Bump the pip group with 4 updates

[dependabot]

Bumps the pip group with 4 updates: aiohttp, sentry-sdk, coverage and pytest-cov.

Updates aiohttp from 3.10.8 to 3.10.10

Release notes

Sourced from aiohttp's releases.

3.10.10

Bug fixes

• Fixed error messages from :py:class:~aiohttp.resolver.AsyncResolver being swallowed -- by :user:bdraco.

  Related issues and pull requests on GitHub: #9451, #9455.

Features

• Added :exc:aiohttp.ClientConnectorDNSError for differentiating DNS resolution errors from other connector errors -- by :user:mstojcevich.

  Related issues and pull requests on GitHub: #8455.

Miscellaneous internal changes

• Simplified DNS resolution throttling code to reduce chance of race conditions -- by :user:bdraco.

  Related issues and pull requests on GitHub: #9454.

---

3.10.9

Bug fixes

• Fixed proxy headers being used in the ConnectionKey hash when a proxy was not being used -- by :user:bdraco.

  If default headers are used, they are also used for proxy headers. This could have led to creating connections that were not needed when one was already available.

  Related issues and pull requests on GitHub: #9368.

... (truncated)

Changelog

Sourced from aiohttp's changelog.

3.10.10 (2024-10-10)

Bug fixes

• Fixed error messages from :py:class:~aiohttp.resolver.AsyncResolver being swallowed -- by :user:bdraco.

  Related issues and pull requests on GitHub: :issue:9451, :issue:9455.

Features

• Added :exc:aiohttp.ClientConnectorDNSError for differentiating DNS resolution errors from other connector errors -- by :user:mstojcevich.

  Related issues and pull requests on GitHub: :issue:8455.

Miscellaneous internal changes

• Simplified DNS resolution throttling code to reduce chance of race conditions -- by :user:bdraco.

  Related issues and pull requests on GitHub: :issue:9454.

---

3.10.9 (2024-10-04)

Bug fixes

• Fixed proxy headers being used in the ConnectionKey hash when a proxy was not being used -- by :user:bdraco.

... (truncated)

Commits

• 47475c5 Release 3.10.10 (#9462)
• 8b424c8 [PR #8456/b09d7cc backport][3.10] Add ClientConnectorDNSError for differentia...
• cdf3dca [PR #9454/b20908e backport][3.10] Simplify DNS throttle implementation (#9457)
• ee87a04 [PR #9455/dfaafac0 backport][3.10] Fix AsyncResolver query fallback swallowin...
• ba9b33e [PR #9451/216e082 backport][3.10] Fix AsyncResolver swallowing the error mess...
• bc9e5d6 [PR #9448/93e87c2e backport][3.10] Improve performance of fetching the conten...
• 3ea557a Increment version to 3.10.10.dev0
• b779432 Release 3.10.9 (#9415)
• 08ada3e [PR #9405/b96b01b backport][3.10] Only create the connection closed exception...
• 978ed74 [PR #9406/24b0e6f backport][3.10] Add slots to timer helpers (#9411)
• Additional commits viewable in compare view

Updates sentry-sdk from 2.14.0 to 2.17.0

Release notes

Sourced from sentry-sdk's releases.

2.17.0

Various fixes & improvements

• Add support for async calls in Anthropic and OpenAI integration (#3497) by @​vetyy
• Allow custom transaction names in ASGI (#3664) by @​sl0thentr0py
• Langchain: Handle case when parent span wasn't traced (#3656) by @​rbasoalto
• Fix Anthropic integration when using tool calls (#3615) by @​kwnath
• More defensive Django Spotlight middleware injection (#3665) by @​BYK
• Remove ensure_integration_enabled_async (#3632) by @​sentrivana
• Test with newer Falcon version (#3644, #3653, #3662) by @​sentrivana
• Fix mypy (#3657) by @​sentrivana
• Fix flaky transport test (#3666) by @​sentrivana
• Remove pin on sphinx (#3650) by @​sentrivana
• Bump actions/checkout from 4.2.0 to 4.2.1 (#3651) by @​dependabot

2.16.0

Integrations

• Bottle: Add failed_request_status_codes (#3618) by @​szokeasaurusrex

  You can now define a set of integers that will determine which status codes should be reported to Sentry.

  sentry_sdk.init(
      integrations=[
          BottleIntegration(
              failed_request_status_codes={403, *range(500, 600)},
          )
      ]
  )

  Examples of valid failed_request_status_codes:

  • {500} will only send events on HTTP 500.
  • {400, *range(500, 600)} will send events on HTTP 400 as well as the 5xx range.
  • {500, 503} will send events on HTTP 500 and 503.
  • set() (the empty set) will not send events for any HTTP status code.

  The default is {*range(500, 600)}, meaning that all 5xx status codes are reported to Sentry.

• Bottle: Delete never-reached code (#3605) by @​szokeasaurusrex

• Redis: Remove flaky test (#3626) by @​sentrivana

• Django: Improve getting psycopg3 connection info (#3580) by @​nijel

• Django: Add SpotlightMiddleware when Spotlight is enabled (#3600) by @​BYK

• Django: Open relevant error when SpotlightMiddleware is on (#3614) by @​BYK

• Django: Support http_methods_to_capture in ASGI Django (#3607) by @​sentrivana

  ASGI Django now also supports the http_methods_to_capture integration option. This is a configurable tuple of HTTP method verbs that should create a transaction in Sentry. The default is ("CONNECT", "DELETE", "GET", "PATCH", "POST", "PUT", "TRACE",). OPTIONS and HEAD are not included by default.

... (truncated)

Changelog

Sourced from sentry-sdk's changelog.

2.17.0

Various fixes & improvements

• Add support for async calls in Anthropic and OpenAI integration (#3497) by @​vetyy
• Allow custom transaction names in ASGI (#3664) by @​sl0thentr0py
• Langchain: Handle case when parent span wasn't traced (#3656) by @​rbasoalto
• Fix Anthropic integration when using tool calls (#3615) by @​kwnath
• More defensive Django Spotlight middleware injection (#3665) by @​BYK
• Remove ensure_integration_enabled_async (#3632) by @​sentrivana
• Test with newer Falcon version (#3644, #3653, #3662) by @​sentrivana
• Fix mypy (#3657) by @​sentrivana
• Fix flaky transport test (#3666) by @​sentrivana
• Remove pin on sphinx (#3650) by @​sentrivana
• Bump actions/checkout from 4.2.0 to 4.2.1 (#3651) by @​dependabot

2.16.0

Integrations

• Bottle: Add failed_request_status_codes (#3618) by @​szokeasaurusrex

  You can now define a set of integers that will determine which status codes should be reported to Sentry.

  sentry_sdk.init(
      integrations=[
          BottleIntegration(
              failed_request_status_codes={403, *range(500, 600)},
          )
      ]
  )

  Examples of valid failed_request_status_codes:

  • {500} will only send events on HTTP 500.
  • {400, *range(500, 600)} will send events on HTTP 400 as well as the 5xx range.
  • {500, 503} will send events on HTTP 500 and 503.
  • set() (the empty set) will not send events for any HTTP status code.

  The default is {*range(500, 600)}, meaning that all 5xx status codes are reported to Sentry.

• Bottle: Delete never-reached code (#3605) by @​szokeasaurusrex

• Redis: Remove flaky test (#3626) by @​sentrivana

• Django: Improve getting psycopg3 connection info (#3580) by @​nijel

• Django: Add SpotlightMiddleware when Spotlight is enabled (#3600) by @​BYK

• Django: Open relevant error when SpotlightMiddleware is on (#3614) by @​BYK

• Django: Support http_methods_to_capture in ASGI Django (#3607) by @​sentrivana

... (truncated)

Commits

• e44c9ee Update CHANGELOG.md
• ee30db3 release: 2.17.0
• 365d9cf Fix flaky transport test (#3666)
• 9ae5820 Add support for async calls in Anthropic and OpenAI integration (#3497)
• 891afee fix(spotlight): More defensive Django spotlight middleware injection (#3665)
• f493057 Allow custom transaction names in asgi (#3664)
• e463034 tests: Falcon RC1 (#3662)
• deca5f2 build(deps): Remove pin on sphinx (#3650)
• 302457d build(deps): bump actions/checkout from 4.2.0 to 4.2.1 (#3651)
• 846b8b2 fix(langchain): handle case when parent span wasn't traced (#3656)
• Additional commits viewable in compare view

Updates coverage from 7.6.1 to 7.6.4

Changelog

Sourced from coverage's changelog.

Version 7.6.4 — 2024-10-20

• fix: multi-line with statements could cause contained branches to be incorrectly marked as missing (issue 1880_). This is now fixed.

.. _issue 1880: nedbat/coveragepy#1880

.. _changes_7-6-3:

Version 7.6.3 — 2024-10-13

• Fix: nested context managers could incorrectly be analyzed to flag a missing branch on the last context manager, as described in issue 1876_. This is now fixed.

• Fix: the missing branch message about not exiting a module had an extra "didn't," as described in issue 1873_. This is now fixed.

.. _issue 1873: nedbat/coveragepy#1873 .. _issue 1876: nedbat/coveragepy#1876

.. _changes_7-6-2:

Version 7.6.2 — 2024-10-09

• Dropped support for Python 3.8 and PyPy 3.8.

• Fix: a final wildcard match/case clause assigning to a name (case _ as value) was incorrectly marked as a missing branch. This is now fixed, closing issue 1860_.

• Fewer things are considered branches now. Lambdas, comprehensions, and generator expressions are no longer marked as missing branches if they don't complete execution. Closes issue 1852_.

• Fix: the HTML report didn't properly show multi-line f-strings that end with a backslash continuation. This is now fixed, closing issue 1836, thanks to LiuYinCarl and Marco Ricci <pull 1838_>.

• Fix: the LCOV report now has correct line numbers (fixing issue 1846) and better branch descriptions for BRDA records (fixing issue 1850). There are other changes to lcov also, including a new configuration option :ref:line_checksums <config_lcov_line_checksums> to control whether line checksums are included in the lcov report. The default is false. To keep checksums set it to true. All this work is thanks to Zack Weinberg

... (truncated)

Commits

• f24f76b docs: sample HTML for 7.6.4
• 96e10f7 docs: prep for 7.6.4
• b8c236a fix: multi-line with-statements exit correctly. #1880
• 64b7a45 docs: another discord reference
• 68d7427 docs: Python Discord
• 43adcea build: include 3.14 in the usual Pythons
• fb2b49f build: github_releases can update older releases, and pauses to get the sorti...
• ca550ca 3.0b2 wasn't correctly titled
• debcc77 build: bump version
• 342a4cb docs: sample HTML for 7.6.3
• Additional commits viewable in compare view

Updates pytest-cov from 5.0.0 to 6.0.0

Changelog

Sourced from pytest-cov's changelog.

6.0.0 (2024-10-29)

• Updated various documentation inaccuracies, especially on subprocess handling.
• Changed fail under checks to use the precision set in the coverage configuration. Now it will perform the check just like coverage report would.
• Added a --cov-precision cli option that can override the value set in your coverage configuration.
• Dropped support for now EOL Python 3.8.

Commits

• 9540437 Bump version: 5.0.0 → 6.0.0
• 9f81754 Further trim down envs and drop Python 3.8.
• b12b5ec Update conf.
• 23f4b27 Update changelog.
• 291a04f Bump test deps and trim config.
• 08f1101 Add --cov-precision option. Close #655.
• 76fe2a7 Move the warnings/errors in a place that doesn't import anything.
• a9ea7b7 Implement error/warning for the bad dynamic_context being set in config.
• c299e01 Add explicit suffixing to make it easier to see the identify the sources/usag...
• c87e546 Add reproducer for weird xdist dynamic_context interaction. Ref #604.
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[ezio-melotti]

Tests are failing because of pytest-cov 5.0.0 -> 6.0.0.
#406 fixes the failure on all Pythons >= 3.9, but pytest-cov 6.0.0 also dropped support for Python 3.8 causing the 3.8 tests to fail even on #406.

We have two options:

1. drop Python 3.8 support for blurb_it too, merge Fix pytest-cov warning after upgrading to 6.0.0 #406, and then merge this PR to upgrade pytest-cov to 6.0.0 (and the other deps too)
2. merge this PR without the update to 6.0.0 and keep support for Python 3.8.

I'd suggest going with option 1, unless there are reasons to keep supporting Python 3.8.

[hugovk]

Agreed, let's drop 3.8: #407

[AA-Turner]

@dependabot rebase