chore(deps): bump the production-dependencies group across 1 directory with 10 updates

[dependabot]

Updates the requirements on pydantic, rich, python-dotenv, certifi, packaging, boto3-stubs[cloudformation,cloudwatch,codebuild,iam,logs,s3,secretsmanager,ssm,sts], boto3, botocore, click and ruamel-yaml to permit the latest version.
Updates pydantic to 2.12.5

Release notes

Sourced from pydantic's releases.

v2.12.5 2025-11-26

v2.12.5 (2025-11-26)

This is the fifth 2.12 patch release, addressing an issue with the MISSING sentinel and providing several documentation improvements.

The next 2.13 minor release will be published in a couple weeks, and will include a new polymorphic serialization feature addressing the remaining unexpected changes to the serialize as any behavior.

• Fix pickle error when using model_construct() on a model with MISSING as a default value by @​ornariece in #12522.
• Several updates to the documentation by @​Viicos.

Full Changelog: pydantic/pydantic@v2.12.4...v2.12.5

Changelog

Sourced from pydantic's changelog.

v2.12.5 (2025-11-26)

GitHub release

This is the fifth 2.12 patch release, addressing an issue with the MISSING sentinel and providing several documentation improvements.

The next 2.13 minor release will be published in a couple weeks, and will include a new polymorphic serialization feature addressing the remaining unexpected changes to the serialize as any behavior.

• Fix pickle error when using model_construct() on a model with MISSING as a default value by @​ornariece in #12522.
• Several updates to the documentation by @​Viicos.

v2.12.4 (2025-11-05)

GitHub release

This is the fourth 2.12 patch release, fixing more regressions, and reverting a change in the build() method of the AnyUrl and Dsn types.

This patch release also fixes an issue with the serialization of IP address types, when serialize_as_any is used. The next patch release will try to address the remaining issues with serialize as any behavior by introducing a new polymorphic serialization feature, that should be used in most cases in place of serialize as any.

• Fix issue with forward references in parent TypedDict classes by @​Viicos in #12427.

  This issue is only relevant on Python 3.14 and greater.

• Exclude fields with exclude_if from JSON Schema required fields by @​Viicos in #12430

• Revert URL percent-encoding of credentials in the build() method of the AnyUrl and Dsn types by @​davidhewitt in pydantic-core#1833.

  This was initially considered as a bugfix, but caused regressions and as such was fully reverted. The next release will include an opt-in option to percent-encode components of the URL.

• Add type inference for IP address types by @​davidhewitt in pydantic-core#1868.

  The 2.12 changes to the serialize_as_any behavior made it so that IP address types could not properly serialize to JSON.

• Avoid getting default values from defaultdict by @​davidhewitt in pydantic-core#1853.

  This fixes a subtle regression in the validation behavior of the collections.defaultdict type.

• Fix issue with field serializers on nested typed dictionaries by @​davidhewitt in pydantic-core#1879.

• Add more pydantic-core builds for the three-threaded version of Python 3.14 by @​davidhewitt in pydantic-core#1864.

v2.12.3 (2025-10-17)

GitHub release

... (truncated)

Commits

• bd2d0dd Prepare release v2.12.5
• 7d0302e Document security implications when using create_model()
• e9ef980 Fix typo in Standard Library Types documentation
• f2c20c0 Add pydantic-docs dev dependency, make use of versioning blocks
• a76c1aa Update documentation about JSON Schema
• 8cbc72c Add documentation about custom __init__()
• 99eba59 Add additional test for FieldInfo.get_default()
• c710769 Special case MISSING sentinel in smart_deepcopy()
• 20a9d77 Do not delete mock validator/serializer in rebuild_dataclass()
• c86515a Update parts of the model and revalidate_instances documentation
• Additional commits viewable in compare view

Updates rich to 14.2.0

Release notes

Sourced from rich's releases.

The Easy as Pi release

This release bumps Python compatibility to the just-released Python 3.14.

[14.2.0] - 2025-10-09

Changed

• Python3.14 compatibility Textualize/rich#3861

Changelog

Sourced from rich's changelog.

[14.2.0] - 2025-10-09

Changed

• Python3.14 compatibility Textualize/rich#3861

[14.1.0] - 2025-06-25

Changed

• Removed typing_extensions from runtime dependencies Textualize/rich#3763
• Live objects (including Progress) may now be nested Textualize/rich#3768
• Added padding property to Syntax which returns a tuple of four integers Textualize/rich#3782

Fixed

• Fixed extraction of recursive exceptions Textualize/rich#3772
• Fixed padding applied to Syntax Textualize/rich#3782
• Fixed Panel title missing the panel background style Textualize/rich#3569

Added

• Added TTY_INTERACTIVE environment variable to force interactive mode off or on Textualize/rich#3777

[14.0.0] - 2025-03-30

Added

• Added env var TTY_COMPATIBLE to override auto-detection of TTY support (See console.rst for details). Textualize/rich#3675

Changed

• An empty NO_COLOR env var is now considered disabled. Textualize/rich#3675
• An empty FORCE_COLOR env var is now considered disabled. Textualize/rich#3675
• Rich tracebacks will now render notes on Python 3.11 onwards (added with Exception.add_note) Textualize/rich#3676
• Indentation in exceptions won't be underlined Textualize/rich#3678
• Rich tracebacks will now render Exception Groups Textualize/rich#3677

[13.9.4] - 2024-11-01

Changed

• Optimizations to cell_len which may speed up Rich / Textual output Textualize/rich#3546

[13.9.3] - 2024-10-22

Fixed

• Fixed broken regex that may have resulted in poor performance. Textualize/rich#3535

... (truncated)

Commits

• 494f83c changelog
• d476e85 Merge pull request #3862 from GeroZayas/docs/es-readme-sync-2025-10
• 518daaa docs(es): sync README.es.md (macOS, 16 colors, Python 3.8+)
• cd5074f Merge pull request #3861 from Textualize/python314
• 041406c removed asv
• 655b521 test fixes
• 27c2d2d bump for Python3.14
• ea9d4db Update feature_request.md
• 2dca1b7 Merge pull request #3808 from Textualize/bump1410
• 19b6ddd version bump
• Additional commits viewable in compare view

Updates python-dotenv to 1.2.1

Release notes

Sourced from python-dotenv's releases.

v1.2.1

What's Changed

• Support reading .env from FIFOs (Unix) by @​sidharth-sudhir in theskumar/python-dotenv#586
• Update CI to use trusted publishing on PyPI

New Contributors

• @​sidharth-sudhir made their first contribution in theskumar/python-dotenv#586

Full Changelog: theskumar/python-dotenv@v1.2.0...v1.2.1

Changelog

Sourced from python-dotenv's changelog.

[1.2.1] - 2025-10-26

• Move more config to pyproject.toml, removed setup.cfg
• Add support for reading .env from FIFOs (Unix) by [@​sidharth-sudhir] in #586

[1.2.0] - 2025-10-26

• Upgrade build system to use PEP 517 & PEP 518 to use build and pyproject.toml by [@​EpicWink] in #583
• Add support for Python 3.14 by [@​23f3001135] in #579
• Add support for disabling of load_dotenv() using PYTHON_DOTENV_DISABLED env var. by [@​matthewfranglen] in #569

[1.1.1] - 2025-06-24

Fixed

• CLI: Ensure find_dotenv work reliably on python 3.13 by [@​theskumar] in #563
• CLI: revert the use of execvpe on Windows by [@​wrongontheinternet] in #566

[1.1.0] - 2025-03-25

Feature

• Add support for python 3.13
• Enhance dotenv run, switch to execvpe for better resource management and signal handling (#523) by [@​eekstunt]

Fixed

• find_dotenv and load_dotenv now correctly looks up at the current directory when running in debugger or pdb (#553 by [@​randomseed42])

Misc

• Drop support for Python 3.8

[1.0.1] - 2024-01-23

Fixed

• Gracefully handle code which has been imported from a zipfile (#456 by [@​samwyma])
• Allow modules using load_dotenv to be reloaded when launched in a separate thread (#497 by [@​freddyaboulton])
• Fix file not closed after deletion, handle error in the rewrite function (#469 by [@​Qwerty-133])

Misc

• Use pathlib.Path in tests (#466 by [@​eumiro])
• Fix year in release date in changelog.md (#454 by [@​jankislinger])
• Use https in README links (#474 by [@​Nicals])

[1.0.0] - 2023-02-24

Fixed

... (truncated)

Commits

• eaf2a91 Do not remove .coverage file
• 8716196 Bump version: 1.2.0 → 1.2.1
• b87807f Update changelog
• 3af77d3 Support reading .env from FIFOs (Unix) (#586)
• 467ee22 Fix test failures after moving config to pyproject.toml
• 76999e7 Move more config pyproject.toml
• 222ce2c Update to use trusted publisher on pypi
• 8ed4f79 Update docs requirements
• 5bf8822 Bump version: 1.1.1 → 1.2.0
• 1fe11cc upadate changelog
• Additional commits viewable in compare view

Updates certifi to 2026.1.4

Commits

• c64d9f3 2026.01.04 (#389)
• 4ac232f Bump actions/download-artifact from 6.0.0 to 7.0.0 (#387)
• 95ae4b2 Update CI workflow to use Ubuntu 24.04 and Python 3.14 stable (#386)
• b72a7b1 Bump dessant/lock-threads from 5.0.1 to 6.0.0 (#385)
• ecc2672 Bump actions/upload-artifact from 5.0.0 to 6.0.0 (#384)
• 6a897db Bump peter-evans/create-pull-request from 7.0.11 to 8.0.0 (#383)
• 27ca98a Bump peter-evans/create-pull-request from 7.0.9 to 7.0.11 (#381)
• 56c59a6 Bump actions/checkout from 6.0.0 to 6.0.1 (#382)
• ae0021c Bump actions/setup-python from 6.0.0 to 6.1.0 (#380)
• ddf5d0b Bump actions/checkout from 5.0.1 to 6.0.0 (#378)
• Additional commits viewable in compare view

Updates packaging to 25.0

Release notes

Sourced from packaging's releases.

25.0

What's Changed

• Re-add a test for Unicode file name parsing by @​Siddhesh-Agarwal in pypa/packaging#863
• Upgrade to ruff 0.9.1 by @​DimitriPapadopoulos in pypa/packaging#865
• Add support for PEP 738 Android tags by @​mhsmith in pypa/packaging#880
• feat(markers): support 'extras' and 'dependency_groups' markers by @​frostming in pypa/packaging#888

New Contributors

• @​Siddhesh-Agarwal made their first contribution in pypa/packaging#863
• @​mhsmith made their first contribution in pypa/packaging#880
• @​frostming made their first contribution in pypa/packaging#888

Full Changelog: pypa/packaging@24.2...25.0

Changelog

Sourced from packaging's changelog.

25.0 - 2025-04-19

* PEP 751: Add support for ``extras`` and ``dependency_groups`` markers. (:issue:`885`)
* PEP 738: Add support for Android platform tags. (:issue:`880`)
24.2 - 2024-11-08

• PEP 639: Implement License-Expression and License-File (:issue:828)
• Use !r formatter for error messages with filenames (:issue:844)
• Add support for PEP 730 iOS tags (:issue:832)
• Fix prerelease detection for > and < (:issue:794)
• Fix uninformative error message (:issue:830)
• Refactor canonicalize_version (:issue:793)
• Patch python_full_version unconditionally (:issue:825)
• Fix doc for canonicalize_version to mention strip_trailing_zero and a typo in a docstring (:issue:801)
• Fix typo in Version __str__ (:issue:817)
• Support creating a SpecifierSet from an iterable of Specifier objects (:issue:775)

24.1 - 2024-06-10

* Document ``markers.default_environment()`` (:issue:`753`).
* Add support for Python 3.13 (:issue:`783`).
* Modernise type annotations (:issue:`785`).
* Work around ``platform.python_version()`` returning non PEP 440 compliant version
  for non-tagged CPython builds (:issue:`802`).
24.0 - 2024-03-10

• Do specifier matching correctly when the specifier contains an epoch number and has more components than the version (:issue:683)
• Support the experimental --disable-gil builds in packaging.tags (:issue:727)
• BREAKING: Make optional metadata.Metadata attributes default to None (:issue:733)
• Fix errors when trying to access the description_content_type, keywords, and requires_python attributes on metadata.Metadata when those values have not been provided (:issue:733)
• Fix a bug preventing the use of the built in ExceptionGroup on versions of Python that support it (:issue:725)

23.2 - 2023-10-01

* Document calendar-based versioning scheme (:issue:`716`)
* Enforce that the entire marker string is parsed (:issue:`687`)
* Requirement parsing no longer automatically validates the URL (:issue:`120`)
* Canonicalize names for requirements comparison (:issue:`644`)
</tr></table> 

... (truncated)

Commits

• f585376 Bump for release
• 600ecea Add changelog entries
• 3910129 support 'extras' and 'dependency_groups' markers (#888)
• 8e49b43 Add support for PEP 738 Android tags (#880)
• e624d8e Bump the github-actions group with 3 updates (#886)
• 71f38d8 Bump the github-actions group with 2 updates (#878)
• 9b4922d Bump the github-actions group with 3 updates (#870)
• 8510bd9 Upgrade to ruff 0.9.1 (#865)
• 9375ec2 Re-add tests for Unicode file name parsing (#863)
• 2256ed4 Bump the github-actions group across 1 directory with 2 updates (#864)
• Additional commits viewable in compare view

Updates boto3-stubs[cloudformation,cloudwatch,codebuild,iam,logs,s3,secretsmanager,ssm,sts] to 1.42.30

Commits

• See full diff in compare view

Updates boto3 to 1.42.30

Commits

• b53ccba Merge branch 'release-1.42.30'
• c9f5d90 Bumping version to 1.42.30
• 9cf4452 Add changelog entries from botocore
• 9b45d7e Merge branch 'release-1.42.29'
• b0356c7 Merge branch 'release-1.42.29' into develop
• 159ed6d Bumping version to 1.42.29
• ed728b9 Add changelog entries from botocore
• d7af36d Merge branch 'release-1.42.28'
• c700a35 Merge branch 'release-1.42.28' into develop
• a6c52b0 Bumping version to 1.42.28
• Additional commits viewable in compare view

Updates botocore to 1.42.30

Commits

• 279b5b6 Merge branch 'release-1.42.30'
• 7bbae51 Bumping version to 1.42.30
• de3ddae Update endpoints model
• 9758241 Update to latest models
• b64df2f Merge branch 'release-1.42.29'
• caf5740 Merge branch 'release-1.42.29' into develop
• 9a482a9 Bumping version to 1.42.29
• e3ae208 Update partitions file
• ae5ada9 Update endpoints model
• 8bed478 Update to latest models
• Additional commits viewable in compare view

Updates click from 8.1.8 to 8.3.1

Release notes

Sourced from click's releases.

8.3.1

This is the Click 8.3.1 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/click/8.3.1/ Changes: https://click.palletsprojects.com/page/changes/#version-8-3-1 Milestone: https://github.com/pallets/click/milestone/28

• Don't discard pager arguments by correctly using subprocess.Popen. #3039 #3055
• Replace Sentinel.UNSET default values by None as they're passed through the Context.invoke() method. #3066 #3065 #3068
• Fix conversion of Sentinel.UNSET happening too early, which caused incorrect behavior for multiple parameters using the same name. #3071 #3079
• Fix rendering when prompt and confirm parameter prompt_suffix is empty. #3019 #3021
• When Sentinel.UNSET is found during parsing, it will skip calls to type_cast_value. #3069 #3090
• Hide Sentinel.UNSET values as None when looking up for other parameters through the context inside parameter callbacks. #3136 #3137

8.3.0

This is the Click 8.3.0 feature release. A feature release may include new features, remove previously deprecated code, add new deprecation, or introduce potentially breaking changes.

We encourage everyone to upgrade. You can read more about our Version Support Policy on our website.

PyPI: https://pypi.org/project/click/8.3.0/ Changes: https://click.palletsprojects.com/page/changes/#version-8-3-0 Milestone https://github.com/pallets/click/milestone/27

• Improved flag option handling: Reworked the relationship between flag_value and default parameters for better consistency:

  • The default parameter value is now preserved as-is and passed directly to CLI functions (no more unexpected transformations)
  • Exception: flag options with default=True maintain backward compatibility by defaulting to their flag_value
  • The default parameter can now be any type (bool, None, etc.)
  • Fixes inconsistencies reported in: #1992 #2514 #2610 #3024 #3030

• Allow default to be set on Argument for nargs = -1. #2164 #3030

• Show correct auto complete value for nargs option in combination with flag option #2813

• Show correct auto complete value for nargs option in combination with flag option #2813

• Fix handling of quoted and escaped parameters in Fish autocompletion. #2995 #3013

• Lazily import shutil. #3023

• Properly forward exception information to resources registered with click.core.Context.with_resource(). #2447 #3058

• Fix regression related to EOF handling in CliRunner. #2939 #2940

8.2.2

This is the Click 8.2.2 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/click/8.2.2/

... (truncated)

Changelog

Sourced from click's changelog.

Version 8.3.1

Released 2025-11-15

• Don't discard pager arguments by correctly using subprocess.Popen. :issue:3039 :pr:3055
• Replace Sentinel.UNSET default values by None as they're passed through the Context.invoke() method. :issue:3066 :issue:3065 :pr:3068
• Fix conversion of Sentinel.UNSET happening too early, which caused incorrect behavior for multiple parameters using the same name. :issue:3071 :pr:3079
• Hide Sentinel.UNSET values as None when looking up for other parameters through the context inside parameter callbacks. :issue:3136 :pr:3137
• Fix rendering when prompt and confirm parameter prompt_suffix is empty. :issue:3019 :pr:3021
• When Sentinel.UNSET is found during parsing, it will skip calls to type_cast_value. :issue:3069 :pr:3090

Version 8.3.0

Released 2025-09-17

• Improved flag option handling: Reworked the relationship between flag_value and default parameters for better consistency:

  • The default parameter value is now preserved as-is and passed directly to CLI functions (no more unexpected transformations)
  • Exception: flag options with default=True maintain backward compatibility by defaulting to their flag_value
  • The default parameter can now be any type (bool, None, etc.)
  • Fixes inconsistencies reported in: :issue:1992 :issue:2514 :issue:2610 :issue:3024 :pr:3030

• Allow default to be set on Argument for nargs = -1. :issue:2164 :pr:3030

• Show correct auto complete value for nargs option in combination with flag option :issue:2813

• Fix handling of quoted and escaped parameters in Fish autocompletion. :issue:2995 :pr:3013

• Lazily import shutil. :pr:3023

• Properly forward exception information to resources registered with click.core.Context.with_resource(). :issue:2447 :pr:3058

• Fix regression related to EOF handling in CliRunner. :issue:2939 :pr:2940

Version 8.2.2

Released 2025-07-31

• Fix reconciliation of default, flag_value and type parameters for flag options, as well as parsing and normalization of environment variables.

... (truncated)

Commits

• 1d038f2 release version 8.3.1
• 03f3889 Fix Ruff UP038 warning (#3141)
• 3867781 Fix Ruff UP038 warning
• b91bb95 Provide altered context to callbacks to hide UNSET values as None (#3137)
• 437e1e3 Temporarily provide a fake context to the callback to hide UNSET values as ...
• ea70da4 Don't test using a file in docs/ (#3102)
• e27b307 Make uv run --all-extras pyright --verifytypes click pass (#3072)
• a92c573 Fix test_edit to work with BSD sed (#3129)
• bd131e1 Fix test_edit to work with BSD sed
• 0b5c6b7 Add Best practices section (#3127)
• Additional commits viewable in compare view

Updates ruamel-yaml from 0.18.14 to 0.19.1

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.