build(deps): bump the python-deps group across 1 directory with 6 updates

[dependabot]

Bumps the python-deps group with 6 updates in the /apps/api directory:

Package	From	To
fastapi	0.136.1	0.136.3
anthropic	0.103.1	0.104.1
pytest-asyncio	1.3.0	1.4.0
diff-cover	10.2.0	10.2.1
ruff	0.15.13	0.15.15
hypothesis	6.152.9	6.155.0

Updates fastapi from 0.136.1 to 0.136.3

Release notes

Sourced from fastapi's releases.

0.136.3

Refactors

• ♻️ Do not accept underscore headers when using convert_underscores=True (the default). PR #15589 by @​tiangolo.

0.136.2

Refactors

• ♻️ Validate Server Sent Event fields to avoid applications from sending broken data. PR #15588 by @​tiangolo.

Docs

• 📝 Document --entrypoint CLI option. PR #15464 by @​YuriiMotov.
• 📝 Update and simplify docs about help and management. PR #15583 by @​tiangolo.
• 📝 Add docs references to central contributing docs. PR #15580 by @​tiangolo.
• 📝 Update security policy. PR #15577 by @​tiangolo.
• 🍱 Update sponsors: TalorData image. PR #15562 by @​tiangolo.
• 📝 Update docs, simplify usage of admonitions, only default ones. PR #15553 by @​tiangolo.
• 📝 Fix image URLs in index.md. PR #15534 by @​YuriiMotov.
• ✏️ Fix Azkaban spelling typo in virtual-environments.md‎. PR #15463 by @​isaacbernat.
• 💄 Improve layout and styling. PR #15462 by @​alejsdev.
• 💄 Refactor opinions section with interactive tabs and new logos. PR #15458 by @​alejsdev.
• 📝 Add FastAPI Conf '26 announcement to docs. PR #15457 by @​alejsdev.

Translations

• 🌐 Improve translation consistency in ‎docs/pt/docs/advanced/generate-clients.md‎. PR #15456 by @​Will-thom.
• 🌐 Update translations for ja (update-outdated). PR #15530 by @​tiangolo.
• 🌐 Update translations for uk (update-outdated). PR #15529 by @​tiangolo.
• 🌐 Update translations for pt (update-outdated). PR #15528 by @​tiangolo.
• 🌐 Update translations for de (update-outdated). PR #15527 by @​tiangolo.
• 🌐 Update translations for tr (update-outdated). PR #15526 by @​tiangolo.
• 🌐 Update translations for ko (update-outdated). PR #15525 by @​tiangolo.
• 🌐 Update translations for zh-hant (update-outdated). PR #15524 by @​tiangolo.
• 🌐 Update translations for fr (update-outdated). PR #15522 by @​tiangolo.
• 🌐 Update translations for es (update-outdated). PR #15523 by @​tiangolo.
• 🌐 Update translations for zh (update-outdated). PR #15520 by @​tiangolo.
• 🌐 Update translations for ru (update-outdated). PR #15521 by @​tiangolo.
• 🌐 Fix typos in Spanish LLM-prompt. PR #15472 by @​crr004.

Internal

• ✅ Update tests, don't double dispose the engine. PR #15587 by @​tiangolo.
• ⚡️ Speed up test suite via caching and fixture scopes to make it ~24% faster. PR #13583 by @​dikos1337.
• 🔥 Remove config files now in central GitHub repo. PR #15585 by @​tiangolo.
• ⬆ Bump urllib3 from 2.6.3 to 2.7.0. PR #15502 by @​dependabot[bot].
• ⬆ Bump idna from 3.11 to 3.15. PR #15565 by @​dependabot[bot].
• ⬆ Bump cloudflare/wrangler-action from 3.15.0 to 4.0.0. PR #15571 by @​dependabot[bot].
• 🔧 Migrate docs from MkDocs to Zensical. PR #15563 by @​tiangolo.
• 🔒️ Only allow team members to modify dependencies. PR #15548 by @​svlandeg.

... (truncated)

Commits

• 8206485 🔖 Release version 0.136.3
• c910e01 📝 Update release notes
• 063b5bf ♻️ Do not accept underscore headers when using convert_underscores=True (th...
• 22b02e2 🔖 Release version 0.136.2
• 3b252a2 📝 Update release notes
• c7fb785 ♻️ Validate Server Sent Event fields to avoid applications from sending broke...
• cb83b83 📝 Update release notes
• 00f805c ✅ Update tests, don't double dispose the engine (#15587)
• 3675137 📝 Update release notes
• 7b57e42 📝 Document --entrypoint CLI option (#15464)
• Additional commits viewable in compare view

Updates anthropic from 0.103.1 to 0.104.1

Release notes

Sourced from anthropic's releases.

v0.104.1

0.104.1 (2026-05-21)

Full Changelog: v0.104.0...v0.104.1

Bug Fixes

• streaming: carry encrypted_content through beta compaction accumulator (#1821) (f7a720c)

v0.104.0

0.104.0 (2026-05-21)

Full Changelog: v0.103.1...v0.104.0

Features

• api: Add support for thinking-token-count beta for estimated tokens in thinking block deltas when streaming (80d0fdf)

Changelog

Sourced from anthropic's changelog.

0.104.1 (2026-05-21)

Full Changelog: v0.104.0...v0.104.1

Bug Fixes

• streaming: carry encrypted_content through beta compaction accumulator (#1821) (f7a720c)

0.104.0 (2026-05-21)

Full Changelog: v0.103.1...v0.104.0

Features

• api: Add support for thinking-token-count beta for estimated tokens in thinking block deltas when streaming (80d0fdf)

Commits

• 5db69c6 release: 0.104.1
• 5fe4933 fix(streaming): carry encrypted_content through beta compaction accumulator (...
• aaaacb5 release: 0.104.0
• 4b05172 feat(api): Add support for thinking-token-count beta for estimated tokens in ...
• See full diff in compare view

Updates pytest-asyncio from 1.3.0 to 1.4.0

Release notes

Sourced from pytest-asyncio's releases.

pytest-asyncio v1.4.0

1.4.0 - 2026-05-26

Deprecated

• Overriding the event_loop_policy fixture is deprecated. Use the pytest_asyncio_loop_factories hook instead. (#1419)

Added

• Added the pytest_asyncio_loop_factories hook to parametrize asyncio tests with custom event loop factories.

  The hook returns a mapping of factory names to loop factories, and pytest.mark.asyncio(loop_factories=[...]) selects a subset of configured factories per test. When a single factory is configured, test names are unchanged.

  Synchronous @pytest_asyncio.fixture functions now see the correct event loop when custom loop factories are configured, even when test code disrupts the current event loop (e.g., via asyncio.run() or asyncio.set_event_loop(None)). (#1164)

Changed

• Improved the readability of the warning message that is displayed when asyncio_default_fixture_loop_scope is unset (#1298)
• Only import asyncio.AbstractEventLoopPolicy for type checking to avoid raising a DeprecationWarning. (#1394)
• Updated minimum supported pytest version to v8.4.0. (#1397)

Fixed

• Fixed a ResourceWarning: unclosed event loop warning that could occur when a synchronous test called asyncio.run() or otherwise unset the current event loop after pytest-asyncio had run an async test or fixture. (#724)

Notes for Downstream Packagers

• Added dependency on sphinx-tabs >= 3.5 to organize documentation examples into tabs. (#1395)

pytest-asyncio v1.4.0a2

1.4.0a2 - 2026-05-02

Deprecated

• Overriding the event_loop_policy fixture is deprecated. Use the pytest_asyncio_loop_factories hook instead. (#1419)

Added

• Added the pytest_asyncio_loop_factories hook to parametrize asyncio tests with custom event loop factories.

  The hook returns a mapping of factory names to loop factories, and pytest.mark.asyncio(loop_factories=[...]) selects a subset of configured factories per test. When a single factory is configured, test names are unchanged on pytest 8.4+.

  Synchronous @pytest_asyncio.fixture functions now see the correct event loop when custom loop factories are configured, even when test code disrupts the current event loop (e.g., via asyncio.run() or asyncio.set_event_loop(None)). (#1164)

Changed

• Improved the readability of the warning message that is displayed when asyncio_default_fixture_loop_scope is unset (#1298)
• Only import asyncio.AbstractEventLoopPolicy for type checking to avoid raising a DeprecationWarning. (#1394)

... (truncated)

Commits

• 6e14cd2 chore: Prepare release of v1.4.0.
• 4b900fb Build(deps): Bump codecov/codecov-action from 6.0.0 to 6.0.1
• ab9f632 Build(deps): Bump zipp from 3.23.1 to 4.1.0
• a56fc77 Build(deps): Bump hypothesis from 6.152.6 to 6.152.8
• e8bae9b Build(deps): Bump requests from 2.34.0 to 2.34.2
• fc43340 Build(deps): Bump idna from 3.14 to 3.15
• 762eaf5 Build(deps): Bump jaraco-functools from 4.4.0 to 4.5.0
• b62e222 Build(deps): Bump click from 8.3.3 to 8.4.0
• 9190447 Build(deps): Bump pydantic from 2.13.3 to 2.13.4
• 82a393c ci: Remove unnecessary debug output.
• Additional commits viewable in compare view

Updates diff-cover from 10.2.0 to 10.2.1

Release notes

Sourced from diff-cover's releases.

Version 10.2.1

What's Changed

• Fix --help hiding most CLI options in diff-cover/diff-quality by @​duxiaocheng in Bachmann1234/diff_cover#599

New Contributors

• @​duxiaocheng made their first contribution in Bachmann1234/diff_cover#599

Dependency bumps

• Bump tomli from 2.3.0 to 2.4.0 by @​dependabot[bot] in Bachmann1234/diff_cover#575
• Bump ruff from 0.14.10 to 0.14.14 by @​dependabot[bot] in Bachmann1234/diff_cover#576
• Bump isort from 6.1.0 to 7.0.0 by @​dependabot[bot] in Bachmann1234/diff_cover#577
• Update black to 26.1 by @​Bachmann1234 in Bachmann1234/diff_cover#579
• Bump actions/download-artifact from 7 to 8 by @​dependabot[bot] in Bachmann1234/diff_cover#582
• Bump actions/upload-artifact from 6 to 7 by @​dependabot[bot] in Bachmann1234/diff_cover#583
• Bump chardet from 5.2.0 to 6.0.0.post1 by @​dependabot[bot] in Bachmann1234/diff_cover#584
• Bump isort from 7.0.0 to 8.0.1 by @​dependabot[bot] in Bachmann1234/diff_cover#585
• Bump pylint from 4.0.4 to 4.0.5 by @​dependabot[bot] in Bachmann1234/diff_cover#586
• Bump ruff from 0.14.14 to 0.15.4 by @​dependabot[bot] in Bachmann1234/diff_cover#587
• Bump black from 26.1.0 to 26.3.1 by @​dependabot[bot] in Bachmann1234/diff_cover#589
• Bump pygments from 2.19.2 to 2.20.0 by @​dependabot[bot] in Bachmann1234/diff_cover#591
• Bump geekyeggo/delete-artifact from 5 to 6 by @​dependabot[bot] in Bachmann1234/diff_cover#592
• Bump ruff from 0.15.4 to 0.15.8 by @​dependabot[bot] in Bachmann1234/diff_cover#593
• Bump tomli from 2.4.0 to 2.4.1 by @​dependabot[bot] in Bachmann1234/diff_cover#594
• Bump pytest-cov from 7.0.0 to 7.1.0 by @​dependabot[bot] in Bachmann1234/diff_cover#596
• Bump ruff from 0.15.8 to 0.15.12 by @​dependabot[bot] in Bachmann1234/diff_cover#598

Full Changelog: Bachmann1234/diff_cover@v10.2.0...v10.2.1

Changelog

Sourced from diff-cover's changelog.

05/23/2026 v10.2.1

• Fix --help hiding most CLI options in diff-cover/diff-quality PR 599 Thanks @​duxiaocheng

01/08/2026 v10.2.0

• Fixes issue where diff quality could not be run from subfolders PR 574 Issue 573 Thanks @​eacherkan-via

12/30/2025 v10.1.0

• Add support for floating-point total percentage in reports PR 565 thanks @​tilaven

12/09/2025 v10.0.0

• Remove python 3.9 support
• Add python 3.14 support
• Normalize exlude/include in pyproject.toml to support string or list

11/10/2025 v9.7.2

• Fix file path issue on windows. Thanks @​amos-chen PR 553

09/25/2025 v9.7.1

• Revert the change to attempt to support ruff >=0.12.9 (@​YeeaahMan caught the error)

09/23/2025 v9.7.0

• Adds the work @​kingbuzzman did to support windows!
• Fixes a bug where deleted files were not benig handled properly (thanks @​CliveCorbishleyTAL )
• Adds a mypy driver for diff_quality (thanks @​YeeaaahMan)
• Fixes ruff >=0.12.9 support (thanks again @​YeeaaahMan)

Some internal items

• Fixing various pilint errors in the codebase (thanks again @​kingbuzzman)
• Moves flake8 config into pyproject (Thanks @​kingbuzzman)
• CI test performance improvements (thanks @​kingbuzzman)

07/16/2025 v9.6.0

• Fixes issue when sending markdown reports to stdout. Thanks @​kingbuzzman! PR 516
• Support for github annotations! Thanks @​timkrins PR 432

07/09/2025 v9.5.0

• Adds clang-format quality check (Thanks @​mg-cloud) PR 511

06/23/2025 v9.4.1

... (truncated)

Commits

• 7005558 Version 10.2.1
• eebdd2a Fix --help hiding most CLI options in diff-cover/diff-quality (#599)
• db02813 Bump ruff from 0.15.8 to 0.15.12 (#598)
• de0b751 Bump pytest-cov from 7.0.0 to 7.1.0 (#596)
• f149dd2 Bump tomli from 2.4.0 to 2.4.1 (#594)
• dc14e84 Bump ruff from 0.15.4 to 0.15.8 (#593)
• a017338 Bump geekyeggo/delete-artifact from 5 to 6 (#592)
• ee7c2ba Bump pygments from 2.19.2 to 2.20.0 (#591)
• cbd370b Bump black from 26.1.0 to 26.3.1 (#589)
• 98423ab Bump ruff from 0.14.14 to 0.15.4 (#587)
• Additional commits viewable in compare view

Updates ruff from 0.15.13 to 0.15.15

Release notes

Sourced from ruff's releases.

0.15.15

Release Notes

Released on 2026-05-28.

Preview features

• Fix Markdown closing fence handling (#25310)
• [pyflakes] Report duplicate imports in typing.TYPE_CHECKING block (F811) (#22560)

Bug fixes

• [pyflakes] Treat function-scope bare annotations as locals per PEP 526 (F821) (#21540)

Performance

• Avoid redundant TokenValue drops in the lexer (#25300)
• Reduce memory usage by dropping token-excess capacity and improve performance by approximating the initial tokens Vec size (#25354)
• Use ThinVec in AST to shrink Stmt (#25361)

Documentation

• Fix line-length example for --config option (#25389)
• [flake8-comprehensions] Document RecursionError edge case in __len__ (C416) (#25286)
• [mccabe] Improve example (C901) (#25287)
• [pyupgrade] Clarify fix safety docs (UP007, UP045) (#25288)
• [refurb] Document FURB192 exception change for empty sequences (#25317)
• [ruff] Document false negative for user-defined types (RUF013) (#25289)

Formatter

• Fix formatting of lambdas nested within f-strings (#25398)

Server

• Return code action for codeAction/resolve requests that contain no or no valid URL (#25365)

Other changes

• Expand semantic syntax errors for invalid walruses (#25415)

Contributors

• @​chirizxc
• @​ntBre
• @​adityasingh2400
• @​charliermarsh
• @​fallintoplace
• @​martin-schlossarek
• @​MichaReiser

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.15

Released on 2026-05-28.

Preview features

• Fix Markdown closing fence handling (#25310)
• [pyflakes] Report duplicate imports in typing.TYPE_CHECKING block (F811) (#22560)

Bug fixes

• [pyflakes] Treat function-scope bare annotations as locals per PEP 526 (F821) (#21540)

Performance

• Avoid redundant TokenValue drops in the lexer (#25300)
• Reduce memory usage by dropping token-excess capacity and improve performance by approximating the initial tokens Vec size (#25354)
• Use ThinVec in AST to shrink Stmt (#25361)

Documentation

• Fix line-length example for --config option (#25389)
• [flake8-comprehensions] Document RecursionError edge case in __len__ (C416) (#25286)
• [mccabe] Improve example (C901) (#25287)
• [pyupgrade] Clarify fix safety docs (UP007, UP045) (#25288)
• [refurb] Document FURB192 exception change for empty sequences (#25317)
• [ruff] Document false negative for user-defined types (RUF013) (#25289)

Formatter

• Fix formatting of lambdas nested within f-strings (#25398)

Server

• Return code action for codeAction/resolve requests that contain no or no valid URL (#25365)

Other changes

• Expand semantic syntax errors for invalid walruses (#25415)

Contributors

• @​chirizxc
• @​ntBre
• @​adityasingh2400
• @​charliermarsh
• @​fallintoplace
• @​martin-schlossarek
• @​MichaReiser
• @​Ruchir28

... (truncated)

Commits

• db5aa0a Bump 0.15.15 (#25431)
• 366fe21 [ty] Improve diagnostics for syntax errors in forward annotations (#25158)
• e2e1e64 [ty] Remove excess capacity from more Salsa cached collections (#25411)
• 1bd77e1 [ty] Use diagnostic message as tie breaker when sorting (#25424)
• 7e1bc1e Add agent skills for working on ty (#25422)
• 574e107 Expand semantic syntax errors for invalid walruses (#25415)
• 4a7ca06 [ty] Display docs for matching parameter when hovering over the name of an ar...
• 5432709 Refine a few agents instructions (#25423)
• 3cb09eb [ty] Support typing.TypeForm (#25334)
• c8cd59f [ty] Infer class attributes assigned by metaclass initialization (#25342)
• Additional commits viewable in compare view

Updates hypothesis from 6.152.9 to 6.155.0

Commits

• b19b02e Bump hypothesis version to 6.155.0 and update changelog
• 05a605b Merge pull request #4756 from Zac-HD/claude/hopeful-einstein-zhwDO
• 5690ba9 Bump hypothesis version to 6.154.2 and update changelog
• 7e91ba0 Merge pull request #4751 from Zac-HD/claude/amazing-brahmagupta-6XQsP
• dfb5456 Improve fixed_dictionaries type annotations
• 6cc9c3c Support numpy StringDType in from_dtype
• b534eab Bump hypothesis version to 6.154.1 and update changelog
• b46b502 Merge pull request #4754 from Zac-HD/claude/nice-goodall-HrUmp
• f3cbde1 Fix flaky recursion in recursive forward-reference resolution
• 52241a4 Bump hypothesis version to 6.154.0 and update changelog
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Coverage report

Click to see where and how coverage changed

File	Statements	Missing	Coverage	Coverage (new stmts)	Lines missing
apps/api/src/cora/access/aggregates/actor
events.py
apps/api/src/cora/access/features/get_actor
handler.py
apps/api/src/cora/access/projections
summary.py
apps/api/src/cora/agent
seed.py
seed_caution_drafter.py
apps/api/src/cora/agent/subscribers
caution_drafter.py
run_debriefer.py
apps/api/src/cora/calibration/aggregates/calibration
read.py
state.py
apps/api/src/cora/calibration/features/append_revision
decider.py
apps/api/src/cora/calibration/features/get_calibration
handler.py
apps/api/src/cora/decision
routes.py
apps/api/src/cora/equipment/aggregates/family
read.py
apps/api/src/cora/operation/aggregates/procedure
state.py
apps/api/src/cora/operation/features/start_procedure
decider.py
handler.py
apps/api/src/cora/recipe/aggregates/method
state.py
apps/api/src/cora/recipe/features/define_method
decider.py
apps/api/src/cora/run/aggregates/run
state.py
apps/api/src/cora/run/features/start_run
decider.py
handler.py
apps/api/src/cora/supply/aggregates/supply
events.py
state.py
apps/api/src/cora/trust
routes.py
tools.py
Project Total

The report is truncated to 25 files out of 76. To see the full report, please visit the workflow summary page.

This report was generated by python-coverage-comment-action