 1f2f3df 📝 Update release notes
• 0af003a ♻️ Refactor Library Skills, make info easier to find for agents (#15841)
• d5494c1 📝 Update release notes
• 82c527e 👷 Simplify pull request workflow triggers (#15836)
• 3f28dbe 📝 Update release notes
• f6ea6b1 👷 Update issue-manager to 0.7.1 (#15833)
• 219ac63 📝 Update release notes
• fcc8e1f ⬆️ Update issue-manager to 0.7.0 (#15831)
• 457f4c7 📝 Update release notes
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
hatchet-docs	Ready	Preview, Comment	Jun 29, 2026 4:37am